神码9816命令手册_04_VLAN和MAC地址命令

CCIE学习（7）——VLAN相关命令汇总●相关操作命令：1）show mac address-table [aging-time | count | dynamic | static] [address hw-addr] [interface interface-id] [vlan vlan-id]：显示MAC地址表的相关信息。

2）show interface [interface-id | vlan vlan-id] switchport | trunk]：显示与接口上VLAN配置相关的信息。

3）show vlan [brief | id vlan-id | name vlan-name | summary]：显示VLAN 的相关信息。

4）show vlan [vlan]：显示VLAN信息。

5）show vtp status：显示VTP配置和状态信息。

6）switchport mode {access | dot1q-tunnel | dynamic {auto | desirable} | tr unk}：设置非中继、中继以及动态中继参数。

7）switchport nonegotiate：屏蔽DTP消息的接口子命令（接口必须配置为trun k或access端口）。

8）switchport trunk {allowed vlan vlan-list} | {encapsulation {dot1q | isl | n egotiate}} | {native vlan vlan-id} | {pruning vlan vlan-list}：当端口中继时设置参数的接口子命令。

9）switchport access vlan vlan-id：静态配置端口属于某个VLAN的接口子命令。

神州数码网络设备配置命令集合网路信息安全技能大赛网络搭建部分资料整理第一部分：交换机配置：1. 基本配置：开启SSH服务：debug ssh-server设置特权模式密码：enable password [8] <password> 注释：8为加密的密码设置退出特权模式超时时间：：exec-timeout <minutes > [<seconds>]Switch(config)#exec-timeout 5 30（退出时间为5分30秒）更改主机名：hostname 主机名设置主机名与IP地址的映射关系：Switch(config)#ip host beijing 200.121.1.1（beijing为主机）开启web配置服务：Switch(config)#ip http serve显示帮户信息的语言类型：language {chinese|english}使用密码验证：login使用本地用户密码验证：Switch(config)#login local设置用户在console上进入一般用户配置模式时的口令：Switch(config)#password 8 test 热启动交换机：reload加密系统密码：service password-encryption恢复交换机出厂配置：set default保存当前配置：write配置交换机作为Telnet 服务器允许登录的Telnet 客户端的安全IP 地址：Switch(config)#telnet-server securityip 192.168.1.21设置Telnet 客户端的用户名及口令：Switch(config)#telnet-user Antony password 0 switch 打开交换机的SSH服务器功能：Switch(config)#ssh-server enable设置SSH客户端的用户名及口令：Switch(config)#ssh-user switch password 0 switch 通过DHCP 方式获取IP地址。

1、创建vlan方法一switch#vlan databaseswitch(vlan)#vlan 10 name mahaobinswitch(vlan)#exit2、创建vlan方法二switch(config)#vlan 10switch(config-vlan)#name mahaobin3、删除vlan方法一switch(vlan)#no vlan 10switch(vlan)#exit4、删除vlan方法二switch(config)#no vlan 105、删除vlan方法三switch#delete vlan.dat6、将端口加入到vlan中switch(config-if)#switchport access vlan 107、将一组连续的端口加入到vlan中switch(config)# interface range f0/1 – 5switch(config-if-range)#switchport access vlan 10 8、将端口从vlan中删除switch(config-if)#no switchport access vlan 10switch(config-if)#switchport access vlan 1switch(config-if-range)#no switchport access vlan 10 switch(config-if-range)#switchport access vlan 19、查看所有vlan的摘要信息switch#show vlan brief10、查看指定vlan的信息switch#show vlan id 1011、指定端口成为trunkswitch(config-if)#switchport mode trunk12、 Trunk的自动协商switch(config-if)#switchport mode dynamic desirable switch(config-if)#switchport mode dynamic auto注意：如果中继链路两端都设置成auto将不能成为trunk 13、查看端口状态switch#show interface f0/2 switchport14、在trunk上移出vlanswitch(config-if)#switchport trunk allowed vlan remove 20 15、在trunk上添加vlanswitch(config-if)#switchport trunk allowed vlan add 20。

