½Ã½ºÄÚ L3 ¼³Á¤ Áú¹®ÀÔ´Ï´Ù.

   Á¶È¸ 1637   Ãßõ 0    

시스코 장비 공부중입니다.

설정하는데 어떤식으로 해야할지 몰라 질문드립니다.



 

일단 원하는 구성은 위와 같습니다.


서버1~3 에서 PC로는 통신이 되어야 하지만 인터넷은 되지 않아야 합니다.

즉 192.168.0.0/24 만 라우팅을 하고 싶은겁니다.


공유기 설정은 아래와 같이 했습니다.



지금까지는 아래와 같이 구성했습니다.

라우팅을 어떻게 걸어야 할지 몰라서 질문올립니다.


--------

Current configuration : 2850 bytes

!

! Last configuration change at 15:51:29 KST Wed Sep 14 2022

! NVRAM config last updated at 17:59:35 KST Tue Sep 13 2022

!

version 12.2

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Switch

!

boot-start-marker

boot-end-marker

!

!

!

!

no aaa new-model

clock timezone KST 9

switch 1 provision ws-c3750g-24ts-1u

system mtu routing 1500

ip name-server 8.8.8.8

!

!

!

!

!

!

!

!

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

!

!

!

interface GigabitEthernet1/0/1

 switchport access vlan 31

 switchport mode access

!

interface GigabitEthernet1/0/2

 switchport access vlan 31

 switchport mode access

!

interface GigabitEthernet1/0/3

 switchport access vlan 31

 switchport mode access

!

interface GigabitEthernet1/0/4

 switchport access vlan 31

 switchport mode access

!

interface GigabitEthernet1/0/5

 switchport access vlan 32

 switchport mode access

!

interface GigabitEthernet1/0/6

 switchport access vlan 32

 switchport mode access

!

interface GigabitEthernet1/0/7

 switchport access vlan 32

 switchport mode access

!

interface GigabitEthernet1/0/8

 switchport access vlan 32

 switchport mode access

!

interface GigabitEthernet1/0/9

 switchport access vlan 33

 switchport mode access

!

interface GigabitEthernet1/0/10

 switchport access vlan 33

 switchport mode access

!

interface GigabitEthernet1/0/11

 switchport access vlan 33

 switchport mode access

!

interface GigabitEthernet1/0/12

 switchport access vlan 33

 switchport mode access

!

interface GigabitEthernet1/0/13

 switchport trunk encapsulation dot1q

 switchport mode trunk

!         

interface GigabitEthernet1/0/14

 switchport trunk encapsulation dot1q

 switchport mode trunk

!

interface GigabitEthernet1/0/15

 switchport trunk encapsulation dot1q

 switchport mode trunk

!

interface GigabitEthernet1/0/16

 switchport trunk encapsulation dot1q

 switchport mode trunk

!

interface GigabitEthernet1/0/17

!

interface GigabitEthernet1/0/18

!

interface GigabitEthernet1/0/19

!

interface GigabitEthernet1/0/20

!

interface GigabitEthernet1/0/21

!

interface GigabitEthernet1/0/22

!

interface GigabitEthernet1/0/23

!

interface GigabitEthernet1/0/24

 description Uplink Port

!

interface GigabitEthernet1/0/25

!

interface GigabitEthernet1/0/26

!

interface GigabitEthernet1/0/27

!

interface GigabitEthernet1/0/28

!

interface Vlan1

 ip address 192.168.0.254 255.255.255.0

!

interface Vlan31

 ip address 10.31.0.1 255.255.0.0

!

interface Vlan32

 ip address 10.32.0.1 255.255.0.0

!         

interface Vlan33

 ip address 10.33.0.1 255.255.0.0

!

ip default-gateway 192.168.0.1

ip classless

ip http server

ip http secure-server

!

!

logging 192.168.0.204

!

!

vstack

!

line con 0

 speed 115200

line vty 5 15

!

