企业三层交换网络(VLAN)+RouterOS+多网段dhcp中继解决方案
ROS + 三层交换vlan设置
以RouterOS 2.9.27和H3C S5500为例
由上图可知,现在交换机上划分4个VLAN,每个VLAN的接口地址如上图所示,现将交换机VLAN1接口与Ros路由LAN口相连,各VLAN通过VLAN1上网。(连接路由的端口为24端口,属于默认的vlan 1中)
一、ROS配置
1. ROS内网地址:192.168.1.254/24
2. NAT转换
ip / firewall / nat
src-address=192.168.0.0/16 action=masquerade
3. 给ROS指回头路由到三层交换机
ip route add dst-address=192.168.1.0/24 gateway=192.168.1.1
ip route add dst-address=192.168.2.0/24 gateway=192.168.1.1
ip route add dst-address=192.168.3.0/24 gateway=192.168.1.1
ip route add dst-address=192.168.4.0/24 gateway=192.168.1.1
上面的这几行 可以用下面这行代替
ip route add dst-address=192.168.0.0/16 gateway=192.168.1.1
二、H3C5500交换机配置
sys
System View: return to User View with Ctrl+Z.
[H3C]vlan 2 */依次创建vlan配置ip地址 默认的vlan1和路由同网段
[H3C-vlan2]port g1/0/2
[H3C-vlan2]int vlan 2
[H3C-Vlan-interface2]ip add 192.168.2.1 24
[H3C-Vlan-interface2]vlan 3
[H3C-vlan3]port g1/0/3
[H3C-vlan3]int vlan 3
[H3C-Vlan-interface3]ip add 192.168.3.1 24
[H3C-Vlan-interface3]vlan 4
[H3C-vlan4]port g1/0/4
[H3C-vlan4]int vlan 4
[H3C-Vlan-interface4]ip add 192.168.4.1 24
[H3C]ip route 0.0.0.0 0.0.0.0 192.168.1.254 */配置缺省路由,下一跳到ros的lan口
[H3C]vlan 2 */依次创建vlan配置ip地址 默认的vlan1和路由同网段
[H3C-vlan2]port g1/0/2
[H3C-vlan2]int vlan 2
[H3C-Vlan-interface2]ip add 192.168.2.1 24
[H3C-Vlan-interface2]vlan 3
[H3C-vlan3]port g1/0/3
[H3C-vlan3]int vlan 3
[H3C-Vlan-interface3]ip add 192.168.3.1 24
[H3C-Vlan-interface3]vlan 4
[H3C-vlan4]port g1/0/4
[H3C-vlan4]int vlan 4
[H3C-Vlan-interface4]ip add 192.168.4.1 24
[H3C]ip route 0.0.0.0 0.0.0.0 192.168.1.254 */配置缺省路由,下一跳到ros的lan口
三、客户机设置
如客户机不能上网:
检查线路连接是否正确
确保客户机设置的网关为其所属VLAN的IP地址,使用ping命令ping路由LAN口IP若不通,则交换机默认路由设置错误
如客户机不能上网:
检查线路连接是否正确
确保客户机设置的网关为其所属VLAN的IP地址,使用ping命令ping路由LAN口IP若不通,则交换机默认路由设置错误
*******************************************************************************************
第二部分:Ros配置多vlan多网段dhcp中继支持,每个vlan都能获得相应网段的ip
1、 ip / pool 建立地址池
Pools +
Name:vlan2 address:192.168.2.100-192.168.2.200
Name:vlan3 address:192.168.3.100-192.168.3.200
Name:vlan4 address:192.168.4.100-192.168.4.200
1、 ip / pool 建立地址池
Pools +
Name:vlan2 address:192.168.2.100-192.168.2.200
Name:vlan3 address:192.168.3.100-192.168.3.200
Name:vlan4 address:192.168.4.100-192.168.4.200
2、 ip / dhcp server 设置DHCP Server使其支持DHCP中继
DHCP / Setup
DHCP Server Interface :lan DHCP Address Space:192.168.2.0/24
Gateway for DHCP Network:192.168.2.1 DHCP Relay: 192.168.2.1
Addresses to Give Out: 192.168.2.2-192.168.2.254
DNS Server : 61.134.1.4(电信DNS)
DHCP / Setup
DHCP Server Interface :lan DHCP Address Space:192.168.2.0/24
Gateway for DHCP Network:192.168.2.1 DHCP Relay: 192.168.2.1
Addresses to Give Out: 192.168.2.2-192.168.2.254
DNS Server : 61.134.1.4(电信DNS)
3、 在添加好的dhcp服务器上双击
name 依次改为 vlan2 vlan3 vlan4……
Address pool 对应选择
name 依次改为 vlan2 vlan3 vlan4……
Address pool 对应选择
修改后如截图
_________________________________________________________________________________________
_________________________________________________________________________________________
4、 交换机 H3C S5500SI配置方法:
# 使能DHCP服务。
<Sysname> system-view
route add 添加路由[H3C] dhcp enable
# 配置连接DHCP客户端网络的VLAN 2工作在DHCP中继模式。
[H3C] int vlan 2
[H3C-Vlan-interface2] dhcp select relay
# 配置DHCP服务器的地址,并配置VLAN 2对应DHCP服务器组1。
[H3C] dhcp relay server-group 1 ip 192.168.1.254
[H3C] int vlan 2
[H3C-Vlan-interface2] dhcp relay server-select 1
vlan 3 vlan 4 等其它vlan配置方法相同
<Sysname> system-view
route add 添加路由[H3C] dhcp enable
# 配置连接DHCP客户端网络的VLAN 2工作在DHCP中继模式。
[H3C] int vlan 2
[H3C-Vlan-interface2] dhcp select relay
# 配置DHCP服务器的地址,并配置VLAN 2对应DHCP服务器组1。
[H3C] dhcp relay server-group 1 ip 192.168.1.254
[H3C] int vlan 2
[H3C-Vlan-interface2] dhcp relay server-select 1
vlan 3 vlan 4 等其它vlan配置方法相同
这样每个vlan都能获取到相对应网段的IP地址,并且可以正常上网!
作者:飘摇 blog.hx99 hx24@vip.qq
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。
发表评论