VLAN 目录目录第1章 VLAN配置命令..........................................................................................................1-11.1 VLAN配置命令.......................................................................................................... 1-11.1.1 description....................................................................................................... 1-11.1.2 display vlan ..................................................................................................... 1-11.1.3 port ................................................................................................................. 1-31.1.4 vlan................................................................................................................. 1-41.1.5 vlan { enable | disable } .................................................................................... 1-4第2章 isolate-user-vlan配置命令.........................................................................................2-12.1 isolate-user-vlan配置命令.......................................................................................... 2-12.1.1 display isolate-user-vlan ................................................................................... 2-12.1.2 isolate-user-vlan .............................................................................................. 2-22.1.3 isolate-user-vlan enable ................................................................................... 2-3第3章 GARP/GVRP配置命令..............................................................................................3-13.1 GARP配置命令......................................................................................................... 3-13.1.1 display garp statistics ....................................................................................... 3-13.1.2 display garp timer ............................................................................................ 3-23.1.3 garp timer ........................................................................................................ 3-33.1.4 garp timer leaveall............................................................................................ 3-43.1.5 reset garp statistics .......................................................................................... 3-43.2 GVRP配置命令......................................................................................................... 3-53.2.1 display gvrp statistics ....................................................................................... 3-53.2.2 display gvrp status ........................................................................................... 3-63.2.3 gvrp ................................................................................................................ 3-73.2.4 gvrp registration ............................................................................................... 3-8第1章 VLAN配置命令1.1 VLAN配置命令1.1.1 description【命令】description stringundo description【视图】VLAN视图【参数】string：当前VLAN的描述字符串，字符串长度范围为1～32字符。

VLAN配置命令目录目录第1章VLAN配置命令 (1)1.1VLAN配置命令 (1)1.1.1vlan (1)1.1.2name (2)1.1.3dot1q-tunnel (2)1.1.4switchport pvid (3)1.1.5switchport mode (4)1.1.6switchport trunk (5)1.1.7switchport dot1q-translating-tunnel (6)1.1.8mac-vlan mac-address (7)1.1.9switchport mac-vlan (7)1.1.10subnet (8)1.1.11switchport vlan-subnet enable (8)1.1.12Protocol-vlan (9)1.1.13switchport protocol-vlan (10)1.1.14show vlan (11)1.1.15show interface vlan (12)I第1章VLAN配置命令1.1VLAN配置命令VLAN配置命令有：●vlan●name●dot1q-tunnel●switchport pvid●switchport mode●switchport trunk●switchport dot1q-translating-tunnel●mac-vlan mac-address●Switchport mac-vlan●Subnet●Switchport vlan-subnet enable●Protocol-vlan●Switchport protocol-vlan●show vlan●show interface vlan1.1.1vlan[no]vlan vlan-id添加或删除VLAN。

