この設定が可能なCisco機器構成
1)ルータが100Mイーサインタフェースを持つこと(Cisco2620以上)
2)ルータのIOSが”IP PLUS”のフィーチャセットを含む
3)スイッチはdot1q(ないしISL)トランクポート設定可能なもの。
以上の条件1・2を有するルータ1台(Router)と条件3を有するL2スイッチ1台(Switch)の構成での設定例(操作ログ)を以下に示す。
Press RETURN to get started.
Switch>
Switch>enable
Switch#
■現在の設定状況の確認
Switch#show run
Building configuration...
Current configuration : 651 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
!
ip subnet-zero
no ip finger
!
!
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface Vlan1
no ip address
no ip route-cache
shutdown
!
ip http server
!
line con 0
transport input none
line vty 5 15
!
end
Switch#
■VLANの作成(VLAN10:TESTVLAN1 VLAN11:TESTVLAN11)
Switch#show vlan
VLAN Name Status Ports
---- -------------------------------- ---------
-------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11,
Fa0/12
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1
Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------
------
1 enet 100001 1500 - - - - - 1002
1003
1002 fddi 101002 1500 - - - - - 1
1003
1003 tr 101003 1500 1005 0 - - srb 1
1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
1005 trnet 101005 1500 - - 1 ibm - 0 0
Switch#
Switch#vlan ?
database Configure VLAN database
Switch#vlan database
Switch(vlan)#
Switch(vlan)#vlan 10 name TESTVLAN1
VLAN 10 added:
Name: TESTVLAN1
Switch(vlan)#vlan 11 name TESTVLAN2
VLAN 11 added:
Name: TESTVLAN2
Switch(vlan)#apply ・・・exitすれば同じ事
APPLY completed.
Switch(vlan)#
Switch(vlan)#exit
APPLY completed.
Exiting....
Switch#
Switch#show vlan
VLAN Name Status Ports
---- -------------------------------- ---------
-------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11,
Fa0/12
10 TESTVLAN1 active
11 TESTVLAN2 active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1
Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------
------
1 enet 100001 1500 - - - - - 1002
1003
10 enet 100010 1500 - - - - - 0 0
11 enet 100011 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 1
1003
1003 tr 101003 1500 1005 0 - - srb 1
1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
1005 trnet 101005 1500 - - 1 ibm - 0 0
Switch#
■各VLANにIPアドレスを割り当てる。(VLAN1=192.168.1.2/VLAN2=192.168.2.2/VLAN3=192.168.3.2)
Switch#config term
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#interface vlan 1
Switch(config-if)#ip address 192.168.1.2 255.255.255.0
Switch(config-if)#no shutdown
Switch(config-if)#
Switch(config-if)#
3d02h: %LINK-3-UPDOWN: Interface Vlan1, changed state to up
3d02h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to
up
Switch(config-if)#interface vlan 10
Switch(config-if)#ip address 192.168.2.2 255.255.255.0
Switch(config-if)#
Switch(config-if)#interface vlan 11
Switch(config-if)#ip address 192.168.3.2 255.255.255.0
Switch(config-if)#
Switch(config-if)#end
Switch#
3d02h: %SYS-5-CONFIG_I: Configured from console by console
■VLANメンバシップ設定(SWポートのVLANへの割り当て)
Switch#config term
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#
Switch(config)#interface fastether 0/2
Switch(config-if)#switchport access vlan 10
Switch(config-if)#interface fastether 0/3
Switch(config-if)#switchport access vlan 10
Switch(config-if)#interface fastether 0/4
Switch(config-if)#switchport access vlan 10
Switch(config-if)#interface fastether 0/5
Switch(config-if)#switchport access vlan 11
Switch(config-if)#interface fastether 0/6
Switch(config-if)#switchport access vlan 11
Switch(config-if)#interface fastether 0/7
Switch(config-if)#switchport access vlan 11
Switch(config-if)#interface fastether 0/8
Switch(config-if)#switchport access vlan 11
Switch(config-if)#
Switch(config-if)#end
Switch#
3d02h: %SYS-5-CONFIG_I: Configured from console by console
Switch#show vlan ?
brief VTP all VLAN status in brief
id VTP VLAN status by VLAN id
name VTP VLAN status by VLAN name
| Output modifiers
<cr>
Switch#show vlan brief
VLAN Name Status Ports
---- -------------------------------- ---------
-------------------------------
1 default active Fa0/1, Fa0/9, Fa0/10,
Fa0/11
Fa0/12
10 TESTVLAN1 active Fa0/2, Fa0/3, Fa0/4
11 TESTVLAN2 active Fa0/5, Fa0/6, Fa0/7, Fa0/8
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Switch#
Switch#config term
Enter configuration commands, one per line. End with CNTL/Z.
■Trunkポートの割り当て(Fe0/1をトランクポートdot1q)
Switch(config)#interface fastether 0/1
Switch(config-if)#
Switch(config-if)#switchport mode trunk
Switch(config-if)#
3d02h: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed
state to down
3d02h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to
down
3d02h: %DTP-5-TRUNKPORTON: Port Fa0/1 has become dot1q trunk
3d02h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to
up
3d02h: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed
state to up
Switch(config-if)#
Switch(config-if)#end
3d02h: %SYS-5-CONFIG_I: Configured from console by console
Switch#show run
Building configuration...
Current configuration : 1048 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
!
ip subnet-zero
no ip finger
!
!
