运行 CatOS 的 Catalyst 交换机之间的 802.1Q 中继

下载选项

PDF (346.4 KB)
在各种设备上使用 Adobe Reader 查看
ePub (142.5 KB)
在 iPhone、iPad、Android、Sony Reader 或 Windows Phone 上使用各种应用查看
Mobi (Kindle) (129.1 KB)
在 Kindle 设备上查看或在多个设备上使用 Kindle 应用查看

已更新: 2007 年 11 月 17 日

文档 ID:8757

非歧视性语言

此产品的文档集力求使用非歧视性语言。在本文档集中，非歧视性语言是指不隐含针对年龄、残障、性别、种族身份、族群身份、性取向、社会经济地位和交叉性的歧视的语言。由于产品软件的用户界面中使用的硬编码语言、基于 RFP 文档使用的语言或引用的第三方产品使用的语言，文档中可能无法确保完全使用非歧视性语言。深入了解思科如何使用包容性语言。

关于此翻译

思科采用人工翻译与机器翻译相结合的方式将此文档翻译成不同语言，希望全球的用户都能通过各自的语言得到支持性的内容。请注意：即使是最好的机器翻译，其准确度也不及专业翻译人员的水平。 Cisco Systems, Inc. 对于翻译的准确性不承担任何责任，并建议您总是参考英文原始文档（已提供链接）。

简介

本文档提供运行Catalyst OS(CatOS)的Catalyst 5500和5000交换机之间802.1Q(dot1q)中继的示例配置。所有运行CatOS的Catalyst 4000，5000或6000系列成员可以用于此方案，以获得相同结果。

中继在单条链路上运载多个VLAN数据流，并使您能够将VLAN延伸到整个网络中。实施以太网中继的方法有如下两种：

交换机间链路 (ISL) 协议 - ISL 是 Cisco 所有的中继封装。有关 ISL 的详细信息，请参阅交换机间链路帧格式。
802.1Q（IEEE 标准） - 802.1Q 是工业标准的中继封装。有关 802.1Q 的详细信息，请参阅使用 802.1Q 封装在 Catalyst 4000、5000 和 6000 系列交换机之间建立中继干线。

开始使用前

先决条件

本文档说明 CatOS 交换机的配置文件和相关 show 命令示例的输出。如果需要在Catalyst交换机之间配置802.1q中继的详细资料，请参见以下文件：

使用802.1Q封装的Catalyst 4000、5000和6000系列交换机之间的中继

使用的组件

为了在本文档中创建实例，我们在实验室环境中使用带有清除（缺省）配置的以下交换机：

运行 Catalyst OS 6.4(2) 软件的 Catalyst 5500 交换机
运行 Catalyst OS 6.4(2) 软件的 Catalyst 6500 交换机

使用clear config all命令，清除所有设备上的配置，以确保它们都使用默认配置。

本文档中的信息都是基于特定实验室环境中的设备创建的。本文档中使用的所有设备最初均采用原始（默认）配置。如果您是在真实网络上操作，请确保您在使用任何命令前已经了解其潜在影响。

背景理论

请注意以下提示：

Catalyst 4000 系列交换机（包括 Catalyst 2948G 和 Catalyst 2980G）只支持 802.1Q 中继，而不支持 ISL 中继。有关详细信息，请参阅实施中继的系统要求。
Catalyst 6000/6500上的所有以太网端口支持802.1Q和ISL封装（10千兆以太网交换模块除外，它不支持ISL）。
根据模块，支持Catalyst 5000中继的端口只支持ISL封装，或同时支持ISL和802.1Q。验证这一点的最佳方式是发出 show port capabilities 命令。明确地陈述了中继容量。例如：

cat5509> show port capabilities 2/1
Model                    WS-X5550
Port                     2/1
Type                     1000BaseSX
Speed                    1000
Duplex                   full
Trunk encap type         802.1Q,ISL

!-- This particular port supports both 802.1Q and ISL.