参数参数参数说明vlan-id定义VLAN的ID。

取值范围：1–4094。

缺省无命令模式全局配置模式1使用说明使用本命令后，可以进入到VLAN配置模式，进入该模式后可以更改该VLAN的一些属性。

目录第1章VLAN配置..................................................................... 1-11.1 VLAN配置........................................................................................ 1-11.1.1 VLAN介绍 ................................................................................................ 1-11.1.2 VLAN的配置任务序列 .............................................................................. 1-21.1.3 VLAN典型应用......................................................................................... 1-41.1.4 Hybrid端口的典型应用 ............................................................................ 1-61.2 GVRP配置 ....................................................................................... 1-81.2.1 GVRP介绍................................................................................................ 1-81.2.2 GVRP配置任务序列 ................................................................................. 1-91.2.3 GVRP举例..............................................................................................1-101.2.4 GVRP排错帮助.......................................................................................1-121.3 Dot1q-tunnel配置 ......................................................................... 1-121.3.1 Dot1q-tunnel介绍..................................................................................1-121.3.2 Dot1q-tunnel配置..................................................................................1-131.3.3 Dot1q-tunnel典型应用...........................................................................1-131.3.4 Dot1q-tunnel排错帮助...........................................................................1-141.4 VLAN-translation配置 .................................................................. 1-151.4.1 VLAN-translation介绍...........................................................................1-151.4.2 VLAN-translation配置...........................................................................1-151.4.3 VLAN-translation典型应用 ...................................................................1-161.4.4 VLAN-translation排错帮助 ...................................................................1-171.5 动态VLAN配置............................................................................. 1-171.5.1 动态VLAN介绍 .....................................................................................1-171.5.2 动态VLAN配置 .....................................................................................1-181.5.3 动态VLAN典型应用..............................................................................1-191.5.4 动态VLAN排错帮助..............................................................................1-201.6 Voice VLAN配置 ........................................................................... 1-211.6.1 Voice VLAN介绍....................................................................................1-211.6.2 Voice VLAN配置....................................................................................1-221.6.3 Voice VLAN典型应用.............................................................................1-221.6.4 Voice VLAN排错帮助.............................................................................1-24第2章MAC地址表配置 ........................................................... 2-12.1 MAC地址表介绍............................................................................... 2-12.1.1 MAC地址表的获取 ................................................................................... 2-12.1.2 转发或过滤 ............................................................................................... 2-2 2.2 MAC地址表配置............................................................................... 2-3 2.3 典型配置举例 ................................................................................... 2-4 2.4 排错帮助 .......................................................................................... 2-5 2.5 MAC地址功能扩展........................................................................... 2-52.5.1 MAC地址绑定........................................................................................... 2-5第1章 VLAN 配置1.1 VLAN 配置 1.1.1 VLAN 介绍VLAN （Virtual Local Area Network ）即虚拟局域网，这项技术可以根据功能、应用或者管理的需要将局域网内部的设备逻辑地划分为一个个网段，从而形成一个个虚拟的工作组，并且不需要考虑设备的实际物理位置。

