Cyber_Security_Notes/A. 第一阶段/拓扑练习/0822_虚拟VLAN+路由.md

# 虚拟VLAN + 路由

![image-20240822180931264](https://picgo-noriu.oss-cn-beijing.aliyuncs.com/Images/image-20240822180931264.png)

### 一、配置PC的IP、子网掩码、网关

### 二、配置左侧二层交换机

- **SW2**

  ```
  <Huawei>u t m
  <Huawei>sys
  [Huawei]sys SW2
  [SW2]vlan batch 10 20
  [SW2]int g0/0/1
  [SW2-GigabitEthernet0/0/1]port link-type access
  [SW2-GigabitEthernet0/0/1]port default vlan 10
  [SW2-GigabitEthernet0/0/1]int g0/0/2
  [SW2-GigabitEthernet0/0/2]port link-type access
  [SW2-GigabitEthernet0/0/2]port default vlan 20
  [SW2-GigabitEthernet0/0/2]int g0/0/3
  [SW2-GigabitEthernet0/0/3]port link-type trunk 
  [SW2-GigabitEthernet0/0/3]port trunk allow-pass vlan all
  [SW2-GigabitEthernet0/0/3]return
  <SW2>save
  ```

- **SW3**

  ```
  <Huawei>u t m
  <Huawei>sys
  [Huawei]sys SW3
  [SW3]vlan batch 30 40
  [SW3]int g0/0/1
  [SW3-GigabitEthernet0/0/1]port link-type access 
  [SW3-GigabitEthernet0/0/1]port default vlan 30
  [SW3-GigabitEthernet0/0/1]int g0/0/2
  [SW3-GigabitEthernet0/0/2]port link-type access
  [SW3-GigabitEthernet0/0/2]port default vlan 40
  [SW3-GigabitEthernet0/0/2]int g0/0/3
  [SW3-GigabitEthernet0/0/3]port link-type trunk
  [SW3-GigabitEthernet0/0/3]port trunk allow-pass vlan all
  [SW3-GigabitEthernet0/0/3]return
  <SW3>save
  ```

### 三、配置左侧三层交换机

- **SW1**

  ```
  <Huawei>u t m
  <Huawei>sys
  [Huawei]sys SW1
  [SW1]vlan batch 10 20 30 40
  [SW1]port-group 1
  [SW1-port-group-1]group-member g0/0/1 g0/0/2
  [SW1-port-group-1]port link-type trunk 
  [SW1-port-group-1]port trunk allow-pass vlan all
  [SW1-port-group-1]quit
  [SW1]int vlanif 10
  [SW1-Vlanif10]ip a 192.168.10.254 24
  [SW1-Vlanif10]int vlanif 20
  [SW1-Vlanif20]ip a 192.168.20.254 24
  [SW1-Vlanif20]int vlanif 30
  [SW1-Vlanif30]ip a 192.168.30.254 24
  [SW1-Vlanif30]int vlanif 40
  [SW1-Vlanif40]ip a 192.168.40.254 24
  [SW1-Vlanif40]return
  <SW1>save
  ```

### 四、测试左侧虚拟VLAN连通性

- **PING**

  ```
  PC1>ping 192.168.40.1
  
  Ping 192.168.40.1: 32 data bytes, Press Ctrl_C to break
  From 192.168.40.1: bytes=32 seq=1 ttl=127 time=125 ms
  From 192.168.40.1: bytes=32 seq=2 ttl=127 time=78 ms
  From 192.168.40.1: bytes=32 seq=3 ttl=127 time=79 ms
  From 192.168.40.1: bytes=32 seq=4 ttl=127 time=93 ms
  From 192.168.40.1: bytes=32 seq=5 ttl=127 time=78 ms
  
  --- 192.168.40.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 78/90/125 ms
  ```

### 五、配置虚拟VLAN与路由连通

- **AR1**

  ```
  <Huawei>u t m
  <Huawei>sys
  [Huawei]sys AR1
  [AR1]int g0/0/0
  [AR1-GigabitEthernet0/0/0]ip a 192.168.60.254 24
  [AR1-GigabitEthernet0/0/0]int g0/0/1
  [AR1-GigabitEthernet0/0/1]ip a 192.168.50.2 24
  [AR1-GigabitEthernet0/0/1]quit
  [AR1]ip route-static 0.0.0.0 0 192.168.50.1
  [AR1]quit
  <AR1>save
  ```

