تنظیم VLAN بین Cisco و HPE/Aruba
تنظیم VLAN بین Cisco و HPE/Aruba:
دانش آموختگان دورههای آموزشی Cisco CCNA کاملاً با واژگان بکار رفته در تجهیزات شبکه Cisco مانوس هستند و آموختهاند برای اتصال سوئیچها و انتقال ترافیک VLAN بین آنها باید یک Trunk ایجاد کنند تا ترافیک را منتقل کند. در تجهیزات شبکه HPE/aruba و در برخی کاربردها واژگان متفاوتی استفاده شده است و بعنوان مثال Trunk مفهوم و کاربرد دیگری و متفاوت از آنچه در بالا ذکر شد دارد. این نکته اغلب باعث بروز سوء تفاهم و اشتباه در تنظیمات می شود و چه بسا برخی گمان به ناسازگاری بین این دو برند معروف می برند. در این نوشته تلاش شده روش تنظیم VLAN روی یک سوئیچ HPE/aruba و همچنین متصل و مرتبط ساختن آن به یک سوئیچ Cisco شرح داده شود. به این منظور چهار سناریو مختلف برای تنظیم VLAN بین Cisco و HPE/aruba بررسی شده است:
HPE and Cisco – VLANs and Trunks Confusion
Scenario 1 Configuring Cisco Catalyst Switches with VLANs
Scenario 2 Configuring HPESwitches with VLANs
Scenario 3 Setting up HPESwitches with Trunked VLANs
Scenario 4 Setup VLANs via HPETrunks and Cisco Port Channels
Setting up VLANs on older Cisco Switches
Solution
سناریوی اول: ارتباط بین VLAN ها در سوئیچ های Cisco
Scenario 1: Configuring Cisco Catalyst Switches with VLANs
In ‘Cisco-world’ all ports are either in access mode or trunk mode, the access mode allows the port to communicate with the VLAN. The trunk mode carries the VLAN traffic to another switch (or device). So to replicate the diagram above, this is what you would need to do. (Note: For older switches like the 3550XL the VLAN commands are a little different)
Switch01>
Switch01>enable
Password: xxxxxxxx
Switch01#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch01(config)#vlan 10
Switch01(config-vlan)#name Admin
Switch01(config-vlan)#exit
Switch01(config)#vlan 20
Switch01(config-vlan)#name Data
Switch01(config-vlan)#exit
Switch01(config)#int f0/2
Switch01(config-if)#switchport mode access
Switch01(config-if)#switchport access vlan 10
Switch01(config-if)#exit
Switch01(config)#inf f0/16
Switch01(config-if)#switchport mode access
Switch01(config-if)#switchport access vlan 20
Switch01(config-if)#exit
Switch01(config)#int f0/23
Switch01(config-if)#switchport mode trunk
Switch02(config-if)#switchport trunk allowed vlan 1,10,20
Switch01(config-if)#exit
Switch01(config)#exit
Switch01#write mem Building configuration… [OK]
Switch01#
Switch02>
Switch02>enable
Password: xxxxxxx
Switch02#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch02(config)#vlan 10
Switch02(config-vlan)#name Admin
Switch02(config-vlan)#exit
Switch02(config)#vlan 20
Switch02(config-vlan)#name Data
Switch02(config-vlan)#exit
Switch02(config)#int f0/2
Switch02(config-if)#switchport mode access
Switch02(config-if)#switchport access vlan 10
Switch02(config-if)#exit
Switch02(config)#inf f0/15
Switch02(config-if)#switchport mode access
Switch02(config-if)#switchport access vlan 20
Switch02(config-if)#exit
Switch02(config)#int f0/1
Switch02(config-if)#switchport mode trunk
Switch02(config-if)#switchport trunk allowed vlan 1,10,20
Switch02(config-if)#exit
Switch02(config)#exit
Switch02#write mem
Building configuration… [OK]
Switch02#
سناریوی دوم: ارتباط بین VLAN ها در سوئیچ های HPE/Aruba
Scenario 2: Configuring HPESwitches with VLANs.