vlan配置命令（VLAN configuration command）VLAN configuration command9.2.2.1 VLANCommand: VLAN [vlan-id]No VLAN [vlan-id]Function: create VLAN and enter VLAN configuration mode; in VLAN mode, the user can configure the VLAN name and assign the switch port to the VLAN; the no operation of this command is to delete the specified vlan.Argument: [vlan-id] is the VLAN of the vid to create / delete, with a range of 1~4094.Command mode: global configuration modeDefault: the switch defaults to only vlan1.Instruction: vlan1 is the default VLAN for the switch, and the user cannot configure and delete vlan1. The total number of VLAN configurations allowed is 255. Another reminder is that you cannot use this command to delete the dynamic GVRP you learned through vlan.Example: create vlan100 and enter the vlan100 configuration mode.Switch (config) #vlan 100Switch (config-vlan100) #9.2.2.2 nameCommand: name [vlan-name]No nameFunction: Specifies the name for the VLAN; the name of the VLAN is a descriptive string to the VLAN; the no operation of this command is to delete the name of the vlan.Argument: [vlan-name] is the specified VLAN name string.Command mode: VLAN configuration modeDefault: VLAN the default VLAN name is vlanxxx, where XXX is vid.Instruction: the switch provides functions that specify names for different VLAN, which help users remember VLAN and facilitate management.For example: specify the name "testvlan" for vlan100.Switch (config-vlan100) #name testvlan9.2.2.3 switchport access VLANCommand: switchport, access, VLAN, [vlan-id]No switchport access VLANFunction: adds the current access port to the specified VLAN; this command no operates to remove the current port from the vlan.Parameter: [vlan-id] is the VLAN vid to be added to the current port, and the range is 1~4094.Command mode: port configuration modeDefault: all ports default to vlan1.Usage guide: only ports that belong to access mode can be added to the specified VLAN, and the access port can only be added to a vlan.Example: set up a access port and add vlan100.Switch (config) #interface Ethernet 0/0/8Switch (config-ethernet0/0/8) #switchport mode accessSwitch (config-ethernet0/0/8) #switchport access VLAN 100Switch (config-ethernet0/0/8) #exit9.2.2.4 switchport interfaceCommand: switchport interface [interface-list]No switchport interface [interface-list]Function: assign the Ethernet port command to VLAN; the no operation of this command is to delete one or a group of ports within the specified vlan.Parameter: [interface-list] to add or delete a list of ports, support, "" - ", such as: Ethernet, 0/0/1; 2; 5 or Ethernet 0/0/1-6; 8.Command mode: VLAN configuration modeDefault: the newly established VLAN does not contain any ports by default.Directions: the access port is an ordinary port. You can add VLAN, but only one VLAN is added.For example: vlan100 distribution of Fast Ethernet ports 1, 3, 4-7, 8.Switch (config-vlan100), #switchport, interface, Ethernet, 0/0/1; 3; 4-7; 89.2.2.5 switchport modeCommand: switchport mode {trunk|access}Function: set the port of switch to access mode or trunk mode.Command mode: port configuration modeParameter: trunk indicates that the port allows traffic through multiple VLAN; access is port, only one vlan.Command mode: port configuration modeDefault: the port defaults to access mode.Directions: work in the trunk mode port called trunk port, trunk port through a number of VLAN traffic through trunk interconnection between ports, communication can achieve the same VLAN on the different switch;The port working under access mode is called the access port, and the access port can be assigned to a VLAN and can only be assigned to an vlan.ATTENTION: 802.1x authentication is not allowed on the trunk port.Example: port 5 is set to trunk mode and port 8 is set to access mode.Switch (config) #interface Ethernet 0/0/5Switch (config-ethernet0/0/5) #switchport mode trunkSwitch (config-ethernet0/0/5) #exitSwitch (config) #interface Ethernet 0/0/8Switch (config-ethernet0/0/8) #switchport mode accessSwitch (config-ethernet0/0/8) #exit9.2.2.6, switchport, trunk, allowed, VLANCommand: switchport, trunk, allowed, VLAN, {[vlan-list]|all}No, switchport, trunk, allowed, VLANFunction: set the trunk port to allow the default operation through VLAN; the no operation of this command is to restore the default.Argument: [vlan-list] is the list of VLAN allowed to pass on the trunk port; the all shows the key table that allows the trunk port to pass through all the VLAN traffic.Command mode: port configuration modeDefault: the trunk port defaults through all vlan.Usage guide: users can set up by this command which VLAN traffic is prohibited through the trunk port and not included in the VLAN traffic.Example: setting the trunk port allows traffic through vlan1, 3, and 5-20.Switch (config) #interface Ethernet 0/0/5Switch (config-ethernet0/0/5) #switchport mode trunkSwitch (config-ethernet0/0/5) #switchport trunk allowed VLAN 1; 3; 5-20Switch (config-ethernet0/0/5) #exit9.2.2.7, switchport, trunk, native, VLANCommand: switchport, trunk, native, VLAN, [vlan-id]No, switchport, trunk, native, VLANFunction: set the PVID of the trunk port; the no operation of this command is to restore the default value.Parameter: [vlan-id] is the PVID of the trunk port.Command mode: port configuration modeDefault: trunk port, default PVID is 1.Usage guide: the concept of PVID is defined in 802.1q. The role of the trunk port PVID is that when a untagged frame enters the trunk port, the port will flag the untagged frame with the native PVID of the tag command set for this vlan.Example: the native VLAN setting of a trunk port is 100.Switch (config) #interface Ethernet 0/0/5Switch (config-ethernet0/0/5) #switchport mode trunkSwitch (config-ethernet0/0/5) #switchport trunk native VLAN 100Switch (config-ethernet0/0/5) #exit9.2.2.8 VLAN ingress enableCommand: VLAN ingress enableNo VLAN ingress enableCommand mode: port configuration modeFunction: opens the port's VLAN entry rule; the no operation of this command closes the entry criteria.Default: the system defaults to closing the port's VLAN entry criteria.Guide: when the VLAN entrance rules of open ports system, when receiving data will check whether the source port is a member of the VLAN port, if it is to accept data and forwarded to the destination port, otherwise it will discard the data.Example: open the port's VLAN entry rules.Switch (config-ethernet0/0/1) VLAN ingress enable #9.2.2.9 private-vlanCommand: private-vlan {primary|isolated|community}No private-vlanFunction: set the current VLAN to private VLAN. The command's no operation is to cancel the private VLAN setting.Argument: primary sets the current VLAN to primary VLAN, and isolated sets the current VLAN to isolated VLAN, and community sets the current VLAN to community vlan.Command mode: VLAN configuration modeDefault: there is no private VLAN configuration by default.Directions: private VLAN divided into three types: primary VLAN, primary VLAN in the port and VLAN, between isolated in the VLAN port is isolated, they can only port communication and its associated primary VLAN in community VLAN, community VLAN; in the port can communicate with each other. Port communication can and its associated primary VLAN; isolated VLAN in the can communication between the port and port in community in vlan. Only do not contain any Ethernet port of the VLAN can be set to private VLAN; only set the relationship of private VLAN to access type Ethernet port is set to VLAN if the ordinary member port; is set to privatevlan, will automatically turn the Ethernet port empty.ATTENTION:gvrp does not disseminate information about privatevlan.Example: set vlan100, 200, 300 to privatevlan, and type primary, isolated, community, respectively.Switch (config) #vlan 100Switch (config-vlan100) #exitSwitch (config-vlan100) #private-vlan primarySwitch (config) #vlan 200Switch (config-vlan200) #private-vlan isolatedSwitch (config-vlan200) #exitSwitch (config) #vlan 300Switch (config-vlan300) #private-vlan communitySwitch (config-vlan300) #exit9.2.2.10 private-vlan AssociationCommand: private-vlan Association [secondary-vlan-list]No private-vlan AssociationFunction: sets the binding operation for private VLAN, the no operation of the command to cancel the private VLAN binding.Parameters: [secondary-vlan-list] and primary VLAN related secondary specified VLAN secondary VLAN list, including isolated VLAN and community VLAN two, support ";" connect multiple secondary vlan.Command mode: VLAN configuration modeDefault: there is no private VLAN binding by default.Directions: set the private VLAN relationship only primary type of VLAN can be connected to each port; each port of primary VLAN secondary in VLANs and the associated primary in VLAN communication.In the setting of private VLAN Association, three types of private VLAN are not members of the Ethernet port port; private VLAN primary VLAN connection cannot be removed; the association between privatevlans was released by members of the port will automatically be empty.For example, associate isolated, vlan200, and community vlan300 to primary vlan100.Switch (config-vlan100) #private-vlan Association 200; 300。