- **SW1**

  ```
  <Huawei>u t m
  <Huawei>sys
  [SW1]vlan 50
  [SW1-vlan50]quit
  [SW1]int g0/0/10
  [SW1-GigabitEthernet0/0/10]port link-type access 
  [SW1-GigabitEthernet0/0/10]port default vlan 50
  [SW1-GigabitEthernet0/0/10]quit
  [SW1]int vlanif 50
  [SW1-Vlanif50]ip a 192.168.50.1 24
  [SW1-Vlanif50]quit
  [SW1]ip route-static 192.168.60.0 24 192.168.50.2
  [SW1]quit
  <SW1>save
  ```

### 六、跨路由连通性测试

- **PING**

  ```
  PC1>ping 192.168.60.1
  
  Ping 192.168.60.1: 32 data bytes, Press Ctrl_C to break
  Request timeout!
  From 192.168.60.1: bytes=32 seq=2 ttl=126 time=94 ms
  From 192.168.60.1: bytes=32 seq=3 ttl=126 time=110 ms
  From 192.168.60.1: bytes=32 seq=4 ttl=126 time=62 ms
  From 192.168.60.1: bytes=32 seq=5 ttl=126 time=125 ms
  
  --- 192.168.60.1 ping statistics ---
    5 packet(s) transmitted
    4 packet(s) received
    20.00% packet loss
    round-trip min/avg/max = 0/97/125 ms
  ```
2024年8月22日 18:19:18 2024-08-22 18:19:15 +08:00			`# 虚拟VLAN + 路由`

			`![image-20240822180931264](https://picgo-noriu.oss-cn-beijing.aliyuncs.com/Images/image-20240822180931264.png)`

			`### 一、配置PC的IP、子网掩码、网关`

			`### 二、配置左侧二层交换机`

			`- SW2`

			```
2024年8月22日 20:23:22 2024-08-22 20:23:21 +08:00			`<Huawei>u t m`
			`<Huawei>sys`
			`[Huawei]sys SW2`
			`[SW2]vlan batch 10 20`
			`[SW2]int g0/0/1`
			`[SW2-GigabitEthernet0/0/1]port link-type access`
			`[SW2-GigabitEthernet0/0/1]port default vlan 10`
			`[SW2-GigabitEthernet0/0/1]int g0/0/2`
			`[SW2-GigabitEthernet0/0/2]port link-type access`
			`[SW2-GigabitEthernet0/0/2]port default vlan 20`
			`[SW2-GigabitEthernet0/0/2]int g0/0/3`
			`[SW2-GigabitEthernet0/0/3]port link-type trunk`
			`[SW2-GigabitEthernet0/0/3]port trunk allow-pass vlan all`
			`[SW2-GigabitEthernet0/0/3]return`
			`<SW2>save`
2024年8月22日 18:19:18 2024-08-22 18:19:15 +08:00			```

			`- SW3`

			```
2024年8月22日 20:23:22 2024-08-22 20:23:21 +08:00			`<Huawei>u t m`
			`<Huawei>sys`
			`[Huawei]sys SW3`
			`[SW3]vlan batch 30 40`
			`[SW3]int g0/0/1`
			`[SW3-GigabitEthernet0/0/1]port link-type access`
			`[SW3-GigabitEthernet0/0/1]port default vlan 30`
			`[SW3-GigabitEthernet0/0/1]int g0/0/2`
			`[SW3-GigabitEthernet0/0/2]port link-type access`
			`[SW3-GigabitEthernet0/0/2]port default vlan 40`
			`[SW3-GigabitEthernet0/0/2]int g0/0/3`
			`[SW3-GigabitEthernet0/0/3]port link-type trunk`
			`[SW3-GigabitEthernet0/0/3]port trunk allow-pass vlan all`
			`[SW3-GigabitEthernet0/0/3]return`
			`<SW3>save`
2024年8月22日 18:19:18 2024-08-22 18:19:15 +08:00			```

2024年8月22日 20:23:22 2024-08-22 20:23:21 +08:00			`### 三、配置左侧三层交换机`
2024年8月22日 18:19:18 2024-08-22 18:19:15 +08:00
2024年8月22日 20:23:22 2024-08-22 20:23:21 +08:00			`- SW1`

			```
			`<Huawei>u t m`
			`<Huawei>sys`
			`[Huawei]sys SW1`
			`[SW1]vlan batch 10 20 30 40`
			`[SW1]port-group 1`
			`[SW1-port-group-1]group-member g0/0/1 g0/0/2`
			`[SW1-port-group-1]port link-type trunk`
			`[SW1-port-group-1]port trunk allow-pass vlan all`
			`[SW1-port-group-1]quit`
			`[SW1]int vlanif 10`
			`[SW1-Vlanif10]ip a 192.168.10.254 24`
			`[SW1-Vlanif10]int vlanif 20`
			`[SW1-Vlanif20]ip a 192.168.20.254 24`
			`[SW1-Vlanif20]int vlanif 30`
			`[SW1-Vlanif30]ip a 192.168.30.254 24`
			`[SW1-Vlanif30]int vlanif 40`
			`[SW1-Vlanif40]ip a 192.168.40.254 24`
			`[SW1-Vlanif40]return`
			`<SW1>save`
			```