ntp clock-period 36028834

ntp server 211.233.40.78

ntp server 17.253.116.253

end

--------------------------

ªÀº±Û Àϼö·Ï ½ÅÁßÇÏ°Ô.
RIGIDBODY 2022-09
IP Time °øÀ¯±â¿¡¼­ °¢ ¼­¹öIP·ÎºÎÅÍ °ÔÀÌÆ®¿þÀÌÀÎ °øÀ¯±â·Î ³ª°¡´Â ÆÐŶ Drop·êÀ» Àû¿ëÇÏ¸é µÉ °Í °°½À´Ï´Ù.±×¸®°í PC¿Í ¼­¹ö°£ Åë½ÅÇÏ·Á¸é 24¹ø Æ÷Æ®µµ Æ®··Å©·Î ÇØÁÖ¼Å¾ß ÇÕ´Ï´Ù.
È︶ 2022-09
ws-c3750g-24ts µÚ¿¡ ¶óÀ̼±½º Á¤º¸°¡ ¾ø¾î¼­ ÇØ´ç ½ºÀ§Ä¡¿¡ ACLÀÌ Áö¿ø µÇ´ÂÁö ¸ð¸£°Ú³×¿ä.
À̷лó ACL(access-list)À¸·Î ƯÁ¤ ´ë¿ª ¹× Æ÷Æ®¿¡ ´ëÇؼ­ Åë½ÅÀ» Â÷´Ü ÇÒ ¼ö Àִµ¥, ÀÎÅÍ³Ý ´ë¿ª¿¡ ´ëÇؼ­´Â ¸·´Â °ÍÀº °ÅÀÇ ¹«¸ð Çϱ⠶§¹®¿¡ ±¸Á¶»ó »ó´Ü IP Time(ex. Firewall or Router)¿¡¼­ ¸·´Â °ÍÀÌ ¸Â½À´Ï´Ù.
±×¸®°í ½Ç¹« ȯ°æ¿¡¼­´Â L3 S/W ºÎÇÏ ¶§¹®¿¡ Åë½Å¿¡ ´ëÇÑ ACLÀº »ç¿ë ÇÏÁö ¾Ê½À´Ï´Ù.
¸ð¾îÄð 2022-09
ÀÏ´Ü À§ ¼³Á¤»óÅ¿¡¼­ PC - ¼­¹ö°£ Åë½Å ÀÚü°¡ ¾ÈµË´Ï´Ù.
¶ó¿ìÆÃÀ» ¹» Ãß°¡ ÇØ¾ß ÇÒ±î¿ä?
     
È︶ 2022-09
vlan1 »èÁ¦ ÇØ Áֽðí, Æ÷Æ®¿¡ Á÷Á¢ IP ÇÒ´çÇؼ­ ÀÎÅÍÆäÀ̽º Åë½Å ÇÏ¸é µË´Ï´Ù.

vlan 1 »èÁ¦ ===================================
no ip address 192.168.0.254 255.255.255.0
no interface Vlan1


Interface¿¡ IP ÇÒ´ç ============================================
interface GigabitEthernet1/0/24
 description Uplink Port
 no switchport
 ip address 192.168.0.254 255.255.255.0
     
È︶ 2022-09
Âü°í·Î
ip default-gateway¿Í ip default-network, ±×¸®°í Static(ex. route 0.0.0.0 0.0.0.0 x.x.x.x )ÀÌ 3°¡Áö Â÷ÀÌÁ¡À» Àß ¾Ë°í »ç¿ë ÇϽô °ÍÀ» ±Ç°í ÇÕ´Ï´Ù.
Áö±ÝÀº ¾÷ ¸µÅ© ÀÎÅÍÆäÀ̽º°¡ 1°³¶ó¼­ ip default-gateway¸¸ Çصµ Å« ¹®Á¦°¡ ¾øÁö¸¸, ½Ç¹«¿¡¼­´Â Àß »ç¿ë ÇÏÁö ¾Ê½À´Ï´Ù.
½Ç¹«¿¡¼­´Â °ÅÀÇ Static RouteÀ» ¸¹ÀÌ »ç¿ë ÇÕ´Ï´Ù.
          
¸ð¾îÄð 2022-09
Switch(config)#no vlan 1
%Default VLAN 1 may not be deleted.
vlan 1 Àº »èÁ¦°¡ µÇÁú ¾Ê±¸¿ä
¸»¾¸ÇϽŴë·Î 24¹ø ¾÷¸µÅ© Æ÷Æ® ¼³Á¤À» À§¿Í°°ÀÌ Çߴµ¥µµ
PC¿¡¼­ vlan 31 Gateway 10.31.0.1 ·Î ÇÎÀÌ °¡Áú ¾Ê½À´Ï´Ù.
PC¿¡¼­ 192.168.0.254·Î´Â ÇÎÀÌ °©´Ï´Ù.
½ºÀ§Ä¡¿¡¼­ vlan31, 32, 33 ÂÊÀ¸·Î ¶ó¿ìÆÃÀ» ÇØÁà¾ß ÇÒ°Í °°Àºµ¥ ±×ºÎºÐÀÌ ÇÊ¿äÇѰɱî¿ä?

interface GigabitEthernet1/0/24
 description Uplink Port
 no switchport
 ip address 192.168.0.254 255.255.255.0
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface Vlan1
 no ip address
!
interface Vlan31
 ip address 10.31.0.1 255.255.0.0
!
interface Vlan32
 ip address 10.32.0.1 255.255.0.0
!
interface Vlan33
 ip address 10.33.0.1 255.255.0.0
!
ip default-gateway 192.168.0.1
ip classless
ip http server
ip http secure-server
               
È︶ 2022-09
¿ì¼± ÀÎÅÍÆäÀ̽º Åë½ÅÀº Á¤»óÀ¸·Î º¸À̴µ¥.