第1章VLAN配置命令system-view【命令】system-view【视图】用户视图【参数】无【描述】system-view命令用来使用户从用户视图进入系统视图。

相关配置可参考命令quit，return。

【举例】# 从用户视图进入系统视图。

<Quidway> system-viewEnter system view , return user view with Ctrl+Z.[Quidway]1.1 VLAN配置命令1.1.1 description【命令】description stringundo description【视图】VLAN视图【参数】string：当前VLAN的描述字符串，字符串长度范围为1～32字符。

VLAN缺省描述字符串为该VLAN的VLAN ID，例如“VLAN 0001”。

【描述】description命令用来为当前VLAN一个描述，undo description命令用来恢复指定VLAN的描述字符串为缺省描述。

相关配置可参考命令display vlan。

【举例】# 为当前的VLAN指定一个描述字符串“RESEARCH”。

[Quidway-vlan1] description RESEARCH1.1.2 display vlan【命令】display vlan [ vlan_id | all | static | dynamic ]【视图】所有视图【参数】vlan_id：显示指定VLAN的相关信息。

all：显示所有VLAN的相关信息。

static：显示系统静态创建的VLAN。

dynamic：显示系统动态创建的VLAN。

【描述】display vlan命令用来显示VLAN的相关信息。

如果指定vlan_id或all，则显示指定或所有VLAN的相关信息，包括：VLAN ID、VLAN类型（动态还是静态）、VLAN是否启动了路由功能（如果启动，则显示IP地址及掩码）、VLAN的描述信息、VLAN包含的端口等。