			`### 四、测试左侧虚拟VLAN连通性`

			`- PING`
2024年8月22日 18:19:18 2024-08-22 18:19:15 +08:00
			```
2024年8月22日 20:23:22 2024-08-22 20:23:21 +08:00			`PC1>ping 192.168.40.1`
2024年8月22日 18:19:18 2024-08-22 18:19:15 +08:00
2024年8月22日 20:23:22 2024-08-22 20:23:21 +08:00			`Ping 192.168.40.1: 32 data bytes, Press Ctrl_C to break`
			`From 192.168.40.1: bytes=32 seq=1 ttl=127 time=125 ms`
			`From 192.168.40.1: bytes=32 seq=2 ttl=127 time=78 ms`
			`From 192.168.40.1: bytes=32 seq=3 ttl=127 time=79 ms`
			`From 192.168.40.1: bytes=32 seq=4 ttl=127 time=93 ms`
			`From 192.168.40.1: bytes=32 seq=5 ttl=127 time=78 ms`

			`--- 192.168.40.1 ping statistics ---`
			`5 packet(s) transmitted`
			`5 packet(s) received`
			`0.00% packet loss`
			`round-trip min/avg/max = 78/90/125 ms`
2024年8月22日 18:19:18 2024-08-22 18:19:15 +08:00			```

2024年8月22日 20:23:22 2024-08-22 20:23:21 +08:00			`### 五、配置虚拟VLAN与路由连通`

			`- AR1`

			```
			`<Huawei>u t m`
			`<Huawei>sys`
			`[Huawei]sys AR1`
			`[AR1]int g0/0/0`
			`[AR1-GigabitEthernet0/0/0]ip a 192.168.60.254 24`
			`[AR1-GigabitEthernet0/0/0]int g0/0/1`
			`[AR1-GigabitEthernet0/0/1]ip a 192.168.50.2 24`
			`[AR1-GigabitEthernet0/0/1]quit`
			`[AR1]ip route-static 0.0.0.0 0 192.168.50.1`
			`[AR1]quit`
			`<AR1>save`
			```
2024年8月22日 18:19:18 2024-08-22 18:19:15 +08:00
			`- SW1`

			```
2024年8月22日 20:23:22 2024-08-22 20:23:21 +08:00			`<Huawei>u t m`
			`<Huawei>sys`
			`[SW1]vlan 50`
			`[SW1-vlan50]quit`
			`[SW1]int g0/0/10`
			`[SW1-GigabitEthernet0/0/10]port link-type access`
			`[SW1-GigabitEthernet0/0/10]port default vlan 50`
			`[SW1-GigabitEthernet0/0/10]quit`
			`[SW1]int vlanif 50`
			`[SW1-Vlanif50]ip a 192.168.50.1 24`
			`[SW1-Vlanif50]quit`
			`[SW1]ip route-static 192.168.60.0 24 192.168.50.2`
			`[SW1]quit`
			`<SW1>save`
2024年8月22日 18:19:18 2024-08-22 18:19:15 +08:00			```

2024年8月22日 20:23:22 2024-08-22 20:23:21 +08:00			`### 六、跨路由连通性测试`
2024年8月22日 18:19:18 2024-08-22 18:19:15 +08:00
			`- PING`

			```
2024年8月22日 20:23:22 2024-08-22 20:23:21 +08:00			`PC1>ping 192.168.60.1`
2024年8月22日 18:19:18 2024-08-22 18:19:15 +08:00
2024年8月22日 20:23:22 2024-08-22 20:23:21 +08:00			`Ping 192.168.60.1: 32 data bytes, Press Ctrl_C to break`
			`Request timeout!`
			`From 192.168.60.1: bytes=32 seq=2 ttl=126 time=94 ms`
			`From 192.168.60.1: bytes=32 seq=3 ttl=126 time=110 ms`
			`From 192.168.60.1: bytes=32 seq=4 ttl=126 time=62 ms`
			`From 192.168.60.1: bytes=32 seq=5 ttl=126 time=125 ms`

			`--- 192.168.60.1 ping statistics ---`
			`5 packet(s) transmitted`
			`4 packet(s) received`
			`20.00% packet loss`
			`round-trip min/avg/max = 0/97/125 ms`
			```