NEC IX ポートVLAN設定

2021.11.19
スポンサーリンク

NEC IXシリーズは他のL3SW機器と同様に、ポートVLANとタグVLANを設定する事ができます。port VLANを設定するには、まずvlan-groupとportの紐付けを行う必要があります。

関連記事 : NEC IX 基本設定
関連記事 : NEC IX 管理機能
関連記事 : NEC IX ルーティング
関連記事 : NEC IX 広域網設定

コマンド一覧

このシナリオで重要なコマンド一覧は以下の通りです。 

Router(config)# device GigaEthernet2
Router(config-GigaEthernet2)# vlan-group <group_num> port <port_num> [  <port_num> ... ]
Router(config)# interface GigaEthernet2:X.0
Router(config-GigaEthernet2:X.0)# ip address <addr>/<mask>
Router(config-GigaEthernet2:X.0)# no shutdown

仕様説明

VLAN / port 対応

複数ポートを備えているデバイスはスイッチングハブ(L3SW)として機能します。このデバイスは、ポートとVLANグループを紐付ける事ができます。 

Router(config)# device GigaEthernet2
Router(config-GigaEthernet2)# vlan-group <group_num> port <port_num> [  <port_num> ... ]

vlan group アドレス設定

以下のような操作でvlan groupに対してIPアドレスを付与する事ができます。Xはvlan group番号で、環境に応じて適宜変更する必要があります。また、デフォルトは”administratively down”状態ですので”no shut”コマンドを投入する必要があります

Router(config)# interface GigaEthernet2:X.0
Router(config-GigaEthernet2:X.0)# ip address <addr>/<mask>
Router(config-GigaEthernet2:X.0)# no shutdown

動作確認環境

IX2215とcatalyst2960Sを用いて動作確認を行います。 


 +--------+ device2 port1            G0/1 +-------+
 |        +-------------------------------+       |
 |        | device2 port4            G0/4 |       |
 | IX2215 +-------------------------------+ 2960S |
 |        | device2 port7            G0/7 |       |
 |        +-------------------------------+       |
 +--------+                               +-------+
 G2:.0 192.168.1.1/24                Vlan1 192.168.1.254/24
 G2:2.0 192.168.2.1/24               Vlan2 192.168.2.254/24
 G2:3.0 192.168.3.1/24               Vlan3 192.168.3.254/24


 [2960S]
interface Vlan1
 ip address 192.168.1.254 255.255.255.0
interface Vlan2
 ip address 192.168.2.254 255.255.255.0
interface Vlan3
 ip address 192.168.3.254 255.255.255.0
!
interface GigabitEthernet0/1
 switchport mode access
 spanning-tree portfast
interface GigabitEthernet0/4
 switchport access vlan 2
 switchport mode access
 spanning-tree portfast
interface GigabitEthernet0/7
 switchport access vlan 3
 switchport mode access
 spanning-tree portfast

catalyst2960Sの設定全文は以下の通りです。IX2215については工場出荷時の設定で検証を行います。

catalyst2960S
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
!
!
!
no aaa new-model
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
vlan internal allocation policy ascending
!
!
interface FastEthernet0
 no ip address
 shutdown
!
interface GigabitEthernet0/1
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
 switchport access vlan 2
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/5
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
 switchport access vlan 3
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
!
interface GigabitEthernet0/10
!
interface GigabitEthernet0/11
!
interface GigabitEthernet0/12
!
interface GigabitEthernet0/13
!
interface GigabitEthernet0/14
!
interface GigabitEthernet0/15
!
interface GigabitEthernet0/16
!
interface GigabitEthernet0/17
!
interface GigabitEthernet0/18
!
interface GigabitEthernet0/19
!
interface GigabitEthernet0/20
!
interface GigabitEthernet0/21
!
interface GigabitEthernet0/22
!
interface GigabitEthernet0/23
!
interface GigabitEthernet0/24
!
interface GigabitEthernet0/25
!
interface GigabitEthernet0/26
!
interface Vlan1
 ip address 192.168.1.254 255.255.255.0
!
interface Vlan2
 ip address 192.168.2.254 255.255.255.0
!
interface Vlan3
 ip address 192.168.3.254 255.255.255.0
!
ip http server
ip http secure-server
!
line con 0
line vty 5 15
!
end

全ての設定が終わった時点の構成図をデフォルメして書くと以下のようになります。

NEC IX ポートVLANの概念図

VLAN / port 対応

設定投入

vlan groupとportの対応付けの設定を行います。 

device GigaEthernet2
 vlan-group 2 port 4 5 6
 vlan-group 3 port 7 8

設定確認

“show vlans”コマンドにより、vlan groupとportの紐付けを確認できます。特にvlan groupの設定を行っていないポートは、Gruop N/Aとして表示されます。 

Router(config)# show vlans
GigaEthernet2 Virtual Bridged LAN
  Group N/A status is up, 1G b/s
    Assigned ports: 1 2 3
    267 input frames, 74 output frames
  Group 2 status is down
    Assigned ports: 4 5 6
    0 input frames, 0 output frames
  Group 3 status is down
    Assigned ports: 7 8
    0 input frames, 0 output frames
Router(config)#

vlan group アドレス設定

設定投入

それぞれのvlan groupに対してIPアドレスを設定します。vlan group N/Aの場合は、vlan group番号を省略して指定します。 

interface GigaEthernet2.0
 ip address 192.168.1.1/24
interface GigaEthernet2:2.0
 ip address 192.168.2.1/24
interface GigaEthernet2:3.0
 ip address 192.168.3.1/24

設定確認

各インターフェースのIPアドレスを確認します。なお、”no shut”投入前ですので”administratively down”になっている事にも注意を払って下さい。 

Router(config)# show ip interface
Interface GigaEthernet2.0 is up, line protocol is up
  Internet address is 192.168.1.1/24
  Broadcast address is 255.255.255.255
  Address determined by config
  MTU is 1500 octets
  Directed broadcast forwarding is disabled
  Proxy ARP is disabled
  Local proxy ARP is disabled
  ICMP redirects are always sent
  IGMP is disabled
  TCP MSS adjustment is disabled
Interface GigaEthernet2:2.0 is administratively down, line protocol is down
  Internet address is 192.168.2.1/24
  Broadcast address is 255.255.255.255
  Address determined by config
  MTU is 1500 octets
  Directed broadcast forwarding is disabled
  Proxy ARP is disabled
  Local proxy ARP is disabled
  ICMP redirects are always sent
  IGMP is disabled
  TCP MSS adjustment is disabled
Interface GigaEthernet2:3.0 is administratively down, line protocol is down
  Internet address is 192.168.3.1/24
  Broadcast address is 255.255.255.255
  Address determined by config
  MTU is 1500 octets
  Directed broadcast forwarding is disabled
  Proxy ARP is disabled
  Local proxy ARP is disabled
  ICMP redirects are always sent
  IGMP is disabled
  TCP MSS adjustment is disabled
Interface Null0.0 is up, line protocol is up
  Interface is unnumbered.
  MTU is 1500 octets
  Directed broadcast forwarding is enabled
  Proxy ARP is disabled
  Local proxy ARP is disabled
  ICMP redirects are never sent
  TCP MSS adjustment is disabled
Router(config)#

疎通確認

各vlan gruopからの疎通が可能である事を確認します。まず、”no shut”コマンドを投入し、疎通可能な状態にします。 

Interface GigaEthernet2.0
 no shutdown
Interface GigaEthernet2:2.0
 no shutdown
Interface GigaEthernet2:3.0
 no shutdown

pingコマンドにより疎通を確認します。 

Router(config)# ping 192.168.1.254
PING 192.168.1.1 > 192.168.1.254 56 data bytes
64 bytes from 192.168.1.254: icmp_seq=1 ttl=255 time=1.985 ms
64 bytes from 192.168.1.254: icmp_seq=2 ttl=255 time=1.411 ms
64 bytes from 192.168.1.254: icmp_seq=3 ttl=255 time=0.831 ms

--- 192.168.1.254 ping statistics ---
4 packets transmitted, 3 packets received, 25% packet loss
round-trip (ms)  min/avg/max = 0.831/1.409/1.985
Router(config)#
Router(config)#
Router(config)# ping 192.168.2.254
PING 192.168.2.1 > 192.168.2.254 56 data bytes
64 bytes from 192.168.2.254: icmp_seq=1 ttl=255 time=1.985 ms
64 bytes from 192.168.2.254: icmp_seq=2 ttl=255 time=1.411 ms
64 bytes from 192.168.2.254: icmp_seq=3 ttl=255 time=0.831 ms

--- 192.168.2.254 ping statistics ---
4 packets transmitted, 3 packets received, 25% packet loss
round-trip (ms)  min/avg/max = 0.831/1.409/1.985
Router(config)#
Router(config)#
Router(config)#
Router(config)# ping 192.168.3.254
PING 192.168.3.1 > 192.168.3.254 56 data bytes
64 bytes from 192.168.3.254: icmp_seq=0 ttl=255 time=1.271 ms
64 bytes from 192.168.3.254: icmp_seq=1 ttl=255 time=1.419 ms
64 bytes from 192.168.3.254: icmp_seq=2 ttl=255 time=1.533 ms

--- 192.168.3.254 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip (ms)  min/avg/max = 1.271/1.407/1.533
Router(config)#
タイトルとURLをコピーしました