神马交换机配置相关命令switch>enable （进入特权模式）switch#configure terminal （进入全局配置模式）switch(config)#telnet-service enable （启用telnet远程服务）switch(config)#username admin privilege 15 password 0 admin （给telnet 创建用户名和密码）switch(config)#ip route 0.0.0.0 0.0.0.0 10.10.10.2 （给核心交换机给默认静态路由，并指定下一跳地址）switch(config)#vlan 10 （给交换机创建vlan 10）switch(config-vlan10)#exitswitch(config)#vlan 20 （给交换机创建vlan 20）switch(config-vlan20)#exitswitch(config)#vlan 30switch(config-vlan30)#exitswitch(config)#vlan 40switch(config-vlan40)#exitswitch(config)#vlan 50switch(config-vlan50)#exitswitch(config)#interface vlan 1 （进入vlan1，vlan1为交换机默认vlan 不能删除，我们将所有交换机的vlan1作为管理vlan) switch(config-if-vlan1)#ip address 192.168.100.1255.255.255.0 （给vlan 1 给 ip地址，也就是每个交换机的管理地址，telnet此地址就可以进行远程调试）switch(config-if-vlan1)#exit (退出vlan 配置模式）switch(config)#interface vlan 10 （vlan 10作为核心交换机和防火墙/路由器间的通信vlan，给vlan 10 ip地址和子网掩码）switch(config-if-vlan10)#ip address 10.10.10.2 255.255.255.0 switch(config-if-vlan10)#exit (退出vlan 配置模式）switch(config)#interface e1/1switch(config-if-vlan10)#switchport access vlan 10 （给好vlan 10地址后把此vlan 分配给核心交换机的一个端口e1/1 通过此端口和防火墙/路由器相连）switch(config)#interface vlan 20 （进入vlan 20)switch(config-if-vlan20)#ip address 192.168.2.254 255.255.255.0 (给vlan 20给定 ip 地址，和默认网关，此ip地址为接入此端口的PC的上网默认网关）switch(config-if-vlan20)#exit (退出vlan 配置模式）switch(config)#interface vlan 30 （进入vlan 30)switch(config-if-vlan30)#ip address 192.168.3.254 255.255.255.0 (给vlan 30给定 ip 地址，和默认网关，此ip地址为接入此端口的PC的上网默认网关）switch(config-if-vlan30)#exit (退出vlan 配置模式）switch(config)#interface vlan 40switch(config-if-vlan40)#ip address 192.168.4.254 255.255.255.0 (给vlan 40给定 ip 地址，和默认网关，此ip地址为接入此端口的PC的上网默认网关）switch(config-if-vlan40)#exit (退出vlan 配置模式）switch(config)#interface vlan 50switch(config-if-vlan50)#ip address 192.168.4.254 255.255.255.0switch(config-if-vlan50)#exit (退出vlan 配置模式）switch(config)#service dhcp (启用DHCP服务）switch(config)#ip dhcp pool 2 (启用一个名字为2的dhcp池名字，2可以自己随便设置)switch(dhcp-3-config)#network 192.168.2.0 255.255.255.0 （指定地址池的范围）switch(dhcp-3-config)#default-router 192.168.2.254（指定网关，不同vlan就是通过这个网关来寻找自己属于哪个地址池，然後才会从这个地址池里面获取IP地址）switch(dhcp-3-config)#dns-server 202.100.64.68 （指定DNS，兰州电信DNS为202.100.64.68）switch(dhcp-2-config)#exit （退出地址池配置模式）switch(config)#ip dhcp excluded-address 192.168.2.254 （将192.168.2.254地址排除在地址池的范围里面，网关不能分配给用户电脑）switch(config)#ip dhcp pool 3switch(dhcp-3-config)#network 192.168.3.0 255.255.255.0switch(dhcp-3-config)#default-router 192.168.3.254switch(dhcp-3-config)#dns-server 202.100.64.68switch(dhcp-3-config)#exitswitch(config)#ip dhcp excluded-address 192.168.3.254switch(config)#ip dhcp pool 4switch(dhcp-3-config)#network 192.168.4.0 255.255.255.0 switch(dhcp-3-config)#default-router 192.168.2.254switch(dhcp-3-config)#dns-server 202.100.64.68switch(dhcp-4-config)#exitswitch(config)#ip dhcp excluded-address 192.168.4.254switch(config)#ip dhcp pool 5switch(dhcp-3-config)#network 192.168.5.0 255.255.255.0 switch(dhcp-3-config)#default-router 192.168.2.254switch(dhcp-3-config)#dns-server 202.100.64.68switch(dhcp-5-config)#exitswitch(config)#ip dhcp excluded-address 192.168.5.254switch(config)#interface e1/10-12 (进入10-12光电复用口）switch(config-if-port-range)#combo-forced-mode copper-forced （交换机的光电复用口优先会识别光口，如果插到电口上，不能识别的话，强制使其优先识别电口）switch(config)#interface e1/13-14 （进入13-14口）switch(config-if-port-range)#switchport access vlan 20 （将这些接口划入vlan 20,这样插入此接口的电脑上网的网段就是2网段，默认网关是192.168.2.254）switch(config)#interface e1/15-16（进入15-16口）switch(config-if-port-range)#switchport access vlan 30 （将这些接口划入vlan 30,这样插入此接口的电脑上网的网段就是3网段，默认网关是192.168.3.254）switch(config)#interface e1/17-18（进入17-18口）switch(config-if-port-range)#switchport access vlan 40 （将这些接口划入vlan 40,这样插入此接口的电脑上网的网段就是4网段，默认网关是192.168.4.254）switch(config)#interface e1/19-20（进入19-20口）switch(config-if-port-range)#switchport access vlan 50 （将这些接口划入vlan 50,这样插入此接口的电脑上网的网段就是5网段，默认网关是192.168.5.254）switch(config)#interface e1/20-24switch(config-if-port-range)#switchport mode trunk (划分交换机的20-24口为TRUNK，TRUNK为透传不同VLAN之间的信息，不划TRUNK口的话不同VLAN的交换机将不能通信，仅限于智能交换机）switch(config)#exit （退出全局配置模式）switch#write （保存）。

