Add to collection(s) Add to saved
  1. No category
Uploaded by Ruslan Kuchaboyev

4

advertisement 
4-Amaliy ishi
Mavzu: VTP protokoli sozlash.
Ishdan maqsad: Lokal tarmoqda yaratilgan VLAN lar o‗rtasida
marshrutizatsiyani amalga oshirish va VTP protokolini ishlash tamoyili
bo`yicha amaliy ko`nikmaga ega bo`lish.
Ushbu laboratoriya ishi bo`yicha topshiriq 2 qismdan tashkil topgan.
1- topshiriq:
– Cisco Packet tracer muhitida lokal tarmoq yarating va
qurilmalarning bazaviy parametrlarini sozlang (5.2-rasm);
– Har bir kommutatorda VLAN ID yarating va kommutatorlar
o`rtasida trank rejimini sozlang;
– VLAN lar o'rtasida marshrutizatsiyani Router-on-a-Stick usuli
bo`yicha sozlang (5.3-rasm);
– Har bir kommutator konfiguratsiya natijalarini tahlil qiling.
2- topshiriq:
–
Qurilgan tarmoq bo`yicha VTP protokolini sozlang va
ishlash tamoyilini tushuntiring (5.4).
–
Har bir kommutator konfiguratsiya natijalarini tahlil qiling.
1 - topshiriq bo`yicha qisqacha nazariy ma‟lumot
Ma‗lumot uzatish tarmoqlarining samaradorligini oshirish va
xavfsizligini ta‗minlashda lokal tarmoqlarda VLAN lar tashkil etiladi.
VLAN tarmog`i fizik emas, mantiqiy bog`lanishga asoslangan bo`lib, lokal
tarmoqda qurilmalarni guruhlaydi. VLAN tarmog`i doirasidagi qurilmalar
guruhi xuddi qurilmalar bitta o`tkazgich yordamida ulangandek bo`ladi.
VLAN
tarmog`i
administratorga
foydalanuvchilarni
yoki
qurilmalarni qayerda joylashganligiga bog`liq bo`lmagan holda qo`llanilish
sohasi yoki loyihalash guruhi funktsiyasi bo`yicha segmentatsiyani amalga
oshirishga yordam beradi. Kommutatorning ixtiyoriy porti VLAN ga
tegishli bo`lishi mumkin. Bir adresli (unicast), ko`p adresli (multicast) va
keng eshittirishli (broadcast) paketlarni uzatish va qabul qilish faqat o`sha
VLAN doirasida bo`ladi. Har bir VLAN alohida mantiqiy tarmoq
hisoblanadi. VLAN ga tegishli bo`lmagan stantsiyalar paketlarni jo`natish
uchun marshrutizatorlar orqali uzatiladi.
VLAN tarmog`i LAN ning bir nechta segmentlarini qamrab oluvchi
mantiqiy keng eshittirishli (broadcast) domenni yaratadi. VLAN tarmog`i
quyidagi avzalliklarga ega:
Xavfsizlik:
muhim
ma`lumotlarga
ega
bo`lgan
guruhlarni
tarmoqning boshqa qismlaridan ajratiladi. Uning yordamida axborotni
maxfiyligini buzilish extimolligini kamaytiradi;
Xarajatlarni
kamaytirish:
o`tkazish
qobiliyatidan
samarali
foydalanish va qimmat tarmoq inrastrukturalari yangilanishini arzonligi;
Samaradorlikni oshirish: tarmoqni ikkinchi pog`onada bir nechta
mantiqiy guruhlarga bo`lish (keng eshittirishli domen) ortiqcha tarmoq
trafigini sonini kamaytiradi va samaradorlikni oshiradi;
Keng eshittirishli domenlarni kamaytiradi: tarmoqni VLANlarga
ajratish keng eshittirishli domendagi qurilmalar sonini kamaytiradi.
Аxborot texnologiyalari bo`limining samaradorligini oshirish:
VLAN
tarmog`i
tarmoqni
boshqarishni
soddalashtiradi.
Yangi
kommutatorni ekspluatatsiyaga kiritishda ko`rsatilgan portlarda kerakli
qoida
va
jarayonlarni
amalga
oshiradi.
Аxborot
texnologiyalari
mutaxassislari VLAN ga tegishli nom bilan tarmoqni funktsiyasini tezda
aniqlashadi.
Har bir VLAN tarmoqda qaysidir bir IP tarmoqqa tegishli bo`ladi.