Trunk mode               on,off,desirable,auto,nonegotiate
Channel                  no
Broadcast suppression    percentage(0-100)
Flow control             receive-(off,on,desired),send-(off,on,desired)
Security                 no
Dot1x	                   yes
Membership               static
Fast start               yes
QOS scheduling           rx-(none),tx-(none)
CoS rewrite              no
ToS rewrite              no
Rewrite                  no
UDLD                     yes
AuxiliaryVlan            no
SPAN                     source,destination
cat5509> (enable)

有关中继的系统要求，请参阅实施中继的系统要求。

确保整个中继链路范围内的中继模式匹配。如果链路的一端配置为ISL中继线，那么链路的另一端也应该配置为ISL。同样地，如果链路一端配置为802.1Q，那么链路另一端应该配置为802.1Q。
在 802.1Q 中继中，除了本地 VLAN 数据包以外，所有 VLAN 的数据包都在中继链路上进行标记。本地 VLAN 数据包将不带标记在中继链路上发送。因此，这两种已配置用于中继的交换机上的本地 VLAN 应该是相同的。这样，在收到没有标签的帧时，我们就能推导出帧应该属于哪个VLAN。默认情况下，VLAN 1 是所有交换机上的本地 VLAN。
- 在 CatOS 中，可通过发出 set vlan vlan-id mod/port 命令（其中 mod/port 为中继端口）更改本地 VLAN。

有关详细信息，请参阅使用 802.1Q 封装在 Catalyst 4000、5000 和 6000 系列交换机之间建立中继干线。

配置

本部分提供有关如何配置本文档所述功能的信息。

注：要查找有关本文档中使用的命令的其他信息，请使用命令查找工具(仅注册客户)。

配置

本文档使用如下所示的配置。

注：输出之间的注释以蓝色斜体添加。

Catalyst 5509
Catalyst 6500

Catalyst 5509
#version 6.4(2) ! set option fddi-user-pri enabled set password $2$q.J7$O5n.pwx7aEC6NHWJfXadx1 set enablepass $2$o.h/$bAxfjJ4XUA/RMUHqBr1YQ0 ! #errordetection set errordetection portcounter enable ! #system set system name cat5509 ! #frame distribution method set port channel all distribution mac both ! #vtp !--- In this example, the VTP mode is set to be transparent. !--- Depending on your network, set the VLAN Trunking Protocol (VTP) !--- mode accordingly. set vtp mode transparent !--- For details on VTP, refer to Configuring VTP on Catalyst Switches. set vlan 1 name default type ethernet mtu 1500 said 100001 state active set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state active stp ieee set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state active stp ibm set vlan 2 set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state acti ve mode srb aremaxhop 7 stemaxhop 7 backupcrf off ! #ip !--- IP address used for management. set interface sc0 1 10.10.10.2/255.255.255.0 10.10.10.255 ! #set boot command set boot config-register 0x2102 set boot system flash slot0:cat5000-supg.6-4-2.bin ! # default port status is enable ! ! #module 1 empty ! #module 2 : 2-port 1000BaseX Supervisor IIIG !--- The dot1q trunking mode is set to on. Depending on your network !--- and requirements, set the trunking mode accordingly. set trunk 2/1 on dot1q 1-1005 !--- For details on different trunking modes, refer to !--- Configuring VLAN Trunks on Fast Ethernet and Gigabit Ethernet Ports. ! #module 3 empty ! #module 4 empty #module 5 : 24-port 10/100BaseTX Ethernet !--- Ports 5/3-24 have been assigned to VLAN 2. set vlan 2 5/3-24 !--- Portfast has been enabled on the ports connected to the workstations. set spantree portfast 5/2-24 enable !--- For details on why to enable portfast,refer to !--- Using PortFast and Other Commands to Fix Workstation Startup Connectivity Delays. ! #module 6 empty ! !--- Output suppressed. end

Catalyst 5509

#version 6.4(2)
!
set option fddi-user-pri enabled
set password $2$q.J7$O5n.pwx7aEC6NHWJfXadx1
set enablepass $2$o.h/$bAxfjJ4XUA/RMUHqBr1YQ0
!
#errordetection
set errordetection portcounter enable
!
#system
set system name cat5509
!
#frame distribution method
set port channel all distribution mac both
!
#vtp

!--- In this example, the VTP mode is set to be transparent. !--- Depending on your network, set the VLAN Trunking Protocol (VTP) !--- mode accordingly.

set vtp mode transparent

!--- For details on VTP, refer to Configuring VTP on Catalyst Switches.

set vlan 1 name default type ethernet mtu 1500 said 100001 state active
set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active
set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state active stp ieee
set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state active stp ibm
set vlan 2
set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state acti
ve mode srb aremaxhop 7 stemaxhop 7 backupcrf off
!
#ip

!--- IP address used for management.

set interface sc0 1 10.10.10.2/255.255.255.0 10.10.10.255

!
#set boot command
set boot config-register 0x2102
set boot system flash slot0:cat5000-supg.6-4-2.bin
!
# default port status is enable
!
!
#module 1 empty
!
#module 2 : 2-port 1000BaseX Supervisor IIIG

!--- The dot1q trunking mode is set to on. Depending on your network !--- and requirements, set the trunking mode accordingly.

set trunk 2/1 on dot1q 1-1005

!--- For details on different trunking modes, refer to !--- Configuring VLAN Trunks on Fast Ethernet and Gigabit Ethernet Ports.

