局域网交换 : 802.1Q

在运行CatOS和Cisco IOS系统软件的Catalyst交换机之间的802.1q中继

2015 年 8 月 28 日 - 机器翻译
其他版本: PDFpdf | 英语 (2015 年 4 月 22 日) | 反馈


目录


简介

本文为建立中继在Catalyst交换机之间的IEEE 802.1Q提供配置示例运行Catalyst OS (CatOS)系统软件,并且运行Cisco IOS�系统Software.�Switches运行CatOS的模块化第3层(L3)交换机包括Catalyst 4500/4000, 5500/5000和6500/6000系列交换机。运行 Cisco IOS 软件的模块化 L3 交换机包括 Catalyst 4500/4000 和 Catalyst 6500/6000系列交换机。示例配置使用一台Catalyst 4000 (CatOS)和一台Catalyst 6500 (Cisco IOS软件),但任何被提及的交换机都可以用来实现相同的结果。

中继是一种在两个设备之间点到点链路上传输来自若干 VLAN 的流量的方式。以太网中继的两种实施方式为:

  • 交换机间链路协议 (ISL)(Cisco 专有协议)

  • 802.1Q(IEEE 标准)

先决条件

要求

如需了解与Catalyst交换机上的802.1Q和ISL有关的系统要求、指南和限制,请参见:实施中继的系统要求

使用的组件

为创建本文档中的示例,使用了以下交换机:

  • 运行 CatOS 软件版本 8.1.3 的 Catalyst 4000 交换机(带有 Supervisor 引擎 II (WS-X4013))

  • 带管理引擎2/Multilayer交换机功能卡2 (MSFC2)的Catalyst 6509在管理引擎和MSFC2上运行Cisco IOS软件版本12.1(20)E2。

本文档中的信息都是基于特定实验室环境中的设备编写的。本文档中使用的所有设备最初均采用原始(默认)配置。如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响。

规则

有关文档规则的详细信息,请参阅 Cisco 技术提示规则

背景理论

本文档仅包括交换机的配置文件和相关 show 命令示例的输出。如需了解在Catalyst交换机之间如何配置802.1q中继的详细信息,请参见LAN产品支持页面。

在 802.1Q 中继中,除了本地 VLAN 数据包以外,所有 VLAN 的数据包都在中继链路上进行标记。本地 VLAN 数据包将不带标记在中继链路上发送。因此,这两种已配置用于中继的交换机上的本地 VLAN 应该是相同的。这样,在您接收到没有标记的帧时,您能推导出帧属于哪个VLAN。默认情况下,VLAN 1 是所有交换机上的本地 VLAN。

  • 在 CatOS 中,可通过发出 set vlan vlan-id mod/port 命令(其中 mod/port 为中继端口)更改本地 VLAN。

  • 在Cisco IOS软件中,可以通过发送中继端口配置的switchport trunk native vlan vlan-id interface 命令修改本地VLAN。

配置

本部分提供有关如何配置本文档所述功能的信息。

本文档中的配置在隔离的实验室环境中实施。在使用任何配置或命令之前,您必须确保知道其可能对网络带来的潜在影响。用clear config all和write erase命令清除所有设备的配置,以保证它们有一个默认配置。

注意: 要查找本文档所用命令的其他信息,请使用命令查找工具仅限注册用户)。leavingcisco.com

网络图

本文档使用以下网络设置:

/image/gif/paws/8760/67-a.gif

配置

本文档使用以下配置:

注意: 注释和说明以蓝色斜体字形式显示。

Catalyst 4000 交换机
#version 8.1(3)
!
!
#system web interface version(s)
!
#system
set system name  cat4000
!
#frame distribution method
set port channel all distribution mac both
!
#vtp
set vtp domain cisco

!--- In this example, the VLAN Trunk Protocol (VTP) domain name is the same
!--- on both sides. This is required for the autonegotiation of the trunk
!--- by the Dynamic Trunking Protocol (DTP).


set vtp mode client vlan

!--- In this example, the VTP mode is set to client.
!--- Set the VTP mode according to your network requirements.

!--- For more details, refer to
!--- Understanding and Configuring VLAN Trunk Protocol (VTP).


