利用Bridge的方式穿透Router連通兩端Switch 802.1q Trunk

最近在vlab討論區上有人提出一個很有趣的問題,想要透過Router來建立Trunking(SW1 - R1 - R2 - R3 - SW2),我原本的想法是很簡單,Router兩邊的介面直接設定trunk,然後在子介面上設定IP即可。後來利用Dynamips實作,才突然發現如果在Router兩邊的介面上設定相同的子介面(對應vlan),將會發生同一段network在同一個Router上不同的介面,這在Router IOS上是不允許的…所以我後來想到一個方式,那就是利用bridge-group的方式,將兩邊同個vlan對應的子介面設定為同一個bridge-group即可,然後最重要的是要再建立bvi interface。

以下是個人設定的組態,供各位參考:

hostname R1
bridge irb
interface FastEthernet0/0
description Connect to R2
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.10
encapsulation dot1Q 10
bridge-group 10
!
interface FastEthernet0/0.20
encapsulation dot1Q 20
bridge-group 20
!
interface FastEthernet0/0.99
encapsulation dot1Q 99 native
bridge-group 99
!
interface FastEthernet1/0
description Connect to SW1
no ip address
duplex auto
speed auto
!
interface FastEthernet1/0.10
encapsulation dot1Q 10
bridge-group 10
!
interface FastEthernet1/0.20
encapsulation dot1Q 20
bridge-group 20
!
interface FastEthernet1/0.99
encapsulation dot1Q 99 native
bridge-group 99
!
interface BVI10
ip address 10.10.10.1 255.255.255.0
!
interface BVI20
ip address 20.20.20.1 255.255.255.0
!
interface BVI99
ip address 99.99.99.1 255.255.255.0
!
router ospf 1
log-adjacency-changes
network 99.99.99.0 0.0.0.255 area 0
!
bridge 10 protocol vlan-bridge
bridge 10 route ip
bridge 20 protocol vlan-bridge
bridge 20 route ip
bridge 99 protocol vlan-bridge
bridge 99 route ip

====================================================================

hostname R2
bridge irb
!
interface FastEthernet0/0
description Connect to R1
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.10
encapsulation dot1Q 10
bridge-group 10
!
interface FastEthernet0/0.20
encapsulation dot1Q 20
bridge-group 20
!
interface FastEthernet0/0.99
encapsulation dot1Q 99 native
bridge-group 99
!
interface FastEthernet1/0
description Connect to R3
no ip address
duplex auto
speed auto
!
interface FastEthernet1/0.10
encapsulation dot1Q 10
bridge-group 10
!
interface FastEthernet1/0.20
encapsulation dot1Q 20
bridge-group 20
!
interface FastEthernet1/0.99
encapsulation dot1Q 99 native
bridge-group 99
!
interface BVI10
ip address 10.10.10.2 255.255.255.0
!
interface BVI20
ip address 20.20.20.2 255.255.255.0
!
interface BVI99
ip address 99.99.99.2 255.255.255.0
!
router ospf 1
log-adjacency-changes
network 99.99.99.0 0.0.0.255 area 0
!
bridge 10 protocol vlan-bridge
bridge 10 route ip
bridge 20 protocol vlan-bridge
bridge 20 route ip
bridge 99 protocol vlan-bridge
bridge 99 route ip

====================================================================

hostname R3
bridge irb
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.10
encapsulation dot1Q 10
bridge-group 10
!
interface FastEthernet0/0.20
encapsulation dot1Q 20
bridge-group 20
!
interface FastEthernet0/0.99
description Connect to R2
encapsulation dot1Q 99 native
bridge-group 99
!
interface FastEthernet1/0
description Connect to SW2
no ip address
duplex auto
speed auto
!
interface FastEthernet1/0.10
encapsulation dot1Q 10
bridge-group 10
!
interface FastEthernet1/0.20
encapsulation dot1Q 20
bridge-group 20
!
interface FastEthernet1/0.99
encapsulation dot1Q 99
bridge-group 99
!
interface BVI10
ip address 10.10.10.3 255.255.255.0
!
interface BVI20
ip address 20.20.20.3 255.255.255.0
!
interface BVI99
ip address 99.99.99.3 255.255.255.0
!
ip classless
!
ip http server
no ip http secure-server
!
router ospf 1

log-adjacency-changes
network 99.99.99.0 0.0.0.255 area 0
!
bridge 10 protocol vlan-bridge
bridge 10 route ip
bridge 20 protocol vlan-bridge
bridge 20 route ip
bridge 99 protocol vlan-bridge
bridge 99 route ip

Comments

Anonymous said…
我試了,不通...
因為我中間還多了一個STM-1...
切了frame-relay ~
哈哈,有解嗎 ?!
CCIE11440 said…
我保證可以通,因為這些config是來自我的dynamips lab,你的架構不通是因為你已經從LAN跨到了WAN,那你就必須啟用bridge group來mapping interface

Popular posts from this blog

L2TPv3 Enables Layer 2 Services for IP Networks

TCP/IP 明確擁塞通知 (ECN)

Q-in-Q(Dot1Q Tunnel) Sample Configuration