Sesuai contoh topologi di atas, jaringan dibagi menjadi 4 VLAN/logical subnet yaitu:
1. Native VLAN (default VLAN 1)
subnet: 10.1.0.0/24
gateway: 10.1.0.1
2. Subnet untuk Divisi Engineer (VLAN 2)
subnet: 10.1.1.0/24
gateway: 10.1.1.1
3. Subnet untuk Divisi Finance (VLAN 3)
subnet: 10.1.2.0/24
gateway: 10.1.2.1
4. Subnet untuk Divisi Sales (VLAN 4)
subnet: 10.1.3.0/24
gateway: 10.1.3.1
Floor1-SW & Floor2-SW dijadikan sebagai VTP client, sehingga kedua switch ini hanya bisa membuat VLAN berdasarkan VTP advertisement dari CORE-SW yang berperan sebagai VTP server.
Konfigurasi di CORE-SW:
> enable
# configure terminal
### konfigurasi VTP (VLAN Trunking Protocol) ###
(config)# vtp mode server
(config)# vtp domain myoffice
(config)# vtp password rahasia
### Konfigurasi Trunk di port Fa0/22, Fa0/23 dan Fa0/24 ###
(config)# interface f0/22
(config-if)# description ***Trunk port connected to Router-X***
(config-if)# switchport trunk encapsulation dot1q
(config-if)# switchport mode trunk
(config-if)# no shutdown
(config-if)# interface f0/23
(config-if)# description ***Trunk port connected to Floor1-SW***
(config-if)# switchport trunk encapsulation dot1q
(config-if)# switchport mode trunk
(config-if)# no shutdown
(config-if)# interface f0/24
(config-if)# description ***Trunk port connected to Floor2-SW***
(config-if)# switchport trunk encapsulation dot1q
(config-if)# switchport mode trunk
(config-if)# no shutdown
(config-if)# exit
### membuat VLAN tambahan selain native VLAN ###
(config)# vlan 2
(config-vlan)# name ENGINEER
(config-vlan)# vlan 3
(config-vlan)# name FINANCE
(config-vlan)# vlan 4
(config-vlan)# name SALES
(config-vlan)# exit
### memberi IP address pada interface vlan 1 ###
(config)# interface vlan 1
(config-if)# description ***native VLAN***
(config-if)# ip address 10.1.0.10 255.255.255.0
(config-if)# no shutdown
(config-if)# exit
(config)# ip default-gateway 10.1.0.1 ==> set gateway pada switch
(config)# end
# copy run start ==> save konfigurasi ke NVRAM
==========================================================
Konfigurasi di Floor1-SW:
> enable
# configure terminal
### konfigurasi VTP (VLAN Trunking Protocol) ###
(config)# vtp mode client
(config)# vtp domain myoffice
(config)# vtp password rahasia
### Konfigurasi Trunk di port Fa0/24 ###
(config)# interface f0/24
(config-if)# description ***Trunk port connected to CORE-SW***
(config-if)# switchport trunk encapsulation dot1q
(config-if)# switchport mode trunk
(config-if)# no shutdown
(config-if)# exit
### Konfigurasi VLAN-membership untuk masing-masing port ###
(config)# interface range f0/1 - 7
(config-if-range)# description *** connected to Engineer dept’s PC ***
(config-if-range)# switchport mode access
(config-if-range)# switchport access vlan 2
(config-if-range)# interface range f0/8 - 14
(config-if-range)# description *** connected to Finance dept’s PC ***
(config-if-range)# switchport mode access
(config-if-range)# switchport access vlan 3
(config-if-range)# interface range f0/15 - 21
(config-if-range)# description *** connected to Sales dept’s PC ***
(config-if-range)# switchport mode access
(config-if-range)# switchport access vlan 4
(config-if-range)# exit
### memberi IP address pada interface vlan 1 ###
(config)# interface vlan 1
(config-if)# description ***native VLAN***
(config-if)# ip address 10.1.0.11 255.255.255.0
(config-if)# no shutdown
(config-if)# exit
(config)# ip default-gateway 10.1.0.1 ==> set gateway pada switch
(config)# end
# copy run start ==> save konfigurasi ke NVRAM
============================================================
Konfigurasi di Floor2-SW:
> enable
# configure terminal
### konfigurasi VTP (VLAN Trunking Protocol) ###
(config)# vtp mode client
(config)# vtp domain myoffice
(config)# vtp password rahasia
### Konfigurasi Trunk di port Fa0/24 ###
(config)# interface f0/24
(config-if)# description ***Trunk port connected to CORE-SW***
(config-if)# switchport trunk encapsulation dot1q
(config-if)# switchport mode trunk
(config-if)# no shutdown
(config-if)# exit
### Konfigurasi VLAN-membership untuk masing-masing port ###
(config)# interface range f0/1 - 7
(config-if-range)# description *** connected to Engineer dept’s PC ***
(config-if-range)# switchport mode access
(config-if-range)# switchport access vlan 2
(config-if-range)# interface range f0/8 - 14
(config-if-range)# description *** connected to Finance dept’s PC ***
(config-if-range)# switchport mode access
(config-if-range)# switchport access vlan 3
(config-if-range)# interface range f0/15 - 21
(config-if-range)# description *** connected to Sales dept’s PC ***
(config-if-range)# switchport mode access
(config-if-range)# switchport access vlan 4
(config-if-range)# exit
### memberi IP address pada interface vlan 1 ###
(config)# interface vlan 1
(config-if)# description ***native VLAN***
(config-if)# ip address 10.1.0.12 255.255.255.0
(config-if)# no shutdown
(config-if)# exit
(config)# ip default-gateway 10.1.0.1 ==> set gateway pada switch
(config)# end
# copy run start ==> save konfigurasi ke NVRAM
=====================================================
verifikasi:
# show vtp status
# show vlan
# show interface f0/24 switchport
# show interface f0/24 trunk
Pada tahap ini, semua VLAN telah terbentuk dan semua member VLAN hanya bisa berkomunikasi dalam 1 VLAN yang sama. Agar antar VLAN bisa saling berkomunikasi, maka diperlukan konfigurasi inter-VLAN routing di router atau multilayer switch, Mengenai inter-VLAN routing akan saya bahas pada posting berikutnya :)
Tidak ada komentar:
Posting Komentar