Microsoft PowerPoint - ch12.ppt

chapter 12. 시스코스위치설정과 VLAN 한빛미디어 -1-

학습목표 시스코스위치의기본설정 VLAN의개념과시스코스위치의 VLAN 설정 VLAN 간라우팅 한빛미디어 -2-

시스코스위치기본설정 시스코스위치부팅 (1) C2950 Boot Loader (CALHOUN-HBOOT-M) Version 12.0(5.3)WC(1), MAINTENANCE INTERIM SOFTWARE Compiled Mon 30-Apr-01 07:56 by devgoyal WS-C2950-24 starting... Base ethernet MAC Address: 00:08:a3:5e:12:c0 Xmodem file system is available. Initializing Flash... flashfs[0]: 163 files, 3 directories flashfs[0]: 0 orphaned files, 0 orphaned directories flashfs[0]: Total bytes: 7741440 flashfs[0]: Bytes used: 2963968 flashfs[0]: Bytes available: 4777472 flashfs[0]: flashfs fsck took 6 seconds....done initializing flash. Boot Sector Filesystem (bs:) installed, fsid: 3 Parameter Block Filesystem (pb:) installed, fsid: 4 Loading "flash:c2950-c3h2s-mz.120-5.3.wc.1.bin"...################ #################################################################################### ############## 한빛미디어 -3-

시스코스위치기본설정 시스코스위치부팅 (2) File "flash:c2950-c3h2s-mz.120-5.3.wc.1.bin" uncompressed and installed, entry point: 0x80010000 executing... Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Cisco Internetwork Operating System Software IOS (tm) C2950 Software (C2950-C3H2S-M), Version 12.0(5.3)WC(1), MAINTENANCE INTERIM SOFTWARE Copyright (c) 1986-2001 by cisco Systems, Inc. Compiled Mon 30-Apr-01 07:56 by devgoyal Image text-base: 0x80010000, data-base: 0x8031A000 한빛미디어 -4-

시스코스위치기본설정 시스코스위치부팅 (3) Initializing flashfs... flashfs[1]: 163 files, 3 directories flashfs[1]: 0 orphaned files, 0 orphaned directories flashfs[1]: Total bytes: 7741440 flashfs[1]: Bytes used: 2963968 flashfs[1]: Bytes available: 4777472 flashfs[1]: flashfs fsck took 6 seconds. flashfs[1]: Initialization complete. Done initializing flashfs. C2950 POST: System Board Test : Passed C2950 POST: Ethernet Controller Test : Passed C2950 POST: MII TEST : Passed cisco WS-C2950-12 (RC32300) processor (revision B0) with 22260K bytes of memory. Processor board ID FOC0601X0GZ Last reset from system-reset Processor is running Enterprise Edition Software Cluster command switch capable Cluster member switch capable 12 FastEthernet/IEEE 802.3 interface(s) 한빛미디어 -5-

시스코스위치기본설정 시스코스위치부팅 (4) 32K bytes of flash-simulated non-volatile configuration memory. Base ethernet MAC Address: 00:08:A3:5E:12:C0 Motherboard assembly number: 73-5782-08 Power supply part number: 34-0965-01 Motherboard serial number: FOC06010211 Power supply serial number: DAB05513BX3 Model revision number: B0 Motherboard revision number: B0 Model number: WS-C2950-12 System serial number: FOC0601X0GZ Press RETURN to get started! C2950 INIT: Complete 00:00:16: %SYS-5-CONFIG: Configured from NVRAM by console 00:00:16: %SYS-5-RESTART: System restarted -- Cisco Internetwork Operating System Software IOS (tm) C2950 Software (C2950-C3H2S-M), Version 12.0(5.3)WC(1), MAINTENANCE INTERIM SOFTWARE Copyright (c) 1986-2001 by cisco Systems, Inc. Compiled Mon 30-Apr-01 07:56 by devgoyal switch> 한빛미디어 -6-

시스코스위치기본설정 시스코스위치기본설정 IP 주소설정 duplex 모드설정 스패닝트리프로토콜우선순위설정 스패닝트리프로토콜 Cost 설정 한빛미디어 -7-

시스코스위치기본설정 시스코스위치기본설정예 (1) switch>enable switch# switch#configure terminal Enter configuration commands, one per line. End with CNTL/Z. switch(config)#hostname switchup switchup(config)# switchup(config)#enable secret c1sc0 switchup(config)# switchup(config)#line con 0 switchup(config-line)#password c1sc0 switchup(config-line)#login switchup(config-line)#exit switchup(config)# switchup(config)#line vty 0 15 switchup(config-line)#password c1sc0 switchup(config-line)#login switchup(config-line)#exit 한빛미디어 -8-

시스코스위치기본설정 시스코스위치기본설정예 (2) switchup(config)# switchup(config)#interface fastethernet 0/1 switchup(config-if)#speed 100 switchup(config-if)#duplex full switchup(config-if)#exit switchup(config)# switchup(config)#interface vlan 1 switchup(config-if)#ip address 192.168.0.100 255.255.255.0 switchup(config-if)#no shutdown switchup(config)# switchup(config)#ip defult-gateway 192.168.0.1 switchup(config)#exit switchup# switchup#copy run start Destination filename [startup-config]? Building configuration... [OK] 한빛미디어 -9-

