各位老大,小弟最近出了点问题,大概是是酱紫:
架构:我们公司有DHCP服务器,然后有很多个车间,每个车间单独一个VLAN,每个VLAN用一段IP,例如注塑车间为VLAN6用的是192.168.6.0网段操作:最近车间搬迁,和其他车间公用一个车间,但为了不影响某些固定IP的设备,就在交换机上分为VLAN6和VLAN7两段,但就是这种简单的操作却出了问题故障:搬迁后,公司内的电脑经常无法获得IP地址,有些其他VLAN的交换机下的设备自动获取到的IP也有可能是VLAN6或者VLAN7的IP或者也无法获取IP,感觉整个公司的VLAN 都混乱了寻找了好久,都没发现问题,以下是有改动的交换机配置:
<H3C>dis cu
#
version 7.1.070, Release 6111P05
#
sysname H3C
#
clock protocol none
#
telnet server enable
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 1 priority 1
#
lldp global enable
#
password-recovery enable
#
vlan 1
#
vlan 5 to 7
#
stp global enable
#
interface NULL0
#
interface Vlan-interface7
ip address 192.168.7.3 255.255.255.0
#
interface GigabitEthernet1/0/1
port access vlan 7
#
interface GigabitEthernet1/0/2
port access vlan 7
#
interface GigabitEthernet1/0/3
port access vlan 7
#
interface GigabitEthernet1/0/4
port access vlan 7
#
interface GigabitEthernet1/0/5
port access vlan 7
#
interface GigabitEthernet1/0/6
port access vlan 7
#
interface GigabitEthernet1/0/7
port access vlan 7
#
interface GigabitEthernet1/0/8
port access vlan 7
#
interface GigabitEthernet1/0/9
port access vlan 7
#
interface GigabitEthernet1/0/10
port access vlan 7
#
interface GigabitEthernet1/0/11
port access vlan 7
#
interface GigabitEthernet1/0/12
port access vlan 7
#
interface GigabitEthernet1/0/13
port access vlan 7
#
interface GigabitEthernet1/0/14
port access vlan 7
#
interface GigabitEthernet1/0/15
port access vlan 7
#
interface GigabitEthernet1/0/16
port access vlan 6
#
interface GigabitEthernet1/0/17
port access vlan 6
#
interface GigabitEthernet1/0/18
port access vlan 6
#
interface GigabitEthernet1/0/19
port access vlan 6
#
interface GigabitEthernet1/0/20
port access vlan 6
#
interface GigabitEthernet1/0/21
port access vlan 6
#
interface GigabitEthernet1/0/22
port access vlan 6
#
interface GigabitEthernet1/0/23
port access vlan 6
#
interface GigabitEthernet1/0/24
port access vlan 6
#
interface GigabitEthernet1/0/25
port link-type trunk
port trunk permit vlan all
port trunk pvid vlan 7
undo stp enable
#
interface GigabitEthernet1/0/26
#
interface GigabitEthernet1/0/27
#
interface GigabitEthernet1/0/28
#
scheduler logfile size 16
#
line class aux
user-role network-admin
#
line class vty
user-role network-operator
#
line aux 0
user-role network-admin
#
line vty 0 4
authentication-mode scheme
user-role level-3
user-role network-operator
set authentication password hash $h$6$KV7/jTGHfsGEPSAZ$u9tyHSJI/XEdfedHFM5P1HTsXStwGyZ0Vxt6KZDo8NGOVSdQLDiHgyGm/IOOmdMX5eTY9LjaaSqUyxSbqscAlw==
#
line vty 5 63
user-role network-operator
#
ip route-static 0.0.0.0 0 192.168.7.1
#
radius scheme system
user-name-format without-domain
#
domain system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
local-user admin class manage
password hash $h$6$EMsIWgQ5Mj5xtNdB$4VGnQ9gw2rWjlp/1FwX4mimVWCpTL2YtVVyJ4JU59XbBR2Sk4NihOFMz96cuRbkayv4DSLR46hlpSbe4qHKUhg==
service-type telnet
authorization-attribute user-role 3
authorization-attribute user-role network-admin
#
return现在只能勉强让他们手动IP先。急急急呀
架构:我们公司有DHCP服务器,然后有很多个车间,每个车间单独一个VLAN,每个VLAN用一段IP,例如注塑车间为VLAN6用的是192.168.6.0网段操作:最近车间搬迁,和其他车间公用一个车间,但为了不影响某些固定IP的设备,就在交换机上分为VLAN6和VLAN7两段,但就是这种简单的操作却出了问题故障:搬迁后,公司内的电脑经常无法获得IP地址,有些其他VLAN的交换机下的设备自动获取到的IP也有可能是VLAN6或者VLAN7的IP或者也无法获取IP,感觉整个公司的VLAN 都混乱了寻找了好久,都没发现问题,以下是有改动的交换机配置:
<H3C>dis cu
#
version 7.1.070, Release 6111P05
#
sysname H3C
#
clock protocol none
#
telnet server enable
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 1 priority 1
#
lldp global enable
#
password-recovery enable
#
vlan 1
#
vlan 5 to 7
#
stp global enable
#
interface NULL0
#
interface Vlan-interface7
ip address 192.168.7.3 255.255.255.0
#
interface GigabitEthernet1/0/1
port access vlan 7
#
interface GigabitEthernet1/0/2
port access vlan 7
#
interface GigabitEthernet1/0/3
port access vlan 7
#
interface GigabitEthernet1/0/4
port access vlan 7
#
interface GigabitEthernet1/0/5
port access vlan 7
#
interface GigabitEthernet1/0/6
port access vlan 7
#
interface GigabitEthernet1/0/7
port access vlan 7
#
interface GigabitEthernet1/0/8
port access vlan 7
#
interface GigabitEthernet1/0/9
port access vlan 7
#
interface GigabitEthernet1/0/10
port access vlan 7
#
interface GigabitEthernet1/0/11
port access vlan 7
#
interface GigabitEthernet1/0/12
port access vlan 7
#
interface GigabitEthernet1/0/13
port access vlan 7
#
interface GigabitEthernet1/0/14
port access vlan 7
#
interface GigabitEthernet1/0/15
port access vlan 7
#
interface GigabitEthernet1/0/16
port access vlan 6
#
interface GigabitEthernet1/0/17
port access vlan 6
#
interface GigabitEthernet1/0/18
port access vlan 6
#
interface GigabitEthernet1/0/19
port access vlan 6
#
interface GigabitEthernet1/0/20
port access vlan 6
#
interface GigabitEthernet1/0/21
port access vlan 6
#
interface GigabitEthernet1/0/22
port access vlan 6
#
interface GigabitEthernet1/0/23
port access vlan 6
#
interface GigabitEthernet1/0/24
port access vlan 6
#
interface GigabitEthernet1/0/25
port link-type trunk
port trunk permit vlan all
port trunk pvid vlan 7
undo stp enable
#
interface GigabitEthernet1/0/26
#
interface GigabitEthernet1/0/27
#
interface GigabitEthernet1/0/28
#
scheduler logfile size 16
#
line class aux
user-role network-admin
#
line class vty
user-role network-operator
#
line aux 0
user-role network-admin
#
line vty 0 4
authentication-mode scheme
user-role level-3
user-role network-operator
set authentication password hash $h$6$KV7/jTGHfsGEPSAZ$u9tyHSJI/XEdfedHFM5P1HTsXStwGyZ0Vxt6KZDo8NGOVSdQLDiHgyGm/IOOmdMX5eTY9LjaaSqUyxSbqscAlw==
#
line vty 5 63
user-role network-operator
#
ip route-static 0.0.0.0 0 192.168.7.1
#
radius scheme system
user-name-format without-domain
#
domain system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
local-user admin class manage
password hash $h$6$EMsIWgQ5Mj5xtNdB$4VGnQ9gw2rWjlp/1FwX4mimVWCpTL2YtVVyJ4JU59XbBR2Sk4NihOFMz96cuRbkayv4DSLR46hlpSbe4qHKUhg==
service-type telnet
authorization-attribute user-role 3
authorization-attribute user-role network-admin
#
return现在只能勉强让他们手动IP先。急急急呀
设置端口的缺省VLAN ID
PVID的详细说明请参见“VLAN”
同一链路两端的 Hybrid 端口或Trunk 端口的PVID 必须一致,否则报文将不能正确传输注:这是H3C说明书里的一段话
port link-type trunk
port trunk permit vlan all
port trunk pvid vlan 7
undo stp enable你的上行端口是trunk模式,pvid为7,那么vlan7的数据通过这个端口发出的数据都会被去掉tag标示,到了链路那头就会被加上那个端口的pvid的tag标示,除非那头的pvid也是7,不然你这个网络的数据都是乱的。所以”VLAN1 为系统缺省VLAN,用户不能手工创建和删除”(也是H3C说明书里的原话),因此一般不要用于实际的vlan使用。