• Vlan-mapping、QINQ和802.1q隧道堆叠Vlan

    Vlan-mapping:二层隧道,城域网技术。

    在ISP连接客户端的交换机上配置:

    ①定义truank链路

    ②启用qinq的vlan转换能力

    ③定义vlan映射列表

    ④定义vlan允许列表

    实验拓扑:

    实验配置:

    1. [sw1]vlan batch 10 20 1000 2000
    2.  
    3. [sw1]int g 0/0/2	
    4. [sw1-GigabitEthernet0/0/2]port  link-type  trunk 
    5. [sw1-GigabitEthernet0/0/2]qinq vlan-translation enable 
    6. [sw1-GigabitEthernet0/0/2]port vlan-mapping vlan 10 map-vlan 1000
    7. [sw1-GigabitEthernet0/0/2]port vlan-mapping vlan 20 map-vlan 2000
    8. [sw1-GigabitEthernet0/0/2]port trunk allow-pass vlan 1000 2000
    9.  
    10. [sw1-GigabitEthernet0/0/2]int g 0/0/1
    11. [sw1-GigabitEthernet0/0/1]port link-type trunk 
    12. [sw1-GigabitEthernet0/0/1]port trunk allow-pass vlan 1000 2000
    1. 	
    2. [sw 2]vlan batch 10 20 1000 2000
    3.  
    4. [sw 2]int g 0/0/2
    5. [sw 2-GigabitEthernet0/0/2]port link-type trunk 
    6. [sw 2-GigabitEthernet0/0/2]qinq vlan-translation enable 
    7. [sw 2-GigabitEthernet0/0/2]port vlan-mapping vlan 10 map-vlan 1000
    8. [sw 2-GigabitEthernet0/0/2]port vlan-mapping vlan 20 map-vlan 2000
    9. [sw 2-GigabitEthernet0/0/2]port trunk allow-pass vlan 1000 2000
    10.  
    11. [sw 2-GigabitEthernet0/0/2]int g 0/0/1
    12. [sw 2-GigabitEthernet0/0/1]port link-type trunk 
    13. [sw 2-GigabitEthernet0/0/1]port trunk allow-pass vlan 1000 2000
    1. [sw3]vlan batch 10 20
    2. [sw3]int g 0/0/3
    3. [sw3-GigabitEthernet0/0/3]port link-type  access 
    4. [sw3-GigabitEthernet0/0/3]port default vlan 10
    5. [sw3-GigabitEthernet0/0/3]int g 0/0/4
    6. [sw3-GigabitEthernet0/0/4]port link-type access 
    7. [sw3-GigabitEthernet0/0/4]port default vlan 20
    8. [sw3-GigabitEthernet0/0/4]int g 0/0/2
    9. [sw3-GigabitEthernet0/0/2]port link-type trunk 
    10. [sw3-GigabitEthernet0/0/2]port trunk allow-pass vlan 10 20
    11.  
    12. [sw4]vlan batch 10 20
    13. [sw4]int g 0/0/3
    14. [sw4-GigabitEthernet0/0/3]port link-type access 
    15. [sw4-GigabitEthernet0/0/3]port default vlan 10
    16. [sw4-GigabitEthernet0/0/3]int g 0/0/4
    17. [sw4-GigabitEthernet0/0/4]port link-type access 
    18. [sw4-GigabitEthernet0/0/4]port default vlan 20
    19. [sw4-GigabitEthernet0/0/4]int g 0/0/2
    20. [sw4-GigabitEthernet0/0/2]port link-type trunk 
    21. [sw4-GigabitEthernet0/0/2]port trunk allow-pass vlan  10 20

    测试:

    QINQ技术:

    双层或多层vlan标记来穿越二层的ISP技术

    接口配置802.1q隧道技术:

    1. 接口封装802.1q隧道协议

    2. 给端口赋予PVID

    配置:

    sw3和sw4不用动,sw1和sw2配置相同

    1. [sw1]vlan   500
    2.  
    3. [sw1]int g 0/0/1
    4. [sw1-GigabitEthernet0/0/1]port link-type trunk 
    5. [sw1-GigabitEthernet0/0/1]port trunk allow-pass vlan 500
    6.  
    7. [sw1-GigabitEthernet0/0/1]int g 0/0/2
    8. [sw1-GigabitEthernet0/0/2]port link-type dot1q-tunnel 	
    9. [sw1-GigabitEthernet0/0/2]port default vlan 500

    抓包:两层标签

    不同厂商802.1q隧道协议号可能不一致

    华为和思科设备都是0x8100,有的设备可能是0x9100

    这时候就会出现数据不通的情况,需人为修改协议号

    1. intface g 0/0/2
    2. qinq protocol 0x9100

    802.1q隧道堆叠Vlan:

    1. 接口须为hybrid

    2. 启用qinqvlan映射功能

    3. 针对不同vlan定义不同的堆叠vlan

    4. 在接口的移除标签列表中增加对应的vlan id

    配置:

    sw3和sw4不变,sw1和sw2相同

    1. vlan batch 10 20 1000 2000
    2.  
    3. [sw1]int g 0/0/2
    4. [sw1-GigabitEthernet0/0/2]qinq vlan-translation enable 
    5. [sw1-GigabitEthernet0/0/2]port vlan-stacking vlan 10 stack-vlan 1000
    6. [sw1-GigabitEthernet0/0/2]port vlan-stacking vlan 20 stack-vlan 2000
    7. [sw1-GigabitEthernet0/0/2]port hybrid untagged vlan 1000 2000
    8.  
    9. [sw1]int g 0/0/1
    10. [sw1-GigabitEthernet0/0/1]port link-type trunk
    11. [sw1-GigabitEthernet0/0/1]port trunk allow-pass vlan 1000 2000

    抓包两层标签

  • 相关阅读:
    以太坊是什么?|猿创征文
    生成每日任务编号年月日000x
    Win11快速助手在哪里?Win11打开快速助手的方法
    C#/VB.NET:快速而简单的免费SVG到PDF转换技巧
    Re46:读论文 DAGNN Towards Deeper Graph Neural Networks
    babel-loader
    Docker-部署docker-compose以及管理服务
    Linux 内核参数:extra_free_kbytes
    基于clipboard.js对复制组件的封装
    做完等级保护需要多长时间?
  • 原文地址:https://blog.csdn.net/qq_53332962/article/details/126240705