VLAN ni loyihalashda tarmoq adreslashining ierarxik tizimini amalga
oshirishni inobatga olish lozim. Ierarxik adreslash degenda tarmoqni to`liq
ishlashida VLAN tarmog`i yoki IP tarmoqning segmentlarini tartibli
berilgan raqamlanishi tushiniladi.
Vlan tarmoqlari asosan 2 xil diapazoda bo`ladi:
1. Standart – 1 dan 1005 gacha
2. Kengaytirilgan – 1006 dan 4094 gacha
Kommutator portlari VlAN 1 ga oldindan biriktirilgan bo`ladi (default vlan,
native vlan = 1)
5.1-rasm. VLAN 1 ga biriktirilgan portlar ro‗yxati
1 topshiriq bo`yicha laboratoriya ishini bajarish tartibi
5.2-rasmda
ko`rsatilgan
topologiya
bo`yicha
kommutatorlar uchun asosiy konfiguratsiyalarni sozlang.
Sw1,
Sw2
5.2-rasm. VLAN tarmog`i asosida tuzilgan tarmoq topologiyasi
5.1-jadval
Qurilma
IP-manzil
Gateway
VLAN ID
Interface
Laptop0
192.168.10.1 192.168.10.254
vlan 10
Fa0/1
Port
rejimlari
Access
Laptop1
192.168.10.2 192.168.10.254
vlan 10
Fa0/2
Access
Laptop2
192.168.30.1 192.168.30.254
vlan 30
Fa0/5
Access
Laptop3
192.168.30.2 192.168.30.254
vlan 30
Fa0/6
Access
Laptop4
192.168.20.1 192.168.20.254
vlan 20
Fa0/3
Access
Laptop5
192.168.20.2 192.168.20.254
vlan 20
Fa0/4
Access
Laptop6
192.168.10.3 192.168.10.254
vlan 10
Fa0/1
Access
Laptop7
192.168.10.4 192.168.10.254
vlan 10
Fa0/2
Access
Laptop8
192.168.20.3 192.168.20.254
vlan 20
Fa0/3
Access
Laptop9
192.168.20.4 192.168.20.254
vlan 20
Fa0/4
Access
Laptop10
192.168.30.3 192.168.30.254
vlan 30
Fa0/5
Access
Laptop11
192.168.30.4 192.168.30.254
vlan 30
Fa0/6
Access
SW1
-
-
Vlan
10,20,30
Fa0/7
Trunk
SW2
-
-
Vlan
10,20,30
Fa0/7
Trunk
Sw1 va Sw2 kommutatorlarda VLAN (10, 20, 30) yaratish va unga
mos ravishda nom berilishi (bugalteriya, student, dekanat).
Switch>enable
Switch#conf terminal
Switch(config)#hostname Sw1
Sw1(config)#vlan 10
Sw1(config-vlan)#name bugalteriya
Sw1(config-vlan)#exit
Sw1(config)#vlan 20
Sw1(config-vlan)#name student
Sw1(config-vlan)#exit
Sw1(config)#vlan 30
Sw1(config-vlan)#name dekanat
Sw1(config-vlan)#exit
Switch>enable
Switch#conf terminal
Switch(config)#hostname Sw2
Sw2(config)#vlan 10
Sw2(config-vlan)#name bugalteriya
Sw2(config-vlan)#exit
Sw2(config)#vlan 20
Sw2(config-vlan)#name student
Sw2(config-vlan)#exit
Sw2(config)#vlan 30
Sw2(config-vlan)#name dekanat
Sw2(config-vlan)#exit
Switch da yaratilgan Vlanlarni ko`rish
Kommutator portlarini Vlan ID larga
biriktirish
Sw1(config)#interface fastEthernet 0/1
Sw1(config-if)#switchport mode access
Sw1(config-if)#switchport access vlan 10
Sw1(config-if)#exit
Sw1(config)#interface fastEthernet 0/2
Sw1(config)#interface fastEthernet 0/3
Sw1(config-if)#switchport mode access
Sw1(config-if)#switchport access vlan 20
Sw1(config-if)#exit
Sw1(config)#interface fastEthernet 0/4 Sw1(config-if)#switchport
mode access
Sw1(config-if)#switchport access vlan 20
Sw1(config-if)#exit
Sw1(config)#interface fastEthernet 0/5
Sw1(config-if)#switchport mode access
Sw1(config-if)#switchport access vlan 30
Sw1(config-if)#exit
Sw1(config)#interface fastEthernet 0/6
Sw1(config-if)#switchport mode access
Sw1(config-if)#switchport access vlan 30
Sw1(config-if)#exit
Sw2(config)#interface fastEthernet 0/1
Sw2(config-if)#switchport mode access