!
interface FastEthernet0/1
switchport mode trunk
!
interface FastEthernet0/2
switchport access vlan 10
!
interface FastEthernet0/3
switchport access vlan 10
!
interface FastEthernet0/4
switchport access vlan 10
!
interface FastEthernet0/5
switchport access vlan 11
!
interface FastEthernet0/6
switchport access vlan 11
!
interface FastEthernet0/7
switchport access vlan 11
!
interface FastEthernet0/8
switchport access vlan 11
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface Vlan1
ip address 192.168.1.2 255.255.255.0
no ip route-cache
!
interface Vlan10
ip address 192.168.2.2 255.255.255.0
no ip route-cache
shutdown
!
interface Vlan11
ip address 192.168.3.2 255.255.255.0
no ip route-cache
shutdown
!
ip http server
!
line con 0
transport input none
line vty 5 15
!
end
・・・・追加作成したVLAN10と11がShutdown状態であるがこれはこれでOK!(最後の動作確認のところを参照)
Switch#
Switch#show interface trunk
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/1 1-1005
Port Vlans allowed and active in management domain
Fa0/1 1,10-11
Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,10-11
Switch#
■ルータ側での設定
Press RETURN to get started.
Router>
Router>enable
■状態の確認
Router#show run
Building configuration...
Current configuration : 600 bytes
!
version 12.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip subnet-zero
ip cef
!
!~省略~
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0 ・・・SWとトランク接続させるポートにIPアドレスが割り振り済み!
duplex auto
speed auto
!
interface Serial0/0
no ip address
shutdown
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
!
no ip http server
ip classless
!
!~省略~
!
line con 0
line aux 0
line vty 0 4
login
!
!
end
Router#
■既存IPアドレスの削除
Router#config term
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#
Router(config)#interface fastether 0/0
Router(config-if)#no ip address
Router(config-if)#end
Router#
09:42:43: %SYS-5-CONFIG_I: Configured from console by console
Router#show run
!~省略~
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
!~省略~
Router#
■VLANごとに割り当てるサブインタフェースの作成(VLAN1=Fe0/0.1 VLAN10=Fe0/0.2 VLAN11=Fe0/0.3)
Router#config term
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface fastether 0/0.1
Router(config-subif)#ip address 192.168.1.1 255.255.255.0
% Configuring IP routing on a LAN subinterface is only allowed if that
subinterface is already configured as part of an IEEE 802.10, IEEE 802.1Q,
or ISL vLAN.
(サブインターフェースに対し、VLANカプセル化設定をする前にIPアドレスを割り当ててしまうと、上記警告が表示)
Router(config-subif)#
Router(config-subif)#encapsulation ?
dot1Q IEEE 802.1Q Virtual LAN
isl Inter Switch Link - Virtual LAN encapsulation
tr-isl Token Ring Inter Switch Link - Virtual LAN encapsulation
Router(config-subif)#encapsulation dot1q 1
Router(config-subif)#ip address 192.168.1.1 255.255.255.0
Router(config-subif)#exit
Router(config)#interface fastether 0/0.2
Router(config-subif)#enc dot1q 10
Router(config-subif)#ip address 192.168.2.1 255.255.255.0
Router(config-subif)#exit
Router(config)#interface fastether 0/0.3
Router(config-subif)#enc dot1q 11
Router(config-subif)#ip address 192.168.3.1 255.255.255.0
Router(config-subif)#
Router(config-subif)#end
Router#
09:47:56: %SYS-5-CONFIG_I: Configured from console by console
Router#show run
Building configuration...
Current configuration : 859 bytes
!
version 12.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip subnet-zero
ip cef
!
!~省略~
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.1
encapsulation dot1Q 1
native ・・・・設定時は”VLAN1を”native”VLANと明示してなかったが、(VLAN1がUPしているというSWの状態にて自動的に判断してくれた?)
ip address 192.168.1.1 255.255.255.0
!
interface FastEthernet0/0.2
encapsulation dot1Q 10
ip address 192.168.2.1 255.255.255.0
!
interface FastEthernet0/0.3
encapsulation dot1Q 11
ip address 192.168.3.1 255.255.255.0
!
interface Serial0/0
no ip address
shutdown
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
!
no ip http server
ip classless
!
!~省略~
!
line con 0
line aux 0
line vty 0 4
login
!
!
end
Router#
■以上で設定完了。以下でSWから動作確認を実施する。
Switch>
Switch>enable
Switch#
Switch#config term
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#
■SWの設定にて、VLAN10、11がShudown状態のままであったので、ためしにUPさせてみる
Switch(config)#interface vlan 10
Switch(config-if)#no shutdown
3d03h: %LINK-3-UPDOWN: Interface Vlan10, changed state to up
3d03h: %LINK-5-CHANGED: Interface Vlan1, changed state to administratively
down
3d03h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to
up
3d03h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to
dow
・・・管理用VLANだけをUPさせておけばよい(VLANトランクモードがdot1qであるため。VLAN1=”ネイティブVLAN”)
Switch(config)#interface vlan 1
Switch(config-if)#no shutdown
Switch(config-if)#
・・・参考)いずれか1つのVLANしかUPできない(=UPしたVLANが管理VLANとなる)
3d03h: %LINK-3-UPDOWN: Interface Vlan1, changed state to up
3d03h: %LINK-5-CHANGED: Interface Vlan10, changed state to administratively
down
3d03h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to
up
3d03h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to
down
Switch(config-if)#end
3d03h: %SYS-5-CONFIG_I: Configured from console by console
■SWからルータの各サブインタフェースに対してPINGを打って動作確認する。
Switch#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/203/1004 ms
Switch#ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/202/1000 ms
Switch#ping 192.168.3.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/202/1000 ms
Switch#
Switch#
以上、で設定完了!!
