Tarmoq xavfsizligi

Yüklə 305,53 Kb.

səhifə	18/80
tarix	27.12.2023
ölçüsü	305,53 Kb.
	#163603

1 ... 14 15 16 17 18 19 20 21 ... 80

Tarmoq xavfsizligi-hozir.org

Keng eshittirishli domenlarni kamaytiradi
1 topshiriq bo`yicha Laboratoriya ishini bajarish tartibi

Xarajatlarni kamaytirish: o`tkazish qobiliyatidan samarali foydalanish va qimmat tarmoq inrastrukturalari yangilanishini arzonligi;
Samaradorlikni oshirish: tarmoqni ikkinchi pog`onada bir nechta mantiqiy guruhlarga bo`lish (keng eshittirishli domen) ortiqcha tarmoq trafigini sonini kamaytiradi va samaradorlikni oshiradi;
Keng eshittirishli domenlarni kamaytiradi: tarmoqni VLANlarga ajratish keng eshittirishli domendagi qurilmalar sonini kamaytiradi.
Аxborot texnologiyalari bo`limining samaradorligini oshirish: VLAN tarmog`i tarmoqni boshqarishni soddalashtiradi. Yangi kommutatorni ekspluatatsiyaga kiritishda ko`rsatilgan portlarda kerakli qoida va jarayonlarni amalga oshiradi. Аxborot texnologiyalari mutaxassislari VLAN ga tegishli nom bilan tarmoqni funktsiyasini tezda aniqlashadi.
Har bir VLAN tarmoqda qaysidir bir IP tarmoqqa tegishli bo`ladi. VLAN ni loyihalashda tarmoq adreslashining ierarxik tizimini amalga oshirishni inobatga olish lozim. Ierarxik adreslash degenda tarmoqni to`liq ishlashida VLAN tarmog`i yoki IP tarmoqning segmentlarini tartibli berilgan raqamlanishi tushiniladi.
Vlan tarmoqlari asosan 2 xil diapazoda bo`ladi:
1.Standart – 1 dan 1005 gacha
2.Kengaytirilgan – 1006 dan 4094 gacha
Kommutator portlari VlAN 1 ga oldindan biriktirilgan bo`ladi (default vlan, native vlan = 1)

6.1-rasm. VLAN 1 ga biriktirilgan portlar ro‘yxati

1 topshiriq bo`yicha Laboratoriya ishini bajarish tartibi
5.2-rasmda ko`rsatilgan topologiya bo`yicha Sw1, Sw2 kommutatorlar uchun asosiy konfiguratsiyalarni sozlang.

6.2-rasm. VLAN tarmog`i asosida tuzilgan tarmoq topologiyasi

6.1-jadval

Qurilma

IP-manzil

Gateway

VLAN ID

Interface

Port rejimlari

Laptop0

192.168.10.1

192.168.10.254

vlan 10

Fa0/1

Access

Laptop1

192.168.10.2

192.168.10.254

vlan 10

Fa0/2

Access

Laptop2

192.168.30.1

192.168.30.254

vlan 30

Fa0/5

Access

Laptop3

192.168.30.2

192.168.30.254

vlan 30

Fa0/6

Access

Laptop4

192.168.20.1

192.168.20.254

vlan 20

Fa0/3

Access

Laptop5

192.168.20.2

192.168.20.254

vlan 20

Fa0/4

Access

Laptop6

192.168.10.3

192.168.10.254

vlan 10

Fa0/1

Access

Laptop7

192.168.10.4

192.168.10.254

vlan 10

Fa0/2

Access

Laptop8

192.168.20.3

192.168.20.254

vlan 20

Fa0/3

Access

Laptop9

192.168.20.4

192.168.20.254

vlan 20

Fa0/4

Access

Laptop10

192.168.30.3

192.168.30.254

vlan 30

Fa0/5

Access

Laptop11

192.168.30.4

192.168.30.254

vlan 30

Fa0/6

Access

SW1

Vlan 10,20,30

Fa0/7

Trunk

SW2

Vlan 10,20,30

Fa0/7

Trunk

Sw1 va Sw2 kommutatorlarda VLAN (10, 20, 30) yaratish va unga mos ravishda nom berilishi (bugalteriya, student, dekanat).