¼³Á¤À» ´Ù½Ã º¸´Ï. vlan inteface ¼³Á¤¸¸ µÇ¾î ÀÖ°í, vlan ¼±¾ð ¼³Á¤ ºÎºÐÀÌ ºüÁ® Àֳ׿ä. ÀÌ°Å ¼³Á¤ ¾È ÇØ ÁÖ¸é vlan È°¼ºÈ­ ¾È µÇÁö ¾Ê³ª¿ä?
¾Æ¸¶ ¼­¹ö 1 ~3¹ø¿¡¼¼¼­ G/WÀ¸·Î´Â Á¤»ó Åë½Åµµ ¾È µÉ°Å °°Àºµ¥, vlan ¼±¾ð ¼³Á¤ Ãß°¡ ÇØ ÁÖ¼¼¿ä.

vlan 31
 name  vlan31-Description
vlan 32
 name  vlan32-Description
vlan 33
 name  vlan33-Description
À§¿Í °°ÀÌ Çؼ­ ¼­¹ö 1~3ÀÌ G/WÀ¸·Î pingÀÌ µÇ´ÂÁö ¸ÕÀú È®ÀÎ Çϼ¼¿ä. ÀÌ ºÎºÐÀÌ ¸ÕÀú Åë½ÅÀÌ µÇ¾î¾ß ´ÙÀ½ ¼ø¼­°¡ ¶ó¿ìÆà º¸´Â °Í ÀÔ´Ï´Ù.


¼­¹ö 1~3¹øÀÌ G/W Åë½ÅÀÌ µÇ´Âµ¥. ±×·¡µµ ¾È µÇ¸é,
ip default-gateway 192.168.0.1 ¼³Á¤ »èÁ¦ ÇÏ°í, route 0.0.0.0 0.0.0. 192.168.0.1 À¸·Î º¯°æ ÇØ º¸¼¼¿ä.
default-gateway´Â ¹«Á¶°Ç ¼³Á¤µÈ °÷À¸·Î °¡´Â°Å¶ó¼­ Àß »ç¿ë ÇÏÁö ¾Ê´Â °æ¿ì°¡ ¸¹¾Æ¼­¿ä.

vlan1Àº »èÁ¦ ¾È µÇ´Â °ÍÀº default native vlanÀÌ¿©¼­ »èÁ¦ ¾È µÉ ¼öµµ ÀÖ½À´Ï´Ù.
PC°¡ ¿¬°áµÈ  Port¸¦ VLAN 31·Î ÀÏ´Ü Àâ¾ÆÁֽøé.. ½±°Ô Åë½Å
¼­¹ö´Â Port°¡ 4°³ÀÌ´Ï..

¼­¹ö Ethernet
1¹ø Port :10.31.0.x/24  Àâ°í
2¹ø Port :192.168.0.x /24 Àâ¾ÆÁÖ¸é.
ÀÌ·±½ÄÀ¸·Î Åë½ÅÇÏ¸é µÉ°Í °°Àºµ¥¿ä..
2¹ø Æ÷Æ®¿Í PC¸¦ ¿¬°á.

»óȲºÁ¼­ PC¿Í ¼­¹ö¸¦ ¿¬°áÇÒ PortµéÀº °°Àº VLAN Àâ¾ÆÁּŵµ µÉ °Í °°±¸¿ä.
¸ð¾îÄð 2022-09
¿©·¯ºÐµéÀÌ µµ¿ò Áּż­ ÇØ°áÇß½À´Ï´Ù.
´Ü¼øÈ÷ VLAN±¸¼ºÇÏ°í Æ÷Æ®¸¦ ÇØ´ç VLAN ¾×¼¼½º·Î ¼±¾ðÇÑÈÄ

¾÷¸µÅ©´Â no switchport ·Î ±×³É °øÀ¯±â ip´ë¿ª¸¸ ¼±¾ðÇÏ¸é ³¡À̾ú³×¿ä
¸¶Áö¸·À¸·Î ip routing ¼³Á¤Çϴϱñ ´Ù Àß µ¿ÀÛÇÕ´Ï´Ù.

°¨»çµå¸³´Ï´Ù.


QnA
Á¦¸ñPage 441/5685
2014-05   4967494   Á¤ÀºÁØ1
2015-12   1503867   ¹é¸Þ°¡
2022-09   1163   »ç°úÀå¼ö
2022-09   1273   2CPUÃÖÁÖÈñ
2022-09   1132   ²¥¿ï
2022-09   1834   Noobmaster69
2022-09   854   PINGFAIL
2022-09   1777   kino0924
2022-09   1470   BOFH
2022-09   1351   GPGPU
2022-09   1425   °Ü¿ï³ª¹«
2022-09   1638   ¸ð¾îÄð
2022-09   1276   2CPUÃÖÁÖÈñ
2022-09   1012   pibang
2022-09   1233   Á¤»ó¹é
2022-09   1643   ±¼´Ù¸®±³
2022-09   119   ADFWER8
2022-09   1176   ±×´ë
2022-09   1423   RiTA
2022-09   965   ºí·ç¸ð¼Ç
2022-09   1198   À×À×
2022-09   1638   Ãʺ¸2cpu