USB迷 | 专注于互联网分享

    最新消息: USBMI致力于为网友们分享Windows、安卓、IOS等主流手机系统相关的资讯以及评测、同时提供相关教程、应用、软件下载等服务。
    你的位置: 首页 > IT圈 > 华为禁止vlan之间互访

    华为禁止vlan之间互访

    IT圈 admin 33浏览 0评论

    2024年3月7日发(作者:苍腾逸)

    LAN间互访控制配置举例

    操作步骤

    1. 配置Switch

    # 创建VLAN

    system-view

    [Quidway] vlan batch 10 20

    # 配置VLANIF接口的IP地址

    [Quidway] interface vlanif 10

    [Quidway-Vlanif10] ip address 10.10.10.1 24

    [Quidway-Vlanif10] quit

    [Quidway] interface vlanif 20

    [Quidway-Vlanif20] ip address 20.20.20.1 24

    [Quidway-Vlanif20] quit

    将端口添加到相应的vlan

    [Quidway] interface ethernet 0/0/2

    [Quidway-Ethernet0/0/2] port link-type access

    [Quidway-Ethernet0/0/2] port default vlan 10

    [Quidway-Ethernet0/0/2] quit

    [Quidway] interface ethernet 0/0/3

    [Quidway-Ethernet0/0/2] port link-type access

    [Quidway-Ethernet0/0/2] port default vlan 20

    [Quidway-Ethernet0/0/3] quit

    创建ACL3000拒绝vlan10 去访问vlan20

    [Switch] acl 3001

    [Switch-acl-adv-3001] rule 5 deny ip source 10.10.10.0 0.0.0.255

    destination 20.20.20.0 0.0.0.255

    创建流分类C1

    [Quidway] traffic classifier c1

    [Quidway -classifier-c1] if-match acl 3001

    [Quidway -classifier-c1] quit

    创建流行为

    [Quidway] traffic behavior b1

    [Quidway -behavior-b1] permit

    [Quidway -behavior-b1] quit

    创建流策略

    [Quidway] traffic policy p1

    [Quidway -trafficpolicy-p1] classifier c1 behavior b1

    在接口上应用

    [Quidway] VLAN 10

    [Quidway –VLAN10] traffic-policy p1 inbound

    2024年3月7日发(作者:苍腾逸)

    LAN间互访控制配置举例

    操作步骤

    1. 配置Switch

    # 创建VLAN

    system-view

    [Quidway] vlan batch 10 20

    # 配置VLANIF接口的IP地址

    [Quidway] interface vlanif 10

    [Quidway-Vlanif10] ip address 10.10.10.1 24

    [Quidway-Vlanif10] quit

    [Quidway] interface vlanif 20

    [Quidway-Vlanif20] ip address 20.20.20.1 24

    [Quidway-Vlanif20] quit

    将端口添加到相应的vlan

    [Quidway] interface ethernet 0/0/2

    [Quidway-Ethernet0/0/2] port link-type access

    [Quidway-Ethernet0/0/2] port default vlan 10

    [Quidway-Ethernet0/0/2] quit

    [Quidway] interface ethernet 0/0/3

    [Quidway-Ethernet0/0/2] port link-type access

    [Quidway-Ethernet0/0/2] port default vlan 20

    [Quidway-Ethernet0/0/3] quit

    创建ACL3000拒绝vlan10 去访问vlan20

    [Switch] acl 3001

    [Switch-acl-adv-3001] rule 5 deny ip source 10.10.10.0 0.0.0.255

    destination 20.20.20.0 0.0.0.255

    创建流分类C1

    [Quidway] traffic classifier c1

    [Quidway -classifier-c1] if-match acl 3001

    [Quidway -classifier-c1] quit

    创建流行为

    [Quidway] traffic behavior b1

    [Quidway -behavior-b1] permit

    [Quidway -behavior-b1] quit

    创建流策略

    [Quidway] traffic policy p1

    [Quidway -trafficpolicy-p1] classifier c1 behavior b1

    在接口上应用

    [Quidway] VLAN 10

    [Quidway –VLAN10] traffic-policy p1 inbound

    与本文相关的文章

    发布评论

    评论列表 (0)

    1. 暂无评论