!
#ip
set interface sc0 1 10.10.10.2/255.255.255.0 10.10.10.255

!--- This is the IP address used for management.

!--- Output suppressed.

!
#module 1 : 2-port 1000BaseX Supervisor
!
#module 2 empty
!
#module 3 empty
!
#module 4 empty
!
#module 5 : 48-port Inline Power Module
set vlan 2    5/13-24

!--- Ports 5/13-24 have been assigned to VLAN 2.



set trunk 5/1  desirable dot1q 1-1005,1025-4094

!--- The trunking mode is set to desirable mode, which means
!--- the port automatically tries to form a trunk with a
!--- neighboring port set to desirable, auto, or on mode.

!--- For recommended trunk mode settings, refer to
!--- the Dynamic Trunking Protocol section of
!--- Best Practices for Catalyst 4500/4000, 5500/5000, and 6500/6000 
Series Switches Running CatOS Configuration and Management.

!--- Output suppressed.


set spantree portfast    5/2-24 enable
set port channel 5/2-24 mode off

!--- The macro command set port host 5/2-24 was used to do three things:
!--- disable trunking, disable port channeling, and enable spantree portfast.

!--- For details on using the set port host command, refer to
!--- Using Portfast and Other Commands to Fix Workstation Startup Connectivity Delays.

!
#module 6 empty
end

Catalyst 6500 交换机
Current configuration : 4408 bytes
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname cat6500
!
boot system flash sup-bootflash:c6sup22-jsv-mz.121-20.E2
enable password mysecret

!--- This is the privileged mode password used in the example.


!
ip subnet-zero
!
!
!
mls flow ip destination
mls flow ipx destination
!
redundancy
 mode rpr-plus
 main-cpu
  auto-sync running-config
  auto-sync standard
!
!
!
interface GigabitEthernet2/1
 no ip address
 shutdown
!
interface GigabitEthernet2/2
 no ip address
 shutdown
!
interface fastethernet3/1
 switchport

!--- The switchport command must be entered once,  
!--- without any keywords, to configure the interface as a Layer 2 port.
!--- The interface is now automatically configured with the default command
!--- switchport mode dynamic desirable.

!--- This means the interface is ready to autonegotiate trunking
!--- encapsulation and form a trunk link (using DTP) with a neighbor port
!--- in desirable, auto, or on mode.

!--- For recommended trunk mode settings, refer to
!--- the "Dynamic Trunking Protocol" section of
!--- Best Practices for Catalyst 6500/6000 Series and Catalyst 4500/4000 
Series Switches Running Cisco IOS Software.



!
interface FastEthernet3/2
 switchport
 switchport mode access
 spanning-tree portfast


!--- The interface range fastethernet mod/beginport - endport 
!--- command is used to configure interfaces 3/2 - 24 at once.

!--- Next, the switchport command is issued (if this has not been done already).


switchport mode access
 spanning-tree portfast

!--- Next, issue the macro command switchport host 3/2 - 24 to automatically
!--- configure these ports as access ports and to enable spantree portfast.

!--- For details on using the switchport host command, refer to
!--- Using Portfast and Other Commands to Fix Workstation Startup Connectivity Delays.


!
interface FastEthernet3/13
 switchport
 switchport access vlan 2

!--- Interfaces 3/13 - 24 are placed in VLAN 2
!--- using the switchport access vlan 2 command.


 switchport mode access
 spanning-tree portfast


!--- Output suppressed.


!
interface FastEthernet3/24
 shutdown
 switchport
 switchport access vlan 2
 switchport mode access
 spanning-tree portfast


!--- Output suppressed.

!
interface FastEthernet3/48
 no ip address
 shutdown
!
interface vlan 1
 ip address 10.10.10.3 255.255.255.0

!--- This is the IP address used for management.

