戴尔交换机上的 VLAN 路由

网络工程 路由 VLAN
2021-07-21 17:48:10

我正在处理 S4048T-ON 开关。

它有3个vlan。一台用于工作站,一台用于管理服务器等,另一台用于这些服务器的实际使用。

VLAN 226 是第一个,一切正常。我正在处理无法访问 Internet 的 VLAN 227,并且无法解析外部 ip,但是我可以从 226 ping 并解析本地主机。这就是问题所在。我们还需要 VLAN 227 上的互联网连接。

交换机已经有人在我之前配置过,所以我必须赶上。

这是ip show route命令的输出

*S    0.0.0.0/0          via 192.168.26.1, Vl 226                                        
                         via 192.168.27.1, Vl 227
 C    192.168.26.0/24    Direct, Vl 226                                                  
 C    192.168.27.0/24    Direct, Vl 227

路由器 NAT 配置:

target     prot opt source               destination
SNAT       all  --  192.168.26.0/24     !192.168.0.0/16       to:XXXXXXXXX
SNAT       all  --  192.168.29.0/24     !192.168.0.0/16       to:XXXXXXXXX
MASQUERADE  all  --  anywhere             anywhere

这是目前交换机的运行配置

    Current Configuration ...
! Version 9.11(2.1)
! Last configuration change at Thu Feb  8 10:30:21 2018 by admin
! Startup-config last updated at Thu Feb  8 09:22:01 2018 by admin
!
boot system stack-unit 1 primary system://A
boot system stack-unit 1 secondary system://B
boot system stack-unit 1 default system://A
!
!
logging coredump stack-unit  1 
logging coredump stack-unit  2 
logging coredump stack-unit  3 
logging coredump stack-unit  4 
logging coredump stack-unit  5 
logging coredump stack-unit  6 
!
hostname core-1
!
protocol lldp 
!
redundancy auto-synchronize full
!
enable inverse-mask
!
ip dhcp snooping vlan 226
!
stack-unit 1 provision S4048T-ON
!
stack-unit 1 port 53 portmode quad
!
interface TenGigabitEthernet 1/1
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/2
 no ip address
 portmode hybrid
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/3
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/4
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/5
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/6
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/7
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/8
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/9
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/10
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/11
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/12
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/13
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/14
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/15
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/16
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/17
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/18
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/19
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/20
 no ip address
 switchport
 switchport mode private-vlan trunk
 no shutdown
!
interface TenGigabitEthernet 1/21
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/22
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/23
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/24
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/25
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/26
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/27
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/28
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/29
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/30
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/31
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/32
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/33
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/34
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/35
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/36
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/37
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/38
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/39
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/40
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/41
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/42
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/43
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/44
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/45
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/46
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/47
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/48
 no ip address
 switchport
 no shutdown
!
interface fortyGigE 1/49
 description uplink-fo40-1
 no ip address
 no shutdown
!
interface fortyGigE 1/50
 description uplink-fo40-1
 no ip address
 no shutdown
!
interface fortyGigE 1/51
 description uplink-fo40-2
 no ip address
 no shutdown
!
interface fortyGigE 1/52
 description uplink-fo40-2
 no ip address
 no shutdown
!
interface TenGigabitEthernet 1/53/1
 no ip address
 no shutdown
!
interface TenGigabitEthernet 1/53/2
 no ip address
 no shutdown
!
interface TenGigabitEthernet 1/53/3
 description blade-1
 no ip address
 switchport
 no shutdown
!
interface TenGigabitEthernet 1/53/4
 no ip address
 no shutdown
!
interface fortyGigE 1/54
 no ip address
 no shutdown
!
interface ManagementEthernet 1/1
 no ip address
 no shutdown
!
interface ManagementEthernet 2/1
 no shutdown
!
interface ManagementEthernet 3/1
 no shutdown
!
interface ManagementEthernet 4/1
 no shutdown
!
interface ManagementEthernet 5/1
 no shutdown
!
interface ManagementEthernet 6/1
 no shutdown
!
interface Port-channel 1
 description uplink-fo40
 no ip address
 switchport
 spanning-tree mstp loopguard 
 channel-member fortyGigE 1/49,1/50
 no shutdown
!
interface Port-channel 2
 description uplink-fo40-2
 no ip address
 switchport
 spanning-tree mstp loopguard 
 channel-member fortyGigE 1/51,1/52
 no shutdown
!
interface Vlan 1
 no shutdown
!
interface Vlan 20
 description internet
 no ip address
 untagged TenGigabitEthernet 1/1
 no shutdown
!
interface Vlan 226
 ip address 192.168.26.253/24
 tagged Port-channel 1-2
 untagged TenGigabitEthernet 1/2-1/3,1/6-1/19,1/21-1/38
 ip helper-address 192.168.26.1
 no shutdown
!
interface Vlan 227
 description renders
 ip address 192.168.27.253/24
 tagged Port-channel 1-2
 untagged TenGigabitEthernet 1/53/3
 ip helper-address 192.168.26.1
 no shutdown
!
interface Vlan 228
 description managment
 ip address 192.168.28.253/24
 tagged TenGigabitEthernet 1/2
 tagged Port-channel 1-2
 untagged TenGigabitEthernet 1/4-1/5,1/20,1/39-1/48
 no shutdown
!
ip route 0.0.0.0/0 Vlan 226 192.168.26.1 
!  
ip domain-name wwfx.co.uk 
!
ip ssh server enable
!
line console 0
line vty 0
line vty 1
line vty 2
line vty 3
line vty 4
line vty 5
line vty 6
line vty 7
line vty 8
line vty 9
!
http-server http
ip http source-interface Vlan 226
!
reload-type
 boot-type normal-reload
 config-scr-download enable
!
end

简单拓扑图:

在此处输入图片说明

路由器上的ip路由列表

192.168.26.0/24 dev eth1 proto kernel scope link src 192.168.26.1
192.168.27.0/24 via 192.168.26.1 dev eth1 scope link
192.168.28.0/24 via 192.168.26.1 dev eth1 scope link
1个回答

问题是您的路由器没有为属于 VLAN 227 的网络执行 NAT

您需要添加一个 NAT 规则:

sudo iptables -t nat -A POSTROUTING -s 192.168.27.0/24 ! -d 192.168.0.0/16 -j SNAT --to-source <your public IP address>

但是在生产环境中使用 iptables 时要小心!

其它你可能感兴趣的问题
上一篇端口通道和以太网通道有什么区别? 下一篇Cisco QinQ - dot1q-tunnel 端口上的多个提供商 vlan (s-vlan)