服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 带有2900XL交换机的单端口2600路由器
Intereting Posts
如何在unix上查找具有不正确权限的文件? 用puppet / mcollectivepipe理svn回购 可以在ESX服务控制台上运行X吗? 在一个星期内停止cronjob两个小时 接受一个域的所有邮件(从任何地方),将选定收件人的邮件转发到特定的地址,将所有其他邮件转发给特定的主机 从MS Access运行MS-SQL Server存储过程? 试图安装SawMill并得到以下错误: 在OpenFiler上使用iSCSI LUN的VMotion 将文件存储在目录中…是否有限制? 如何删除此警告“此系统未注册到红帽订阅pipe理。 您可以使用订阅pipe理器进行注册。“ ESX主机升级 Apache mod_proxy后面的RabbitMQ没有parsing深层链接 Windows 7客户端,2003 Server,用户帐户反复重复locking 在IIS6应用程序池中完全禁用.net 在amazon ECS实例上安装安全更新的最佳方法

带有2900XL交换机的单端口2600路由器

我有一个设置,其中单端口2600路由器在端口0/2在交换机,外部networking在端口0/1,其余(0 / 3-0 / 24)应该是第二个networking的客户端将由2600路由器pipe理。

我configuration了两个VLAN:100(0 / 2-0 / 24),200(内部为0 / 1-0 / 2)。 0/2是两个VLAN的中继端口。

出现的问题是我不能同时拥有两个VLAN:软件不允许。

现在,我可以ping外部networking设备(172.16.7.1,172.16.7.103),甚至谷歌(8.8.8.8)从路由器,而不是交换机。 连接的设备正确获得DHCP租约,但无法在networking外部进行ping操作,只有路由器 – 172.17.7.1和交换机本身172.17.7.7。

路由器和交换机的configuration在这里 ,以及下面。

路由器: 

rt.throom#sho run Building configuration... Current configuration : 1015 bytes ! version 12.1 no service single-slot-reload-enable service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname rt.throom ! enable password To053cret ! ! ! ! ! no ip subnet-zero ip dhcp excluded-address 172.17.7.1 172.17.7.2 ip dhcp excluded-address 172.17.7.3 172.17.7.4 ip dhcp excluded-address 172.17.7.5 ! ip dhcp pool VLAN200 network 172.17.7.0 255.255.255.0 default-router 172.17.7.1 dns-server 8.8.8.8 ! ip audit notify log ip audit po max-events 100 ! ! ! ! ! ! ! interface Ethernet0/0 no ip address ! interface Ethernet0/0.100 encapsulation dot1Q 100 ip address 172.16.7.15 255.255.255.0 ip nat outside ! interface Ethernet0/0.200 encapsulation dot1Q 200 ip address 172.17.7.1 255.255.255.0 ip nat inside ! router eigrp 20 network 172.16.0.0 network 172.17.0.0 no auto-summary no eigrp log-neighbor-changes ! no ip classless no ip http server ! access-list 1 permit 172.17.7.0 0.0.0.255 ! ! line con 0 line aux 0 line vty 0 4 login ! end

开关: 

 sw.throom#sho run Building configuration... Current configuration: ! version 11.2 no service pad no service udp-small-servers no service tcp-small-servers ! hostname sw.throom ! enable password Oh5053cret ! ! no spanning-tree vlan 100 no spanning-tree vlan 200 ip subnet-zero ! ! interface VLAN1 no ip address no ip route-cache ! interface FastEthernet0/1 switchport access vlan 100 spanning-tree portfast ! interface FastEthernet0/2 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/3 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/4 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/5 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/6 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/7 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/8 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/9 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/10 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/11 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/12 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/13 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/14 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/15 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/16 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/17 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/18 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/19 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/20 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/21 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/22 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/23 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/24 switchport access vlan 200 spanning-tree portfast ! ! line con 0 stopbits 1 line vty 0 4 login line vty 5 9 login ! end

sho ip route给出: 

 Gateway of last resort is 172.16.7.1 to network 0.0.0.0 172.17.0.0/24 is subnetted, 1 subnets C 172.17.7.0 is directly connected, Ethernet0/0.200 172.16.0.0/24 is subnetted, 1 subnets C 172.16.7.0 is directly connected, Ethernet0/0.100 S* 0.0.0.0/0 [1/0] via 172.16.7.1

编辑1:这是工作的configuration:

路由器: 

 rt#sho run Building configuration... Current configuration : 1018 bytes ! version 12.1 no service single-slot-reload-enable service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname rt ! enable password To053cret ! ! ! ! ! no ip subnet-zero ip dhcp excluded-address 172.17.7.1 172.17.7.2 ip dhcp excluded-address 172.17.7.3 172.17.7.4 ip dhcp excluded-address 172.17.7.5 ! ip dhcp pool VLAN200 network 172.17.7.0 255.255.255.0 default-router 172.17.7.1 dns-server 8.8.8.8 ! ip audit notify log ip audit po max-events 100 ! ! ! ! ! ! ! interface Ethernet0/0 no ip address ! interface Ethernet0/0.100 encapsulation dot1Q 100 ip address 172.16.7.15 255.255.255.0 ip nat outside ! interface Ethernet0/0.200 encapsulation dot1Q 200 ip address 172.17.7.1 255.255.255.0 ip nat inside ! ip nat inside source list 1 interface Ethernet0/0.100 overload ip classless ip route 0.0.0.0 0.0.0.0 172.16.7.1 no ip http server ! access-list 1 permit 172.17.7.0 0.0.0.255 ! ! line con 0 line aux 0 line vty 0 4 password To053cret login ! end

开关: 

 sw#sho run Building configuration... Current configuration: ! version 11.2 no service pad no service udp-small-servers no service tcp-small-servers ! hostname sw ! enable password Oh5053cret ! ! no spanning-tree vlan 100 no spanning-tree vlan 200 ip subnet-zero ip name-server 8.8.8.8 ! ! interface VLAN1 ip address 172.17.7.7 255.255.255.0 no ip route-cache shutdown ! interface VLAN100 no ip route-cache shutdown ! interface VLAN200 ip address 172.17.7.7 255.255.255.255 no ip route-cache ! interface FastEthernet0/1 switchport access vlan 100 spanning-tree portfast ! interface FastEthernet0/2 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/3 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/4 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/5 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/6 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/7 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/8 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/9 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/10 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/11 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/12 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/13 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/14 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/15 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/16 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/17 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/18 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/19 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/20 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/21 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/22 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/23 switchport access vlan 200 spanning-tree portfast ! interface FastEthernet0/24 switchport access vlan 200 spanning-tree portfast ! ip default-gateway 172.17.7.1 ! line con 0 stopbits 1 line vty 0 4 password Oh5053cret login line vty 5 9 login ! end

感谢大家的帮助!

由于交换机在configuration中位于内部,因此需要使用默认路由到达外部设备,就像内部的任何设备一样。 在第三层(TCP / IP),交换机像普通设备一样工作。

  1. 你为什么要将外部networking连接到交换机而不是路由器?

  2. 如果你指的是分配一个IP地址到多个VLAN,那么你是正确的。 该型号交换机仅支持用于pipe理目的的IP地址,并且只允许为一个VLAN分配IP地址。 至于VLAN本身,它肯定支持多个VLAN。

  3. 它是一个二层交换机,因此不支持SVI(InterVLAN路由),因此只允许为一个VLAN分配一个IP地址…来pipe理交换机。

编辑1

我很抱歉没有赶上这一点。 外部路由器是否有172.17networking的路由? 您已经在内部路由器上启用了EIGRP,但是没有通过EIGRP获知的路由(如从内部路由器输出的sh ip路由所certificate的),这意味着外部路由器在路由表中可能没有路由172.17networking。 如果外部路由器没有到172.17networking的路由,则它不能回复(或路由stream量)回到172.17networking。

编辑2

这是问题。 再一次,我很抱歉没有赶上它。 有时候这些明显的事情会让我们感到难过

  1. D-Link路由器只知道它直接连接到的networking。 它不直接连接到172.17networking,因此不知道如何将stream量路由到该networking。 您需要configurationD-Link以通过内部路由器为172.17networking路由stream量。

  2. 要使EIGRP正常工作,两台路由器都必须使用并参与EIGRP。 您的D-Link路由器绝对不使用EIGRP,因此它没有通过内部路由器到达172.17networking的路由。 证据是内部路由器在其路由表中不显示任何EIGRP学习路由。 这意味着它不接收来自D-LINK路由器的EIGRP路由表更新…因为D-LINK路由器没有使用EIGRP。

所以要回顾一下:您需要通过内部路由器在D-LINK路由器上为172.17networkingconfiguration路由。

你的NATconfiguration没有任何作用,我的猜测是外面的设备无法返回到172.17.1.0/24networking

需要翻译172.17.1.0/24到172.16.17.15

IP Nat内源列表1接口ETH 0 / 0.100

给一个旋转 – 一些来自路由器的显示命令将是有趣的

Sh IP Nat trans

Sh IP路由