本文主要讲华三H3C路由器和三层交换机多VLAN上网的相关配置，以三层交换机DHCP自动分配IP地址。

一、网络环境

1、内网4个vlan并且互通，其中vlan100用于路由器和交换机，以及设备的配置网段。

VLAN100:192.168.100.0/24 无DHCP

VLAN101:192.168.101.0/24 DHCP：192.168.101.50-192.168.101.100 Gateway：192.168.101.1 DNS：192.168.101.1

VLAN102:192.168.102.0/24 DHCP：192.168.102.100-192.168.102.150 Gateway：192.168.102.1 DNS：192.168.102.1

VLAN103:192.168.103.0/24 DHCP：192.168.103.200-192.168.103.250 Gateway：192.168.103.1 DNS：192.168.103.1

2、外网使用局域网IP模拟

IP：192.168.10.28/24 Gateway：192.168.10.1 DNS：114.114.114.144

二、路由器配置

以下是路由器配置命令

<H3C>system-view
[H3C]sysname R1
[R1]vlan 100	//配置vlan100
[R1-vlan100]int vlan 100
[R1-Vlan-interface100]ip address 192.168.100.254 255.255.255.0	//配置内网ip地址
[R1-Vlan-interface100]interface GigabitEthernet 0/0
[R1-GigabitEthernet0/0]port link-mode bridge
[R1-GigabitEthernet0/0]port link-type trunk
[R1-GigabitEthernet0/0]port trunk permit vlan 100
[R1-GigabitEthernet0/0]quit
[R1]dns server 114.114.114.114
[R1]dns proxy enable
[R1]ip route-static 0.0.0.0 0 192.168.10.1
[R1]ip route-static 192.168.101.0 24 192.168.100.1
[R1]ip route-static 192.168.102.0 24 192.168.100.1
[R1]ip route-static 192.168.103.0 24 192.168.100.1
[R1]acl number 3000 name Internet
[R1-acl-ipv4-adv-3000]rule permit ip
[R1-acl-ipv4-adv-3000]quit
[R1]nat address-group 1 name Internet
[R1-address-group-1-Internet]address 192.168.10.28 192.168.10.28
[R1-address-group-1-Internet]quit
[R1]interface GigabitEthernet 6/0
[R1-GigabitEthernet6/0]port link-mode route
[R1-GigabitEthernet6/0]ip address 192.168.10.28 255.255.255.0	//配置外网ip地址
[R1-GigabitEthernet6/0]nat outbound 3000 address-group 1
[R1-GigabitEthernet6/0]quit
[R1]save force  //保存配置

三、交换机配置

以下是交换机配置命令

<H3C>system-view
[H3C]sysname SW1
[SW1]vlan 100 to 103
[SW1]interface vlan 100   //配置vlan100
[SW1-Vlan-interface100]ip address 192.168.100.1 255.255.255.0
[SW1-Vlan-interface100]interface vlan 101   //配置vlan101
[SW1-Vlan-interface101]ip address 192.168.101.1 255.255.255.0
[SW1-Vlan-interface101]interface vlan 102   //配置vlan102
[SW1-Vlan-interface102]ip address 192.168.102.1 255.255.255.0
[SW1-Vlan-interface102]interface vlan 103   //配置vlan103
[SW1-Vlan-interface103]ip address 192.168.103.1 255.255.255.0
[SW1-Vlan-interface103]interface range GigabitEthernet 1/0/1 to GigabitEthernet 1/0/8   //配置vlan101网口
[SW1-if-range]port link-mode bridge
[SW1-if-range]port link-type access
[SW1-if-range]port access vlan 101
[SW1-if-range]interface range GigabitEthernet 1/0/9 to GigabitEthernet 1/0/16   //配置vlan102网口
[SW1-if-range]port link-mode bridge
[SW1-if-range]port link-type access
[SW1-if-range]port access vlan 102
[SW1-if-range]interface range GigabitEthernet 1/0/17 to GigabitEthernet 1/0/24   //配置vlan103网口
[SW1-if-range]port link-mode bridge
[SW1-if-range]port link-type access
[SW1-if-range]port access vlan 103
[SW1-if-range]dhcp server ip-pool dhcp-vlan101   配置vlan101的dhcp
[SW1-dhcp-pool-dhcp-vlan101]network 192.168.101.0 mask 255.255.255.0
[SW1-dhcp-pool-dhcp-vlan101]gateway-list 192.168.101.1
[SW1-dhcp-pool-dhcp-vlan101]address range 192.168.101.50 192.168.101.100
[SW1-dhcp-pool-dhcp-vlan101]dns-list 192.168.101.1 114.114.114.114
[SW1-dhcp-pool-dhcp-vlan101]dhcp server ip-pool dhcp-vlan102   配置vlan102的dhcp
[SW1-dhcp-pool-dhcp-vlan102]network 192.168.102.0 mask 255.255.255.0
[SW1-dhcp-pool-dhcp-vlan102]gateway-list 192.168.102.1
[SW1-dhcp-pool-dhcp-vlan102]address range 192.168.102.100 192.168.102.150
[SW1-dhcp-pool-dhcp-vlan102]dns-list 192.168.102.1 114.114.114.114
[SW1-dhcp-pool-dhcp-vlan102]dhcp server ip-pool dhcp-vlan103   配置vlan103的dhcp
[SW1-dhcp-pool-dhcp-vlan103]network 192.168.103.0 mask 255.255.255.0
[SW1-dhcp-pool-dhcp-vlan103]gateway-list 192.168.103.1
[SW1-dhcp-pool-dhcp-vlan103]address range 192.168.103.200 192.168.103.250
[SW1-dhcp-pool-dhcp-vlan103]dns-list 192.168.103.1 114.114.114.114
[SW1-dhcp-pool-dhcp-vlan103]quit
[SW1]ip route-static 0.0.0.0 0 192.168.100.254
[SW1]dns server 114.114.114.114
[SW1]dns proxy enable
[SW1]dhcp server enable