!
ip classless
no ip http server
!
!
!
line con 0
line vty 0 4
 password mysecret


!--- This is the Telnet password used in the example.


 login
 transport input lat pad mop telnet rlogin udptn nasi
!
!
end

cat6500#

验证

本部分所提供的信息可用于确认您的配置是否正常工作。

显示命令

某些show命令受输出解释器工具的支持(只用于注册的用户),允许您查看对show命令输出的分析。leavingcisco.com

在运行 CatOS 的 Catalyst 交换机上,请使用以下命令:

  • show port capabilities module/port

  • show port module/port

  • show trunk module/port

  • show vtp domain

在运行 Cisco IOS 软件的 Catalyst 6000 交换机上,请使用以下命令:

  • show interfaces interface-type module/port trunk

  • show vlan

show 命令输出示例

Catalyst 4000 交换机

show port capabilities module/port命令用于检查端口是否能够进行中继。

cat4000> (enable) show port capabilities 5/1
Model                    WS-X4148-RJ45V
Port                     5/1
Type                     10/100BaseTX
Speed                    auto,10,100
Duplex                   half,full
Trunk encap type         802.1Q
Trunk mode               on,off,desirable,auto,nonegotiate
Channel                  5/1-48
Flow control             no
Security                 yes
Dot1x                    yes
Membership               static,dynamic
Fast start               yes
QOS scheduling           rx-(none),tx-(2q1t)
CoS rewrite              no
ToS rewrite              no
Rewrite                  no
UDLD                     yes
Inline power             auto,off,static
AuxiliaryVlan            1..1000,1025..4094,untagged,none
SPAN                     source,destination,reflector
Link debounce timer      yes
IGMPFilter               yes
Dot1q-all-tagged         no
cat4000> (enable)

show port module/port 命令用于显示特定端口的状态,以及该端口是否为中继端口。

cat4000> (enable) show port status 5/1
Port  Name               Status     Vlan       Level  Duplex Speed Type
----- ------------------ ---------- ---------- ------ ------ ----- ------------
 5/1                     connected  trunk      normal a-full a-100 10/100BaseTX
cat4000> (enable)

show trunk 命令用于验证中继状态和配置。

cat4000> (enable) show trunk
* - indicates vtp domain mismatch
# - indicates dot1q-all-tagged enabled on the port
Port      Mode         Encapsulation  Status        Native vlan
--------  -----------  -------------  ------------  -----------
 5/1      desirable    dot1q          trunking      1

Port      Vlans allowed on trunk
--------  ---------------------------------------------------------------------
 5/1      1-1005,1025-4094

Port      Vlans allowed and active in management domain
--------  ---------------------------------------------------------------------
 5/1      1-2

Port      Vlans in spanning tree forwarding state and not pruned
--------  ---------------------------------------------------------------------
 5/1      1-2
cat4000> (enable)

show vtp domain 命令用于检查 VTP 信息。

cat4000> (enable) show vtp domain 
Version      : running VTP1 (VTP3 capable)
Domain Name  : cisco                            Password  : not configured
Notifications: disabled                         Updater ID: 10.10.10.3

Feature        Mode           Revision
-------------- -------------- -----------
VLAN           Client         21

Pruning             : disabled
VLANs prune eligible: 2-1000

Catalyst 6500 交换机

show interfaces interface-type module/port trunk 命令用于指示端口是否为中继端口。

cat6500# show interfaces fastethernet 3/1 trunk

Port      Mode         Encapsulation  Status        Native vlan
Fa3/1     desirable    n-802.1q       trunking      1

Port      Vlans allowed on trunk
Fa3/1     1-4094

Port      Vlans allowed and active in management domain
Fa3/1     1-2

Port      Vlans in spanning tree forwarding state and not pruned
Fa3/1     1-2
cat6500#

show vlan命令提供有关VLAN的信息和属于特定VLAN的端口信息。

cat6500# show vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa3/2, Fa3/3, Fa3/4, Fa3/5
                                                Fa3/6, Fa3/7, Fa3/8, Fa3/9
                                                Fa3/10, Fa3/11, Fa3/12
2    VLAN0002                         active    Fa3/13, Fa3/14, Fa3/15, Fa3/16
                                                Fa3/17, Fa3/18, Fa3/19, Fa3/20
                                                Fa3/21, Fa3/22, Fa3/23, Fa3/24
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup


!--- Output suppressed.
    
cat6500#

注意: 只会显示那些已配置为第 2 层非中继端口的端口。

故障排除

目前没有针对此配置的故障排除信息。

相关的思科支持社区讨论

思科支持社区是您提问、解答问题、分享建议以及与工作伙伴协作的论坛。


相关信息


Document ID: 8760