اندیشه نگار /  مقالات /  شبکه /  تنظیم VLAN بین Cisco و HPE/aruba
HPE and Cisco – VLANs and Trunks Confusion
(منبع: http://www.petenetlive.com/KB/Article/0000741 )
 
 
 
طرح مشکل: 
دانش آموختگان  دوره‌های آموزشی  Cisco CCNA کاملاً با واژگان بکار رفته در تجهیزات شبکه Cisco مانوس هستند و آموخته‌‌اند برای اتصال سوئیچ‌ها و انتقال ترافیک VLAN بین آنها باید یک Trunk ایجاد کنند تا ترافیک را منتقل کند. در تجهیزات شبکه HPE/aruba  و در برخی کاربردها  واژگان متفاوتی استفاده شده است و بعنوان مثال Trunk  مفهوم و کاربرد دیگری و متفاوت از آنچه در بالا ذکر شد دارد. این نکته اغلب باعث بروز سوء تفاهم  و اشتباه در تنظیمات می شود و چه بسا برخی گمان به ناسازگاری بین این دو برند معروف می برند. در این نوشته تلاش شده روش تنظیم VLAN  روی یک سوئیچ HPE/aruba و همچنین متصل و مرتبط ساختن آن به یک سوئیچ Cisco  شرح داده شود. به این منظور چهار سناریو مختلف بررسی شده است: 
 
 
Scenario 1 Configuring Cisco Catalyst Switches with VLANs
Scenario 2 Configuring HPESwitches with VLANs
Scenario 3 Setting up HPESwitches with Trunked VLANs
Scenario 4 Setup VLANs via HPETrunks and Cisco Port Channels
Setting up VLANs on older Cisco Switches
 
Solution
Scenario 1 Configuring Cisco Catalyst Switches with VLANs
 
 
In 'Cisco-world' all ports are either in access mode or trunk mode, the access mode allows the port to communicate with the VLAN. The trunk mode carries the VLAN traffic to another switch (or device). So to replicate the diagram above, this is what you would need to do. (Note: For older switches like the 3550XL the VLAN commands are a little different)
 
 
Switch01> 
Switch01>enable 
Password: xxxxxxxx 
Switch01#configure terminal 
Enter configuration commands, one per line. End with CNTL/Z. 
Switch01(config)#vlan 10 
Switch01(config-vlan)#name Admin 
Switch01(config-vlan)#exit 
Switch01(config)#vlan 20 
Switch01(config-vlan)#name Data 
Switch01(config-vlan)#exit 
Switch01(config)#int f0/2 
Switch01(config-if)#switchport mode access 
Switch01(config-if)#switchport access vlan 10 
Switch01(config-if)#exit 
Switch01(config)#inf f0/16 
Switch01(config-if)#switchport mode access 
Switch01(config-if)#switchport access vlan 20 
Switch01(config-if)#exit 
Switch01(config)#int f0/23 
Switch01(config-if)#switchport mode trunk 
Switch02(config-if)#switchport trunk allowed vlan 1,10,20 
Switch01(config-if)#exit 
Switch01(config)#exit 
Switch01#write mem Building  configuration... [OK] 
Switch01#    
Switch02> 
Switch02>enable 
Password: xxxxxxx 
Switch02#configure terminal 
Enter configuration commands, one per line. End with CNTL/Z. 
Switch02(config)#vlan 10 
Switch02(config-vlan)#name Admin 
Switch02(config-vlan)#exit 
Switch02(config)#vlan 20 
Switch02(config-vlan)#name Data 
Switch02(config-vlan)#exit 
Switch02(config)#int f0/2 
Switch02(config-if)#switchport mode access 
Switch02(config-if)#switchport access vlan 10 
Switch02(config-if)#exit 
Switch02(config)#inf f0/15 
Switch02(config-if)#switchport mode access 
Switch02(config-if)#switchport access vlan 20 
Switch02(config-if)#exit 
Switch02(config)#int f0/1 
Switch02(config-if)#switchport mode trunk 
Switch02(config-if)#switchport trunk allowed vlan 1,10,20 
Switch02(config-if)#exit 
Switch02(config)#exit 
Switch02#write mem 
Building configuration... [OK] 
Switch02#
 
Scenario 2 Configuring HPESwitches with VLANs.
 
 
With HPE switches the terminology is different, here switch ports are either tagged members or untagged members of a VLAN.
What's the difference between tagged and untagged? If a port is a tagged member it passes the VLAN information with the traffic it sends. If it is untagged it sends the VLAN traffic without adding in the VLAN tag. So you would only make a port a tagged member if the device that is plugged into it is VLAN aware, i.e. another switch, router, or machine with a VLAN aware NIC. (Note: The VLAN tag is the ID that gets inserted into the head of a network packet). So to do exactly the same as we did in scenario 1, but with HPE switches, you would do the following:
BE AWARE: Any single port can only be untagged on one VLAN. Out of the box all ports are untagged on VLAN 1 (or the default VLAN), so if you untag a port into VLAN 20 (for example) it will automatically remove the 'vlan 1 untagged' property for that port.
 
Switch01> enable 
Password:xxxxx 
Switch01# configure terminal 
Switch01(config)# vlan 10 name Admin 
Switch01(config)# vlan 20 name Data 
Switch01(config)# vlan 10 
Switch01(vlan-10)# untagged 6 
Switch01(vlan-10)# exit 
Switch01(config)# vlan 20 
Switch01(vlan-20)# untagged 16 
Switch01(vlan-20)# exit 
Switch01(config)# vlan 10 
Switch01(vlan-10)# tagged 13 
Switch01(vlan-10)# exit 
Switch01(config)# vlan 20 
Switch01(vlan-20)# tagged 13 
Switch01(vlan-20)# exit 
Switch01(config)# write mem 
Switch01(config)#  
Switch02> enable 
Password:xxxxx 
Switch02# configure terminal 
Switch02(config)# vlan 10 name Admin 
Switch02(config)# vlan 20 name Data 
Switch02(config)# vlan 10 
Switch02(vlan-10)# untagged 4 
Switch02(vlan-10)# exit 
Switch02(config)# vlan 20 
Switch02(vlan-20)# untagged 20 
Switch02(vlan-20)# exit 
Switch02(config)# vlan 10 
Switch02(vlan-10)# tagged 23 
Switch02(vlan-10)# exit 
Switch02(config)# vlan 20 
Switch02(vlan-20)# tagged 23 
Switch02(vlan-20)# exit 
Switch02(config)# write mem 
Switch02(config)#
 
Scenario 3 Setting up HPESwitches with Trunked VLANs
 
 
Remember with HPE a Trunk is adding together lots of links, (if you're a Cisco head think of port-channeling). So here we create a trunk, then use that trunk to pass tagged VLAN traffic across the switches.
 
Switch01> enable 
Password:xxxxx 
Switch01# configure terminal 
Switch01(config)# vlan 10 name Admin 
Switch01(config)# vlan 20 name Data 
Switch01(config)# vlan 10 
Switch01(vlan-10)# untagged 6 
Switch01(vlan-10)# exit 
Switch01(config)# vlan 20 
Switch01(vlan-20)# untagged 16 
Switch01(vlan-20)# exit 
Switch01(config)# trunk 21,23 Trk1 LACP 
Switch01(config)# vlan 10 
Switch01(vlan-10)# tagged Trk1 
Switch01(vlan-10)# exit 
Switch01(config)# vlan 20 
Switch01(vlan-20)# tagged Trk1 
Switch01(vlan-20)# exit Switch01(config)# write mem 
Switch01(config)#
 
 
Switch02> enable 
Password:xxxxx 
Switch02# configure terminal 
Switch02(config)# vlan 10 name Admin 
Switch02(config)# vlan 20 name Data 
Switch02(config)# vlan 10 
Switch02(vlan-10)# untagged 4 
Switch02(vlan-10)# exit 
Switch02(config)# vlan 20 
Switch02(vlan-20)# untagged 20 
Switch02(vlan-20)# exit 
Switch01(config)# trunk 21,23 Trk1 LACP 
Switch01(config)# vlan 10 
Switch01(vlan-10)# tagged Trk1 
Switch01(vlan-10)# exit 
Switch01(config)# vlan 20 
Switch01(vlan-20)# tagged Trk1 
Switch01(vlan-20)# exit 
Switch02(config)# write mem 
Switch02(config)#
 
 
 
Scenario 4 Setup VLANs via HPETrunks and Cisco Port Channels
 
 
Now we have gone full circle, we know what all the differences are, the final part is to get them to talk to each other. So we'll set up a two cable HPETrunk, and connect it to Cisco LACP port channel, and then finally add in the VLAN traffic.
 
(On HPE Switch)
Switch01> enable 
Password:xxxxx 
Switch01# configure terminal 
Switch01(config)# vlan 10 name Admin 
Switch01(config)# vlan 20 name Data 
Switch01(config)# vlan 10 
Switch01(vlan-10)# untagged 6 
Switch01(vlan-10)# exit 
Switch01(config)# vlan 20 
Switch01(vlan-20)# untagged 16 
Switch01(vlan-20)# exit 
Switch01(config)# trunk 21,23 Trk1 LACP 
Switch01(config)# vlan 10 
Switch01(vlan-10)# tagged Trk1 
Switch01(vlan-10)# exit 
Switch01(config)# vlan 20 
Switch01(vlan-20)# tagged Trk1 
Switch01(vlan-20)# exit Switch01(config)# write mem 
Switch01(config)#
 
(On Cisco Switch)
 
Switch02> 
Switch02>enable 
Password: xxxxxxx 
Switch02#configure terminal 
Enter configuration commands, one per line. End with CNTL/Z. 
Switch02(config)#vlan 10 
Switch02(config-vlan)#name Admin 
Switch02(config-vlan)#exit 
Switch02(config)#vlan 20 
Switch02(config-vlan)#name Data 
Switch02(config-vlan)#exit 
Switch02(config)#int f0/2 
Switch02(config-if)#switchport mode access 
Switch02(config-if)#switchport access vlan 10 
Switch02(config-if)#exit 
Switch02(config)# interface range fa0/23 - 24 
Switch02(config-if-range)# spanning-tree portfast trunk 
%Warning: portfast should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc... to this interface when portfast is enabled, can cause temporary bridging loops. Use with CAUTION
Switch02(config-if-range)# channel-protocol lacp 
Switch02(config-if-range)# channel-group 1 mode active 
Creating a port-channel interface Port-channel 1 
Switch02(config-if-range)# interface port-channel 1 
Switch02(config-if)# switchport mode trunk 
Switch02(config-if-range)#switchport trunk allowed vlan 1,10,20 
Switch02(config-if)#exit 
Switch02(config)#exit 
Switch02#write mem 
Building configuration... [OK] 
Switch02#
 
 
 
Setting up VLANs on older Cisco Switches
Here's an example using the older vlan database commands.
Switch01>enable 
Password: 
Switch01# 
Switch01#vlan database 
Switch01(vlan)#vlan 10 name Admin 
VLAN 10 modified: 
Name: Admin 
Switch01(vlan)#vlan 20 name Data 
VLAN 20 modified: 
Name: Data 
Switch01(vlan)#exit 
APPLY completed. 
Exiting.... 
Switch01#configure terminal 
Enter configuration commands, one per line. End with CNTL/Z. 
Switch01(config)#int f0/2 
Switch01(config-if)#switchport mode access 
Switch01(config-if)#switchport access vlan 10 
Switch01(config-if)#exit 
Switch01(config)#int f0/16 
Switch01(config-if)#switchport mode access 
Switch01(config-if)#switchport access vlan 20 
Switch01(config-if)#exit 
Switch01(config)#int f0/23 
Switch01(config-if)#switchport mode trunk 
Switch01(config-if)#switchport trunk encapsulation dot1q 
Switch02(config-if-range)#switchport trunk allowed vlan 1,10,20 
Switch01(config-if)#exit 
Switch01(config)#exit 
Switch01#write mem 
Building configuration...  
Switch01#
 
تاریخ : چهارشنبه 24 خرداد 1396                      تعداد بازدید : 681 مرتبه
ارسال پیغام / نظر
جمع دو عدد 4 و 24 را وارد کنید :
اطلاعات تماس
نشانی :  تهران -میرداماد - میدان مادر (محسنی)- پلاک ۵۰ - مجتمع اداری تجاری مریم - طبقه پنجم 
کُد پستی: ۱۵۴۶۹۳۴۱۳۹         پست الکترونیک: info@enegar.com
تلفن :  ۲۲۲۵۶۶۵۵-۰۲۱
فاکس :  ۲۲۲۲۸۴۰۱-۰۲۱
اوقات کار: شنبه تا چهارشنبه : ۸ تا ۱۶:۳۰    پنج شنبه ۹ تا ۱۲

telegram   aparat   instagram   Linkedin