交换机基本状态：hostname> ；用户模式hostname# ；特权模式hostname(config)# ；全局配置模式hostname(config-if)# ；接口状态交换机口令设置：switch>enable ；进入特权模式switch#config terminal ；进入全局配置模式switch(config)#hostname ；设置交换机的主机名switch(config)#enable secret xxx ；设置特权加密口令switch(config)#enable password xxa ；设置特权非密口令switch(config)#line console 0 ；进入控制台口switch(config-line)#line vty 0 4 ；进入虚拟终端switch(config-line)#login ；允许登录switch(config-line)#password xx ；设置登录口令xx switch#exit ；返回命令交换机VLAN设置：switch#vlan database ；进入VLAN设置switch(vlan)#vlan 2 ；建VLAN 2switch(vlan)#no vlan 2 ；删vlan 2switch(config)#int f0/1 ；进入端口1switch(config-if)#switchport access vlan 2 ；当前端口加入vlan 2 switch(config-if)#switchport mode trunk ；设置为干线switch(config-if)#switchport trunk allowed vlan 1，2 ；设置允许的vlan switch(config-if)#switchport trunk encap dot1q ；设置vlan 中继switch(config)#vtp domain ；设置发vtp 域名switch(config)#vtp password ；设置发vtp 密码switch(config)#vtp mode server ；设置发vtp模式switch(config)#vtp mode client ；设置发vtp模式交换机设置IP地址：switch(config)#interface vlan 1 ；进入vlan 1switch(config-if)#ip address ；设置IP地址switch(config)#ip default-gateway ；设置默认网关switch#dir Flash: ；查看闪存交换机显示命令：switch#write ；保存配置信息switch#show vtp ；查看vtp配置信息switch#show run ；查看当前配置信息switch#show vlan ；查看vlan配置信息switch#show interface ；查看端口信息switch#show int f0/0 ；查看指定端口信息完了最最要的一步。