Switch>enable

Switch#conf terminal
Switch(config)#hostname Sw1
Sw1(config)#vlan 10
Sw1(config-vlan)#name bugalteriya
Sw1(config-vlan)#exit
Sw1(config)#vlan 20
Sw1(config-vlan)#name student
Sw1(config-vlan)#exit
Sw1(config)#vlan 30
Sw1(config-vlan)#name dekanat
Sw1(config-vlan)#exit
Switch>enable
Switch#conf terminal
Switch(config)#hostname Sw2
Sw2(config)#vlan 10
Sw2(config-vlan)#name bugalteriya
Sw2(config-vlan)#exit
Sw2(config)#vlan 20
Sw2(config-vlan)#name student
Sw2(config-vlan)#exit
Sw2(config)#vlan 30
Sw2(config-vlan)#name dekanat
Sw2(config-vlan)#exit

Switch da yaratilgan Vlanlarni ko`rish

Kommutator portlarini Vlan ID larga biriktirish

Sw1(config)#interface fastEthernet 0/1

Sw1(config-if)#switchport mode access
Sw1(config-if)#switchport access vlan 10
Sw1(config-if)#exit
Sw1(config)#interface fastEthernet 0/2
Sw1(config)#interface fastEthernet 0/3
Sw1(config-if)#switchport mode access
Sw1(config-if)#switchport access vlan 20
Sw1(config-if)#exit
Sw1(config)#interface fastEthernet 0/4
Sw1(config-if)#switchport mode access
Sw1(config-if)#switchport access vlan 20
Sw1(config-if)#exit
Sw1(config)#interface fastEthernet 0/5
Sw1(config-if)#switchport mode access
Sw1(config-if)#switchport access vlan 30
Sw1(config-if)#exit
Sw1(config)#interface fastEthernet 0/6
Sw1(config-if)#switchport mode access
Sw1(config-if)#switchport access vlan 30
Sw1(config-if)#exit
Sw2(config)#interface fastEthernet 0/1

Sw2(config-if)#switchport mode access

Sw2(config-if)#switchport access vlan 10
Sw2(config-if)#exit
Sw2(config)#interface fastEthernet 0/2
Sw2(config)#interface fastEthernet 0/3
Sw2(config-if)#switchport mode access
Sw2(config-if)#switchport access vlan 20
Sw2(config-if)#exit
Sw2(config)#interface fastEthernet 0/4
Sw2(config-if)#switchport mode access
Sw2(config-if)#switchport access vlan 20
Sw2(config-if)#exit
Sw2(config)#interface fastEthernet 0/5
Sw2(config-if)#switchport mode access
Sw2(config-if)#switchport access vlan 30
Sw2(config-if)#exit
Sw2(config)#interface fastEthernet 0/6
Sw2(config-if)#switchport mode access
Sw2(config-if)#switchport access vlan 30
Sw2(config-if)#exit

Sw1 va Sw2 kommutatorlar o`rtasida trunk rejimini sozlash va magistral liniya bo`yicha aniq VLAN ID ta’yinlash.

Sw1(config)#interface fastEthernet 0/7
Sw1(config-if)#switchport mode trunk
Sw1(config-if)#switchport trunk allowed vlan 10,20,30
Sw1(config-if)#end
Sw1#show running-config

Yuqorida keltirilgan buyruq bitta kommutatorga sozlansa yetarli boladi, sababi 2 chi kommutator 1 chi kommutatorga ulangan interfeysini (fa0/7) avtomatik trank rejimini o`tkazadi

Yüklə 305,53 Kb.

Dostları ilə paylaş:

1 ... 14 15 16 17 18 19 20 21 ... 80