在网络架构中，三层交换机和路由器都扮演着非常重要的角色。三层交换机主要用于在局域网内部进行数据包转发和过滤，而路由器则用于连接不同的网络并进行路由选择和跨网络通信。正确配置三层交换机和路由器可以提高网络的性能和安全性，从而确保网络的正常运行。然而，由于网络配置的复杂性和多样性，不同的网络架构可能需要不同的配置方法。在本篇文章中，我整理了一份通用的三层交换机和路由器配置方法，以帮助有需要的友友们更好地了解相关技能。希望友友们可以从中获得一些有用的信息。

实验内容及目标：

1、不同vlan 下的客户端能够访问外网【2.2.2.1】

2、了解路由器和三层交换机之间的连接及配置

3、了解三层交换机和接入交换机之间的连接及配置

实验拓扑图：

实验设备及版本：

本实验所用到的设备为：

1、交换机：华为 Quidway S5700-28C-HI VRP (R) software, Version 5.110

2、路由器：华为 AR1200 VRP (R) software, Version 5.130

3、PC主机：

实验过程：

一、建立物理连接

按照拓扑图进行组网

二、接入交换机配置

这里以红框内的第一个交换机为例

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]
[Huawei]sysname	
[Huawei]sysname switch1
Apr  9 2023 19:11:09-08:00 switch1 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.
5.25.191.3.1 configurations have been changed. The current change number is 4, t
he change loop count is 0, and the maximum number of records is 4095.
[switch1]undo info-center enable 
Info: Information center is disabled.
[switch1]

#创建vlan
[switch1]
[switch1]vlan bat	
[switch1]vlan batch 1 to 3
Info: This operation may take a few seconds. Please wait for a moment...done.
[switch1]
#将接口加入到vlan 中
[switch1]interface GigabitEthe.NET 0/0/2
[switch1-GigabitEthernet0/0/2]port link-type access 
[switch1-GigabitEthernet0/0/2]port default vlan 1
[switch1-GigabitEthernet0/0/2]q
[switch1]
[switch1]interface GigabitEthernet 0/0/3
[switch1-GigabitEthernet0/0/3]port link-type access 
[switch1-GigabitEthernet0/0/3]port default vlan 1
[switch1-GigabitEthernet0/0/3]q
[switch1]
[switch1]
#设置与三层核心交换机相连的接口为trunk，并设置运行通过vlan 1，vlan2，vlan3
[switch1]interface GigabitEthernet 0/0/1
[switch1-GigabitEthernet0/0/1]dis this
#
interface GigabitEthernet0/0/1
#
return
[switch1-GigabitEthernet0/0/1]port link-type trunk 
[switch1-GigabitEthernet0/0/1]
[switch1-GigabitEthernet0/0/1]port trunk allow-pass vlan 1 to 3
[switch1-GigabitEthernet0/0/1]
[switch1-GigabitEthernet0/0/1]q
[switch1]

其他的几个接入交换机配置过程相同，配置时，注意接口。

三、三层交换机配置

#创建VLAN接口并配置IP地址：
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]undo in	
[Huawei]undo info-center en	
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]
[Huawei]interface Vlanif 1
[Huawei-Vlanif1]ip address 192.168.1.1 24
[Huawei-Vlanif1]
[Huawei-Vlanif1]q
[Huawei]int	
[Huawei]interface vlan	
[Huawei]interface Vlanif 2
Error: The VLAN does not exist.
[Huawei]vlan batch 2 to 3
Info: This operation may take a few seconds. Please wait for a moment...done.
[Huawei]
[Huawei]interface Vlanif 2
[Huawei-Vlanif3]
[Huawei-Vlanif3]ip ad	
[Huawei-Vlanif3]ip address 192.168.2.1 24
[Huawei-Vlanif3]
[Huawei-Vlanif3]q
[Huawei]int	
[Huawei]interface vla	
[Huawei]interface Vlanif 3
[Huawei-Vlanif3]
[Huawei-Vlanif3]
[Huawei-Vlanif3]ip add	
[Huawei-Vlanif3]ip address 192.168.3.1 24
[Huawei-Vlanif3]
[Huawei-Vlanif3]
[Huawei-Vlanif3]q
[Huawei]
[Huawei]
[Huawei]sysna	
[Huawei]sysname Switch-Hexin
[Switch-Hexin]
[Switch-Hexin]
#配置三层交换机上连接到接入交换机的接口为Trunk模式，并允许相应VLAN通过：
[Switch-Hexin]interface GigabitEthernet 0/0/2
[Switch-Hexin-GigabitEthernet0/0/2]port link-type trunk 
[Switch-Hexin-GigabitEthernet0/0/2]port trunk allow-pass vlan 1 to 3
[Switch-Hexin-GigabitEthernet0/0/2]q

# 配置与路由器相连的接口
[Switch-Hexin]
[Switch-Hexin]vlan batch 10
Info: This operation may take a few seconds. Please wait for a moment...done.
[Switch-Hexin]
[Switch-Hexin]interface GigabitEthernet 0/0/1
[Switch-Hexin-GigabitEthernet0/0/1]	
[Switch-Hexin-GigabitEthernet0/0/1]port link-type access 
[Switch-Hexin-GigabitEthernet0/0/1]port default vlan 10
[Switch-Hexin-GigabitEthernet0/0/1]q	
[Switch-Hexin]interface Vlanif 10
[Switch-Hexin-Vlanif10]ip address 192.168.10.2 24
[Switch-Hexin-Vlanif10]
[Switch-Hexin-Vlanif10]q
[Switch-Hexin]
#配置静态路由
[Switch-Hexin]
[Switch-Hexin]ip route-static 0.0.0.0 0.0.0.0 192.168.10.1
[Switch-Hexin]

四、路由器配置

[Router]interface GigabitEthernet 0/0/1
[Router-GigabitEthernet0/0/1]ip address 192.168.10.1 255.255.255.0
[Router-GigabitEthernet0/0/1]q
[Router]interface GigabitEthernet 0/0/0
[Router-GigabitEthernet0/0/0]ip address 2.2.2.2 24
[Router-GigabitEthernet0/0/0]
[Router-GigabitEthernet0/0/0]q
[Router]ip route-static 0.0.0.0 0.0.0.0 2.2.2.1
[Router]
[Router]ip route-static 192.168.0.0 255.255.0.0 192.168.10.2
[Router]

#配置NAT 转换
[Router]acl number 2001	
[Router-acl-basic-2001]rule 5 permit source 192.168.0.0 0.0.255.255
[Router-acl-basic-2001]q
[Router]interface GigabitEthernet 0/0/0
[Router-GigabitEthernet0/0/0]nat outbound 2001
[Router-GigabitEthernet0/0/0]qu
[Router]

五、测试：

写在最后：

自我设限，固步自封，唯有突破极限，才能发掘潜能。以上就是本期整理的《三层交换机与路由器组网如何正确配置》，自己经历过的风雨，所以知道你也会坚强。你的【评论】+【点赞】+【关注】，我会自动解读为认可。

作者简介：

我是“网络系统技艺者”，系统运维工程师一枚，持续分享【网络技术+系统运维技术】干货。