With HPE switches the terminology is different, here switch ports are either tagged members or untagged members of a VLAN.
What’s the difference between tagged and untagged? If a port is a tagged member it passes the VLAN information with the traffic it sends. If it is untagged it sends the VLAN traffic without adding in the VLAN tag. So you would only make a port a tagged member if the device that is plugged into it is VLAN aware, i.e. another switch, router, or machine with a VLAN aware NIC. (Note: The VLAN tag is the ID that gets inserted into the head of a network packet). So to do exactly the same as we did in scenario 1, but with HPE switches, you would do the following:
BE AWARE: Any single port can only be untagged on one VLAN. Out of the box all ports are untagged on VLAN 1 (or the default VLAN), so if you untag a port into VLAN 20 (for example) it will automatically remove the ‘vlan 1 untagged’ property for that port.
Switch01> enable
Password:xxxxx
Switch01# configure terminal
Switch01(config)# vlan 10 name Admin
Switch01(config)# vlan 20 name Data
Switch01(config)# vlan 10
Switch01(vlan-10)# untagged 6
Switch01(vlan-10)# exit
Switch01(config)# vlan 20
Switch01(vlan-20)# untagged 16
Switch01(vlan-20)# exit
Switch01(config)# vlan 10
Switch01(vlan-10)# tagged 13
Switch01(vlan-10)# exit
Switch01(config)# vlan 20
Switch01(vlan-20)# tagged 13
Switch01(vlan-20)# exit
Switch01(config)# write mem
Switch01(config)#
Switch02> enable
Password:xxxxx
Switch02# configure terminal
Switch02(config)# vlan 10 name Admin
Switch02(config)# vlan 20 name Data
Switch02(config)# vlan 10
Switch02(vlan-10)# untagged 4
Switch02(vlan-10)# exit
Switch02(config)# vlan 20
Switch02(vlan-20)# untagged 20
Switch02(vlan-20)# exit
Switch02(config)# vlan 10
Switch02(vlan-10)# tagged 23
Switch02(vlan-10)# exit
Switch02(config)# vlan 20
Switch02(vlan-20)# tagged 23
Switch02(vlan-20)# exit
Switch02(config)# write mem
Switch02(config)#
سناریوی سوم: ارتباط بین VLAN ها در سوئیچ های HPE/Aruba روی Trunk (معادل EtherChannel در Cisco)
Scenario 3: Setting up HPESwitches with Trunked VLANs
Remember with HPE a Trunk is adding together lots of links, (if you’re a Cisco head think of port-channeling). So here we create a trunk, then use that trunk to pass tagged VLAN traffic across the switches.
Switch01> enable
Password:xxxxx
Switch01# configure terminal
Switch01(config)# vlan 10 name Admin
Switch01(config)# vlan 20 name Data
Switch01(config)# vlan 10
Switch01(vlan-10)# untagged 6
Switch01(vlan-10)# exit
Switch01(config)# vlan 20
Switch01(vlan-20)# untagged 16
Switch01(vlan-20)# exit
Switch01(config)# trunk 21,23 Trk1 LACP
Switch01(config)# vlan 10
Switch01(vlan-10)# tagged Trk1
Switch01(vlan-10)# exit
Switch01(config)# vlan 20
Switch01(vlan-20)# tagged Trk1
Switch01(vlan-20)# exit Switch01(config)# write mem
Switch01(config)#
Switch02> enable
Password:xxxxx
Switch02# configure terminal
Switch02(config)# vlan 10 name Admin
Switch02(config)# vlan 20 name Data
Switch02(config)# vlan 10
Switch02(vlan-10)# untagged 4
Switch02(vlan-10)# exit
Switch02(config)# vlan 20
Switch02(vlan-20)# untagged 20
Switch02(vlan-20)# exit
Switch01(config)# trunk 21,23 Trk1 LACP
Switch01(config)# vlan 10
Switch01(vlan-10)# tagged Trk1
Switch01(vlan-10)# exit
Switch01(config)# vlan 20
Switch01(vlan-20)# tagged Trk1
Switch01(vlan-20)# exit
Switch02(config)# write mem
Switch02(config)#
سناریوی چهارم و پایانی: ارتباط بین VLAN ها مابین سوئیچ های Cisco و HPE/aruba روی Trunk (معادل EtherChannel در Cisco)
Scenario 4: Setup VLANs via HPETrunks and Cisco Port Channels
Now we have gone full circle, we know what all the differences are, the final part is to get them to talk to each other. So we’ll set up a two cable HPETrunk, and connect it to Cisco LACP port channel, and then finally add in the VLAN traffic.
(On HPE Switch)
Switch01> enable
Password:xxxxx
Switch01# configure terminal
Switch01(config)# vlan 10 name Admin
Switch01(config)# vlan 20 name Data
Switch01(config)# vlan 10
Switch01(vlan-10)# untagged 6
Switch01(vlan-10)# exit
Switch01(config)# vlan 20
Switch01(vlan-20)# untagged 16
Switch01(vlan-20)# exit
Switch01(config)# trunk 21,23 Trk1 LACP
Switch01(config)# vlan 10
Switch01(vlan-10)# tagged Trk1
Switch01(vlan-10)# exit
Switch01(config)# vlan 20
Switch01(vlan-20)# tagged Trk1
Switch01(vlan-20)# exit Switch01(config)# write mem
Switch01(config)#
(On Cisco Switch)
Switch02>
Switch02>enable
Password: xxxxxxx
Switch02#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch02(config)#vlan 10
Switch02(config-vlan)#name Admin
Switch02(config-vlan)#exit
Switch02(config)#vlan 20
Switch02(config-vlan)#name Data
Switch02(config-vlan)#exit
Switch02(config)#int f0/2
Switch02(config-if)#switchport mode access
Switch02(config-if)#switchport access vlan 10
Switch02(config-if)#exit
Switch02(config)# interface range fa0/23 – 24
Switch02(config-if-range)# spanning-tree portfast trunk
%Warning: portfast should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc… to this interface when portfast is enabled, can cause temporary bridging loops. Use with CAUTION
Switch02(config-if-range)# channel-protocol lacp
Switch02(config-if-range)# channel-group 1 mode active
Creating a port-channel interface Port-channel 1
Switch02(config-if-range)# interface port-channel 1
Switch02(config-if)# switchport mode trunk
Switch02(config-if-range)#switchport trunk allowed vlan 1,10,20
Switch02(config-if)#exit
Switch02(config)#exit
Switch02#write mem
Building configuration… [OK]
Switch02#
Setting up VLANs on older Cisco Switches
Here’s an example using the older vlan database commands.
Switch01>enable
Password:
Switch01#
Switch01#vlan database
Switch01(vlan)#vlan 10 name Admin
VLAN 10 modified:
Name: Admin
Switch01(vlan)#vlan 20 name Data
VLAN 20 modified:
Name: Data
Switch01(vlan)#exit
APPLY completed.
Exiting….
Switch01#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch01(config)#int f0/2
Switch01(config-if)#switchport mode access
Switch01(config-if)#switchport access vlan 10
Switch01(config-if)#exit
Switch01(config)#int f0/16
Switch01(config-if)#switchport mode access
Switch01(config-if)#switchport access vlan 20
Switch01(config-if)#exit
Switch01(config)#int f0/23
Switch01(config-if)#switchport mode trunk
Switch01(config-if)#switchport trunk encapsulation dot1q
Switch02(config-if-range)#switchport trunk allowed vlan 1,10,20
Switch01(config-if)#exit
Switch01(config)#exit
Switch01#write mem
Building configuration…
Switch01#
منبع : petenetlive