!
#module 3 empty
!
#module 4 empty

#module 5 : 24-port 10/100BaseTX Ethernet

!--- Ports 5/3-24 have been assigned to VLAN 2.

set vlan 2 5/3-24

!--- Portfast has been enabled on the ports connected to the workstations.

set spantree portfast 5/2-24 enable

!--- For details on why to enable portfast,refer to !--- Using PortFast and Other Commands to Fix Workstation Startup Connectivity Delays.

!
#module 6 empty
!

!--- Output suppressed.

end

Catalyst 6500
#Version 6.4(2) ! set option fddi-user-pri enabled set password $2$J75L$Ug4163kfeHTDcLJZ/L9es1 set enablepass $2$h/BN$i3S54iNvIXknFelh6gOve0 ! #errordetection set errordetection portcounter enable ! #system set system name cat6500 ! #frame distribution method set port channel all distribution Mac both ! #vtp !--- In this example, the VTP mode is set to be transparent. !--- Depending on your network, set the VTP mode accordingly. set vtp mode transparent !--- For details on VTP, refer to !--- Configuring VTP on Catalyst Switches. set vlan 1 name default type ethernet mtu 1500 said 100001 state active set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active !--- The lines below are wrapped around for display reasons. set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state active stp IEEE set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state active stp IBM set vlan 2 set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state active mode srb aremaxhop 7 stemaxhop 7 backupcrf off ! #ip !--- IP address used for management. set interface sc0 1 10.10.10.3/255.255.255.0 10.10.10.255 ! #set boot command set boot config-register 0x2102 set boot system flash slot0:cat6000-sup2.6-4-2.bin ! # default port status is enable ! ! #module 1 : 2-port 1000BaseX Supervisorset module name 1 ! #module 2 : 12-port 10/100BaseTX Ethernet ! #module 3 : 8-port 1000BaseX Ethernet set module name 3 !--- The dot1q trunking mode is set to on. Depending on your network !--- and requirements, set the trunking mode accordingly. set trunk 3/1 on dot1q 1-1005,1025-4094 !--- For details on different trunking modes, refer to !--- Configuring VLAN Trunks on Fast Ethernet and Gigabit Ethernet Ports. ! #module 4 : 48-port 10/100BaseTX Ethernet !--- Ports 4/3-24 have been assigned to VLAN 2. set vlan 2 4/3-48 !--- Portfast has been enabled on the ports connected to the workstations. set spantree portfast 4/2-48 enable !--- For details on why to enable portfast, refer to !--- Using PortFast and Other Commands to Fix Workstation Startup Connectivity Delays. ! #module 5 : 12-port 10BaseFL Ethernet end !--- Output suppressed.

Catalyst 6500

#Version 6.4(2)
!
set option fddi-user-pri enabled
set password $2$J75L$Ug4163kfeHTDcLJZ/L9es1
set enablepass $2$h/BN$i3S54iNvIXknFelh6gOve0
!
#errordetection
set errordetection portcounter enable
!
#system
set system name cat6500
!
#frame distribution method
set port channel all distribution Mac both
!
#vtp

!--- In this example, the VTP mode is set to be transparent. !--- Depending on your network, set the VTP mode accordingly.

set vtp mode transparent

!--- For details on VTP, refer to !--- Configuring VTP on Catalyst Switches.

set vlan 1 name default type ethernet mtu 1500 said 100001 state active
set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active

!--- The lines below are wrapped around for display reasons.

set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state active stp IEEE
set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state
active stp IBM
set vlan 2
set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state
active mode srb aremaxhop 7 stemaxhop 7 backupcrf off
!
#ip

!--- IP address used for management.

set interface sc0 1 10.10.10.3/255.255.255.0 10.10.10.255

!
#set boot command
set boot config-register 0x2102
set boot system flash slot0:cat6000-sup2.6-4-2.bin
!
# default port status is enable
!
!
#module 1 : 2-port 1000BaseX Supervisorset module name 1
!
#module 2 : 12-port 10/100BaseTX Ethernet
!
#module 3 : 8-port 1000BaseX Ethernet

set module name 3

!--- The dot1q trunking mode is set to on. Depending on your network !--- and requirements, set the trunking mode accordingly.

set trunk 3/1 on dot1q 1-1005,1025-4094

!--- For details on different trunking modes, refer to !--- Configuring VLAN Trunks on Fast Ethernet and Gigabit Ethernet Ports.

!
#module 4 : 48-port 10/100BaseTX Ethernet

!--- Ports 4/3-24 have been assigned to VLAN 2.

set vlan 2 4/3-48

!--- Portfast has been enabled on the ports connected to the workstations.

set spantree portfast 4/2-48 enable

!--- For details on why to enable portfast, refer to !--- Using PortFast and Other Commands to Fix Workstation Startup Connectivity Delays.

!
#module 5 : 12-port 10BaseFL Ethernet
end

!--- Output suppressed.

验证

本部分所提供的信息可用于确认您的配置是否正常工作。

命令输出解释程序工具（仅限注册用户）支持某些 show 命令，使用此工具可以查看对 show 命令输出的分析。

show port capabilities module/port
show port module/port
show trunk
show vtp domain

show 命令输出示例

Catalyst 5509 交换机

以下是用于验证中继配置的一些命令：

show port capabilities module/port - 个命令用于检查端口是否能够进行继。

cat5509> (enable)  show port capabilities 2/1
Model                    WS-X5550
Port                     2/1
Type                     1000BaseSX
Speed                    1000
Duplex                   full
Trunk encap type         802.1Q,ISL

!--- This particular port supports both 802.1Q and ISL

Trunk mode               on,off,desirable,auto,nonegotiate
Channel                  no
Broadcast suppression    percentage(0-100)
Flow control             receive-(off,on,desired),send-(off,on,desired)
Security                 no
Dot1x                    yes
Membership               static
Fast start               yes
QOS scheduling           rx-(none),TX(1q4t)
COs rewrite              no
ToS rewrite              no
Rewrite                  no
UDLD                     yes
AuxiliaryVlan            no
SPAN                     source,destination
cat5509> (enable)

show port [module/port] - 此命令告知特定端口的状态，无论是否建立中继。

cat5509> (enable) show port 2/1
Port  Name               Status     Vlan       Level  Duplex Speed Type
----- ------------------ ---------- ---------- ------ ------ ----- ------------
2/1                     connected  trunk      normal   full  1000 1000BaseSX

Port   Trap      IfIndex
-----  --------  -------
 2/1   disabled  47          


Port     Broadcast-Limit Broadcast-Drop
-------- --------------- --------------
 2/1                   -              0

Port  Send FlowControl  Receive FlowControl   RxPause    TxPause    Unsupported
      admin    oper     admin     oper                              opcodes
----- -------- -------- --------- ---------   ---------- ---------- -----------
 2/1  desired  off      off       off         0          0          0

Port  Align-Err  FCS-Err    Xmit-Err   Rcv-Err    UnderSize
----- ---------- ---------- ---------- ---------- ---------
 2/1           0          0          0          2         0

Port  Single-Col Multi-Coll Late-Coll  Excess-Col Carri-Sen Runts     Giants
----- ---------- ---------- ---------- ---------- --------- --------- ---------
 2/1           0          0          0          0         0         0         -

!--- Output suppressed.

show trunk - 此命令用于验证中继状态和配置。

cat5500> (enable) show trunk
* - indicates vtp domain mismatch
Port      Mode         Encapsulation  Status        Native vlan
--------  -----------  -------------  ------------  -----------
 4/1      on           dot1q          trunking      1
 
Port      Vlans allowed on trunk
--------  ---------------------------------------------------------------------
 4/1      1-1005
 
Port      Vlans allowed and active in management domain
--------  ---------------------------------------------------------------------
 4/1      1-2
 
Port      Vlans in spanning tree forwarding state and not pruned
--------  ---------------------------------------------------------------------
 4/1      1-2

show vtp domain - 此命令用于检查 VTP 信息。

cat5500> (enable) show vtp domain
Domain Name                      Domain Index VTP Version Local Mode  Password
-------------------------------- ------------ ----------- ----------- ----------
                                 1            2           Transparent -

Vlan-count Max-vlan-storage Config Revision Notifications
---------- ---------------- --------------- -------------
6          1023             0               disabled

Last Updater    V2 Mode  Pruning  PruneEligible on Vlans
--------------- -------- -------- -------------------------
10.10.10.2      disabled disabled 2-1000

如果您得到来自 Cisco 设备的 show-tech support 命令输出，可以使用命令输出解释程序（仅限注册用户）显示潜在问题和解决方法。

Catalyst 6500 交换机