시스코스위치기본설정 시스코스위치동작확인 (1) switchup#sh ru Building configuration... Current configuration:! version 12.0 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption! hostname switchup! enable secret 5 $1$xI4p$Rm9JPEHRDzEMuWOTx/3Cs.! ip subnet-zero no ip domain-lookup! 한빛미디어 -10-

시스코스위치기본설정 시스코스위치동작확인 (2) interface FastEthernet0/4! 생략 interface FastEthernet0/12! interface VLAN1 ip address 192.168.0.100 255.255.255.0 no ip directed-broadcast no ip route-cache! line con 0 password c1sc0 login! line vty 0 15 password c1sc0 login! end 한빛미디어 -11-

시스코스위치기본설정 시스코스위치동작확인 (3) switchup#show version Cisco Internetwork Operating System Software IOS (tm) C2950 Software (C2950-C3H2S-M), Version 12.0(5.3)WC(1), MAINTENANCE INTERIM SOFTWARE Copyright (c) 1986-2001 by cisco Systems, Inc. Compiled Mon 30-Apr-01 07:56 by devgoyal Image text-base: 0x80010000, data-base: 0x8031A000 ROM: Bootstrap program is CALHOUN boot loader switchup uptime is 4 minutes System returned to ROM by power-on System image file is "flash:c2950-c3h2s-mz.120-5.3.wc.1.bin" cisco WS-C2950-12 (RC32300) processor (revision B0) with 22260K bytes of memory. Processor board ID FOC0601X0GZ Last reset from system-reset 한빛미디어 -12-

시스코스위치기본설정 시스코스위치동작확인 (4) Processor is running Enterprise Edition Software Cluster command switch capable Cluster member switch capable 12 FastEthernet/IEEE 802.3 interface(s) 32K bytes of flash-simulated non-volatile configuration memory. Base ethernet MAC Address: 00:08:A3:5E:12:C0 Motherboard assembly number: 73-5782-08 Power supply part number: 34-0965-01 Motherboard serial number: FOC06010211 Power supply serial number: DAB05513BX3 Model revision number: B0 Motherboard revision number: B0 Model number: WS-C2950-12 System serial number: FOC0601X0GZ Configuration register is 0xF 한빛미디어 -13-

시스코스위치기본설정 시스코스위치동작확인 (5) switchup#show spanning-tree Spanning tree 1 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 0008.a35e.12c0 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Topology change flag not set, detected flag not set, changes 0 Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Timers: hello 0, topology change 0, notification 0 Interface Fa0/3 (port 9) in Spanning tree 1 is down Port path cost 100, Port priority 128 Designated root has priority 32768, address 0008.a35e.12c0 Designated bridge has priority 32768, address 0008.a35e.12c0 Designated port is 9, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 1, received 0 한빛미디어 -14-

VLAN 의개념과시스코스위치설정 VLAN (1) [ 그림 ] VLAN(1) 한빛미디어 -15-

VLAN 의개념과시스코스위치설정 VLAN (2) VLAN을사용하는이유 VLAN 사용시의주의점 VLAN과브로드케스트 서로다른 VLAN간의통신 [ 그림 ] VLAN(2) 한빛미디어 -16-

VLAN 의개념과시스코스위치설정 트렁킹 [ 그림 ] 트렁킹 인캡슐레이션방법 (ISL & 802.1q) 한빛미디어 -17-

VLAN 의개념과시스코스위치설정 트렁킹 (2) [ 그림 ] ISL & 802.1q 인캡슐레이션 정의 VLAN 별 STP 네이티브 VLAN 802.1q IEEE 802.1s 동작 ISL 시스코 PVST+ 개념없음 한빛미디어 -18-

VLAN 의개념과시스코스위치설정 VTP 서버 (Server) 모드 클라이언트 (Client) 모드 트렌스페어런트 (Transparent) 모드 기 능 Server Client Transparent VLAN 설정 가능 불가능 가능 개별스위치의 VLAN 정보저장 저장 불가능 저장 VTP 메시지의처리방법 사용 사용 무시 스위치간의 VLAN 정보동기화 동기화 동기화 하지않음 한빛미디어 -19-

VLAN 의개념과시스코스위치설정 VTP Pruning [ 그림 ] VTP Pruning 한빛미디어 -20-

VLAN 의개념과시스코스위치설정 VLAN 설정 (1) [ 그림 ] VLAN 설정 (1) switch_a#vlan database switch_a(vlan)# vtp domain SCHOOL switch_a(vlan)# vtp pasword c1sc0 switch_a(vlan)# vlan 100 name teacher switch_a(vlan)# vlan 200 name student switch_a(vlan)# exit ( 다음장에 ) 한빛미디어 -21-