Sw2(config-if)#switchport access vlan 10
Sw2(config-if)#exit
Sw2(config)#interface fastEthernet 0/2
Sw2(config)#interface fastEthernet 0/3
Sw2(config-if)#switchport mode access
Sw2(config-if)#switchport access vlan 20
Sw2(config-if)#exit
Sw2(config)#interface fastEthernet 0/4
Sw2(config-if)#switchport mode access
Sw2(config-if)#switchport access vlan 20
Sw2(config-if)#exit
Sw2(config)#interface fastEthernet 0/5
Sw2(config-if)#switchport mode access
Sw2(config-if)#switchport access vlan 30
Sw2(config-if)#exit
Sw2(config)#interface fastEthernet 0/6
Sw2(config-if)#switchport mode access
Sw2(config-if)#switchport access vlan 30
Sw2(config-if)#exit
Sw1 va Sw2 kommutatorlar o`rtasida trunk rejimini sozlash va
magistral liniya bo`yicha aniq VLAN ID ta‗yinlash.
Sw1(config)#interface fastEthernet 0/7
Sw1(config-if)#switchport mode trunk
Sw1(config-if)#switchport trunk allowed vlan 10,20,30
Sw1(config-if)#end
Sw1#show running-config
Yuqorida keltirilgan buyruq bitta kommutatorga sozlansa yetarli
boladi, sababi 2 chi kommutator 1 chi kommutatorga ulangan interfeysini
(fa0/7) avtomatik trank rejimini o`tkazadi
VLAN lar o„rtasida marshrutizatsiyani sozlash
Lokal
tarmoqda
yaratilgan
VLAN
lar
o'rtasida
marshrutizatsiyani sozlashning 3 xil usuli mavjud:
- Demonstrating the legacy inter-VLAN routing.
- Router-on-a-Stick
- Switch Based Inter Vlan Routing
Bu laboratoriya ishida VLAN lar o'rtasida marshrutizatsiyani Routeron-a- stick (ROS) usulidan foydalanamiz.
5.3-rasm. VLAN o'rtasida marshrutizatsiyalashning ROS usuli
Sw1(config)#interface fastEthernet 0/8
Sw1(config-if)#switchport mode trunk
Router>enable
Router#conf t
Router(config)#interface fastEthernet 0/1
Router(config-if)#no shutdown
Router(config)#interface fastEthernet 0/1.10
Router(config-subif)#encapsulation dot1Q 10
Router(config-subif)#ip address 192.168.10.254 255.255.255.0
Router(config-subif)#exit
Router(config)#interface fastEthernet 0/1.20
Router(config-subif)#encapsulation dot1Q 20
Router(config-subif)#ip address 192.168.20.254 255.255.255.0
Router(config-subif)#exit
Router(config)#interface fastEthernet 0/1.30
Router(config-subif)#encapsulation dot1Q 30
Router(config-subif)#ip address 192.168.30.254 255.255.255.0
Router(config-subif)#exit
2 - topshiriq bo`yicha qisqacha nazariy ma‟lumot
VTP (ingliz. VLAN Trunking Protocol) - lokal hisoblash tarmog`i
protokoli bo`lib, tanlangan trank portda VLAN haqida axborot almashish
uchun xizmat qiladi. VTP – vlan larni dinamik tarzda sinxronizatsiyalash
uchun ishlatiladi; 3 xil rejimi mavjud:
1.Client – VLAN larni o`zgartirish, o`chirish, yaratish mumkin emas;
2.Transparent
–
bunda, switch
da sinxronizatsiya amalga
oshirilmaydi, switch faqat o`tkazuvchi vazifasini bajaradi;
3. Server – VLAN bilan istalgan funktsiyalarni bajarish mumkin;
Vtp serverda vlan yaratiladi Clientlar avtomatik serverda yaratilgan
VLAN larni qabul qiladi. Xavfsizlik ta 'minlash maqsadida bu protokolda
Client switch vlan yarata olmaydi, faqat foydalanuvchilarni o`zlariga
biriktira oladi. Tarmoqda qandaydir o‗zgarish yuz bersa (masalan yangi
vlan qo`shilishi yoki olib tashlash) faqat VTP server orqali amalga
oshiriladi.
