Rinne's Library DEV

三层交换机如何实现VLAN之间的三层隔离

AKHYui2022-07-26 09:57:00网络工程基础知识
![拓扑图][1]

VLAN划分如下:

  1. VLAN2 192.168.2.254 24

  2. VLAN3 192.168.3.254 24

  3. VLAN4 192.168.4.254 24

需实现VLAN2与VLAN3和VLAN4互不相通,PC7(192.168.5.1 24)可访问所有VLAN,VLAN3和VLAN4相通。

核心交换机CORE:


[CORE]acl 3001

[CORE-acl-adv-3001]rule deny ip source 192.168.2.254 0.0.0.255 destination 192.168.3.254 0.0.0.255

[CORE-acl-adv-3001]rule deny ip source 192.168.2.254 0.0.0.255 destination 192.168.4.254 0.0.0.255

[CORE]traffic-filter vlan 2 inbound acl 3001

[CORE]traffic-filter vlan 3 inbound acl 3001

[CORE]traffic-filter vlan 4 inbound acl 3001
Edit this page
Last Updated 9/17/2025, 7:13:55 AM