VLAN 의개념과시스코스위치설정 VLAN 설정 (2) switch_a# configure terminal switch_a(config)# interface fa0/2 switch_a(config-if)# switchport mode access switch_a(config-if)# switchport access vlan 100 switch_a(config-if)# interface fa0/3 switch_a(config-if)# switchport mode access switch_a(config-if)# switchport access vlan 200 switch_a(config-if)# interface fa0/4 switch_a(config-if)# switchport mode access switch_a(config-if)# switchport access vlan 200 switch_a(config-if)# interface fa0/0 switch_a(config-if)# switchport mode trunk switch_a(config-if)# exit 한빛미디어 -22-

VLAN 의개념과시스코스위치설정 VLAN 동작확인 (1) switch#show vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6, Fa0/7, Fa0/8, Fa0/9, Fa0/10, Fa0/11, Fa0/12 300 TEST active Fa0/1, Fa0/2 1002 fddi-default active 1003 trcrf-default active 1004 fddinet-default active 1005 trbrf-default active VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------ 1 enet 100001 1500 - - - - - 1002 1003 300 enet 100300 1500 - - - - - 0 0 1002 fddi 101002 1500 - - - - - 1 1003 1003 trcrf 101003 4472 1005 3276 - - srb 1 1002 1004 fdnet 101004 1500 - - 1 ibm - 0 0 1005 trbrf 101005 4472 - - 15 ibm - 0 0 한빛미디어 -23-

VLAN 의개념과시스코스위치설정 VLAN 동작확인 (2) switch#show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6, Fa0/7, Fa0/8, Fa0/9, Fa0/10, Fa0/11, Fa0/12 300 TEST active Fa0/1, Fa0/2 1002 fddi-default active 1003 trcrf-default active 1004 fddinet-default active 1005 trbrf-default active switch# switch#show vlan 300 VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 300 VLAN0300 active Fa0/1, Fa0/2 VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------ 300 enet 100300 1500 - - - - - 0 0 한빛미디어 -24-

VLAN 의개념과시스코스위치설정 show vtp status switch#show vtp status VTP Version : 2 Configuration Revision : 18 Maximum VLANs supported locally : 68 Number of existing VLANs : 18 VTP Operating Mode : Server VTP Domain Name : corp VTP Pruning Mode : Disabled VTP V2 Mode : Enabled VTP Traps Generation : Disabled MD5 digest : 0xBD 0x4D 0x95 0xAA 0xA7 0x6B 0xE6 0x4D Configuration last modified by 211.63.143.120 at 3-1-93 04:49:00 한빛미디어 -25-

VLAN 간라우팅설정 VLAN 과라우팅 (1) [ 그림 ] VLAN 간라우팅 한빛미디어 -26-

VLAN 간라우팅설정 VLAN 과라우팅 (2) SWITCH# SWITCH#vlan database SWITCH(vlan)#vlan database SWITCH(vlan)#vlan 100 SWITCH(vlan)#vlan 200 SWITCH(vlan)#vtp mode server SWITCH(vlan)#vtp domain cisco SWITCH(vlan)#exit! 스위치에 VLAN 100, 200을설정한다. SWITCH# SWITCH#conf t Enter configuration commands, one per line. End with CNTL/Z. SWITCH(config)#interface fa0/1 SWITCH(config-if)#switchport mode access SWITCH(config-if)#switchport access vlan 100 한빛미디어 -27-

VLAN 간라우팅설정 VLAN 과라우팅 (3) SWITCH(config)#interface fa0/2 SWITCH(config-if)#switchport mode access SWITCH(config-if)#switchport access vlan 100 SWITCH(config)#interface fa0/3 SWITCH(config-if)#switchport mode access SWITCH(config-if)#switchport access vlan 200 SWITCH(config)#interface fa0/4 SWITCH(config-if)#switchport mode access SWITCH(config-if)#switchport access vlan 200 SWITCH(config)#interface fa0/0 SWITCH(config-if)#switchport mode trunk! 스위치에 fa0/1, fa0/2 에 VLAN 100, fa0/3, fa0/4 VLAN 200, fa0/0 을트렁킹포트로설정한다. 한빛미디어 -28-

VLAN 간라우팅설정 VLAN 과라우팅 (4) ROUTER# ROUTER#conf t Enter configuration commands, one per line. End with CNTL/Z. ROUTER(config)#interface fa0/0 ROUTER(config-if)#no shut ROUTER(config-if)#exit! 스위치에메인인터페이스를 no shut 상태로설정한다. ROUTER(config)#interface fa0/0.10 ROUTER(config-subif)#encapsulation dot1q 100 ROUTER(config-subif)#ip address 10.0.0.1 255.255.255.0 ROUTER(config-subif)#interface fa0/0.20 ROUTER(config-subif)#encapsulation dot1q 200 ROUTER(config-subif)#ip address 11.0.0.1 255.255.255.0 ROUTER(config-subif)#exit! 서브인터페이스와 encapsulation 방법과 IP 주소를설정한다. (dot1q 는 IEEE 802.3q 를말한다 ) 한빛미디어 -29-