VTP-da uchta xabar turi mavjud:
1. Advertisement requests
Summary Advertisement Alert uchun mijozdan serverga so'rov
taqdim etadi
2. Summary advertisements
Ushbu standart xabar server har 5 daqiqada yoki konfiguratsiyani
o'zgartirgandan so'ng darhol yuboradi.
3. Subset advertisements
VLAN
konfiguratsiyasini
o'zgartirgandan
so'ng,
shuningdek,
ogohlantirish so'rovidan keyin darhol yuboriladi.
VLAN ma'lumotlar bazasining yangi versiyasi serverdan olgan mijoz
uni boshqa barcha trank portlarga uzatadi, agar uning orqasida yana VTP
Client lari va VTP Transparent lari bo`lsa, ular ham ushbu yangilanishlarni
oladi. VTP protokolining bazaviy sozlamasi switch(config)#vtp mode - bu
yerda kerakli rejim tanlanadi: server, client,
transparent yoki off.
Protokol versiyasi tanlanadi:
Switch(config)# vtp version 2
Domen va parol kiritiladi:
Switch(config)# vtp domain - domen nomi
Switch(config)# vtp password parol [hidden | secret]
Kerakli rejimga o‘tiladi:
Switch(config)# vtp mode server | client | transparent | off
Yuqoridagi buyruqlardan so‘ng VTP yoqiladi, biroq, zarur vaqtda uni
ma’lum bir interfeyslarda o‘chirib qo‘yish ham mumkin:
Switch(config-if) # no vtp
Protokol sozlamalarini ko‘rish uchun quyidagi buyruqlarni kiritish
kerak:
Switch# show vtp status
Switch# show vtp devices
Switch# show vtp interface
Ishni bajarish tartibi
5.4-rasmda keltirilgan topologiyani yarating. O'zingiz uchun
topologiyadagi qaysi kommutatorlar Client, Transparent, Server ekanligini
belgilab oling.
5.4-rasm. VTP bo`yicha tuzilgan tarmoq topologiyasi
VTP SERVER
Switch(config)#vtp version 2
Switch(config)#vtp mode server
Switch(config)#vtp domain tuit
Switch(config)#vtp password cisco
Switch(config)#vlan 10
Switch(config)#name student
Switch(config-vlan)#exit
Switch(config)#vlan 20
Switch(config)#name kafedra
Switch(config-vlan)#exit
Switch(config)#vlan 30
Switch(config-vlan)#name test
Switch(config-vlan)#exit
Switch(config)#interface range fastEth 0/1-2
Switch(config-if-range)#switchport mode trunk
VTP Transparent
Switch(config)#vtp version 2
Switch(config)#vtp mode transparent
Switch(config)#vtp domain tuit
Switch(config)#vtp password cisco
Switch(config)#vlan 10
Switch(config)#name student
Switch(config-vlan)#exit
Switch(config)#vlan 20
Switch(config)#name kafedra
Switch(config-vlan)#exit
Switch(config)#vlan 30
Switch(config-vlan)#name test
Switch(config-vlan)#exit
Switch(config)#interface fastEthernet 0/2
Switch(config-if-range)#switchport mode trunk
VTP client
Switch(config)#vtp version 2
Switch(config)#vtp mode client
Switch(config)#vtp domain tuit
Switch(config)#vtp password cisco
Switch(config)#interface fastEthernet 0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10
Switch(config-if)#exit
Switch(config)#interface fastEthernet 0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 20
Switch(config-if)#exit
Switch(config)#interface fastEthernet 0/4 Switch(config-if)#switchport
mode access
Switch(config-if)#switchport access vlan 30
Switch(config-if)#exit
Transparent switch natijalari
Client switch natijalari
Nazorat
savollari 1. VLAN adreslar diapazoni
qancha?
2. Bitta kommutator qurilmasida nechtagacha vlan ID yaratish
mumkin?
3. Vlan lar o`rtasida marshrutizatsiyaning qanday usullari mavjud.
4. VTP da client switch nimani anglatadi?
5. VTP da server switch nimani anglatadi?
6. VTP da transparent switch nimani anglatadi?
7. Qaysi turdagi switch asosiy tashabbuskor hisoblanadi?
Download
advertisement