Posted by: Barly Wicaksono | 10 January, 2010

InterVLAN Routing di Cisco

A virtual LAN, commonly known as a VLAN, is a group of hosts with a common set of requirements that communicate as if they were attached to the same broadcast domain, regardless of their physical location. A VLAN has the same attributes as a physical LAN, but it allows for end stations to be grouped together even if they are not located on the same network switch. Network reconfiguration can be done through software instead of physically relocating devices.

Virtual LANs (VLANs) offer a method of dividing one physical network into multiple broadcast domains. However, VLAN-enabled switches cannot, by themselves, forward traffic across VLAN boundaries. For inter-VLAN communication, a Layer 3 router is required.

—————————————————————————————————————————————————————————————————————-

InterVLAN adalah metode yang digunakan untk membagi satu network fisik menjadi beberapa broadcast domain. Untuk mendukung hal tersebut, maka VLAN membutuhkan device layer 3 untukk memforward traffic menuju VLAN seberang.

Kita Lihat topologi dibawah ini :
Permasalahannya adalah bagaimana komputer pada vlan sales, manage service, analyst, dan finance yang berbeda alokasi vlan secara logic sehingga dapat bertukar data. 

interVLAN

Dari gambar diatas, anda tentunya sudah cukup paham dengan topologinya. Dalam kasus ini adalah bagaimana caranya agar semua komputer yang terhubung pada switch dapat terkoneksi dengan ISP, yang dibuktikan dengan paket ping dari komputer client internal menuju ISP diluar dari network PAT.
Kita akan menggunakan packet tracer sebagai simulator.

Langkah – langkah :

  1. Konfigurasi VLAN.
  2. Konfigurasi VTP.
  3. Konfigurasi STP.
  4. Konfigurasi Sub-Interface pada Router

—————————————————————————————————————————————————————————————————————-

Berikut Konfigurasinya :

ISP RouterRouter_ISP#sh run
Building configuration…
Current configuration : 839 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router_ISP
!
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
!
!
ip name-server 0.0.0.0
!
!
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
description Link to Router Internal PAT
ip address 10.10.20.1 255.255.255.0
!
interface Serial0/1
no ip address
shutdown
!
interface FastEthernet1/0
description *** To Router PAT ***
ip address 10.10.10.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/1
no ip address
duplex auto
speed auto
!
router rip
version 2
network 10.0.0.0
!
ip classless
!
!
!
line con 0
password cisco
login
line vty 0 4
password cisco
login
!
!
end
 
Router PATRouter_PAT#sh run
Building configuration…
Current configuration : 1399 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router_PAT
!
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
!
!
ip name-server 0.0.0.0
!
!
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.1
description Sub-Int 4 Manage VLAN
encapsulation dot1Q 1 native
ip address 192.168.1.1 255.255.255.0
!
interface FastEthernet0/0.10
description Sub-Int 4 Sales
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0
!
interface FastEthernet0/0.20
description Sub-Int 4 Net_Analyst n Spesialist
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0
!
interface FastEthernet0/0.30
description Sub-Int 4 Managed Service
encapsulation dot1Q 30
ip address 192.168.30.1 255.255.255.0
!
interface FastEthernet0/0.40
description Sub-Int 4 Finance
encapsulation dot1Q 40
ip address 192.168.40.1 255.255.255.0
!
interface FastEthernet1/0
ip address 10.10.10.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/1
no ip address
duplex auto
speed auto
!
router rip
version 2
network 10.0.0.0
network 192.168.1.0
network 192.168.10.0
network 192.168.20.0
network 192.168.30.0
network 192.168.40.0
!
ip classless
!
!
!
line con 0
password cisco
login
line vty 0 4
password cisco
login
!
!
end
 
CORE SwitchCore_Switch#sh run
Building configuration…
Current configuration : 1198 bytes
!
version 12.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Core_Switch
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
no ip domain-lookup
!
!
interface FastEthernet0/1
switchport mode trunk
!
interface FastEthernet0/2
switchport mode trunk
!
interface FastEthernet0/3
switchport mode trunk
!
interface FastEthernet0/4
!
interface FastEthernet0/5
switchport mode trunk
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface Vlan1
ip address 192.168.1.2 255.255.255.0
!
ip default-gateway 192.168.1.1
!
!
line con 0
password cisco
login
!
line vty 0 4
password cisco
login
line vty 5 15
login
!
!
end
 
SW Client 1 SW_Client_1#sh run
Building configuration…
Current configuration : 2307 bytes
!
version 12.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname SW_Client_1
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
!
spanning-tree vlan 20 priority 24576
!
interface FastEthernet0/1
switchport mode trunk
!
interface FastEthernet0/2
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/3
switchport mode trunk
!
interface FastEthernet0/4
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/5
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/6
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/7
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/8
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/9
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/10
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/11
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/12
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/13
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/14
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/1
!
interface GigabitEthernet1/2
!
interface Vlan1
no ip address
shutdown
!
!
line con 0
password cisco
login
!
line vty 0 4
password cisco
login
line vty 5 15
login
!
!
end
 
SW Client 2SW_Client_2#sh run
Building configuration…
Current configuration : 1756 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname SW_Client_2
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
!
!
interface FastEthernet0/1
switchport mode trunk
!
interface FastEthernet0/2
switchport mode trunk
!
interface FastEthernet0/3
switchport mode trunk
!
interface FastEthernet0/4
switchport access vlan 40
switchport mode access
!
interface FastEthernet0/5
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/6
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/7
switchport mode access
!
interface FastEthernet0/8
switchport mode access
!
interface FastEthernet0/9
switchport mode access
!
interface FastEthernet0/10
switchport mode access
!
interface FastEthernet0/11
switchport mode access
!
interface FastEthernet0/12
switchport mode access
!
interface FastEthernet0/13
switchport mode access
!
interface FastEthernet0/14
switchport mode access
!
interface FastEthernet0/15
switchport mode access
!
interface GigabitEthernet1/1
!
interface GigabitEthernet1/2
!
interface Vlan1
no ip address
shutdown
!
!
line con 0
password cisco
login
!
line vty 0 4
password cisco
login
line vty 5 15
login
!
!
end
 
SW Client 3SW_Client_3#sh run
Building configuration…
Current configuration : 2270 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname SW_Client_3
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
!
!
interface FastEthernet0/1
switchport mode trunk
!
interface FastEthernet0/2
switchport mode trunk
!
interface FastEthernet0/3
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/4
switchport access vlan 40
switchport mode access
!
interface FastEthernet0/5
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/6
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/7
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/8
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/9
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/10
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/11
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/12
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/13
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/14
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/15
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/1
!
interface GigabitEthernet1/2
!
interface Vlan1
no ip address
shutdown
!
!
line con 0
password cisco
login
!
line vty 0 4
password cisco
login
line vty 5 15
login
!
!
end

—————————————————————————————————————————————————————————————————————-

Demikian tutorial ini, semoga bermanfaat.

About these ads

Responses

  1. anda lupa mendaftarkan vlan di Core Switch ya? kok gk ada nama Vlan yg didaftarkan ??

  2. @ Daney AR :

    Terima kasih masukannya, tampaknya saya lupa memasukkannya..
    Keep posting. :)


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

Follow

Get every new post delivered to your Inbox.

Join 1,521 other followers

%d bloggers like this: