章节总结
VRRP的概念
VRRP的配置
———————————————————————————————————————————
VRRP的概念
虚拟路由冗余协议VRRP是一种用于提高网络可靠性的容错协议,通过VRRP,可以在主机的吓一跳设备出现故障时切换到备份设备,从而保障网络通信的连通性和可靠性
随着网络的迅速发展,要想让用户得到更好的体验我们就的提高网络的可靠性,gateway网关是内网与外网的交接点,当在一个网络拓扑中假设只有一台gateway那么当这台网关出现故障时,就会给用户带来断网的不好影响如图1-1,但是VRRP虚拟网关就可以简单的理解成将两台(或多台)网络设备形成主备之分,当主网关断掉时,备用网关接替如图1-2
———————————————————————————————————————————
VRRP的三种状态
VRRP协议中三种状态 (initiallze-初始化状态)
(master-活动状态)
(Backup-备份状态)
———————————————————————————————————————————
VRRP的选举机制
有几台路由器组成的虚拟路由又称为VRRP备份组,一个VRRP备份组在逻辑上为一台路由器,各设备会根据所配置的优先级等来选举master设备,选举方式如下图1-3
在默认情况下所有设备都是初始化状态,先比较优先级越大越优先,如果优先级一样那就比较主接口IP地址越大越优先
———————————————————————————————————————————
VRRP配置
基础配置
配置PC的IP地址和网关
———————————————————————————————————————————
创建/配置VLAN
LSW2配置
<Huawei>sys #进入配置模式
Enter system view, return user view with Ctrl+Z.
[Huawei]un in en #取消报文弹窗
Info: Information center is disabled.
[Huawei]sys LSW2 #更改设备名称
[LSW2]vlan batch 10 20 #创建vlan 10 20
Info: This operation may take a few seconds. Please wait for a moment...done.
[LSW2]int vlan 10 #进入vlan 10
[LSW2-Vlanif10]ip add 192.168.10.253 24 #配置vlan 10 的IP地址
[LSW2-Vlanif10]int vlan 20 #进入vlan 20
[LSW2-Vlanif20]ip add 192.168.20.252 24 #配置vlan 20的IP地址
[LSW2-Vlanif20]q #退出vlan 配置界面返回主配置界面
[LSW2]display ip int br
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 2
The number of interface that is DOWN in Physical is 3
The number of interface that is UP in Protocol is 1
The number of interface that is DOWN in Protocol is 4
Interface IP Address/Mask Physical Protocol
MEth0/0/1 unassigned down down
NULL0 unassigned up up(s)
Vlanif1 unassigned up down
Vlanif10 192.168.10.253/24 down down
Vlanif20 192.168.20.252/24 down down
———————————————————————————————————————————
LSW3
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]un in en
Info: Information center is disabled.
[Huawei]vlan batch 10 20
Info: This operation may take a few seconds. Please wait for a moment...done.
[Huawei]int vlan 10
[Huawei-Vlanif10]ip add 192.168.10.252 24
[Huawei-Vlanif10]int vlan 20
[Huawei-Vlanif20]ip address 192.168.20.253 24
[Huawei-Vlanif20]q
[Huawei]sys LSW2
[LSW2]display ip int br
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 2
The number of interface that is DOWN in Physical is 3
The number of interface that is UP in Protocol is 1
The number of interface that is DOWN in Protocol is 4
Interface IP Address/Mask Physical Protocol
MEth0/0/1 unassigned down down
NULL0 unassigned up up(s)
Vlanif1 unassigned up down
Vlanif10 192.168.10.252/24 down down
Vlanif20 192.168.20.253/24 down down
———————————————————————————————————————————
LSW1
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]un in en
Info: Information center is disabled.
[Huawei]sys LSW1
[LSW1]vlan batch 10 20
Info: This operation may take a few seconds. Please wait for a moment...done.
———————————————————————————————————————————
配置接口模式
LSW1
[LSW1]int e0/0/3
[LSW1-Ethernet0/0/3]port link-type access
[LSW1-Ethernet0/0/3]port default vlan 10
[LSW1-Ethernet0/0/3]int e0/0/4
[LSW1-Ethernet0/0/4]port link-type access
[LSW1-Ethernet0/0/4]port default vlan 20
[LSW1-Ethernet0/0/4]int e0/0/1
[LSW1-Ethernet0/0/1]port link-type trunk
[LSW1-Ethernet0/0/1]port trunk allow-pass vlan all
[LSW1-Ethernet0/0/1]int e0/0/2
[LSW1-Ethernet0/0/2]port link-type trunk
[LSW1-Ethernet0/0/2]port trunk allow-pass vlan all
[LSW1-Ethernet0/0/2]q
[LSW1]display curr
#
sysname LSW1
#
undo info-center enable
#
vlan batch 10 20
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
#
interface Vlanif1
#
interface MEth0/0/1
#
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/3
port link-type access
port default vlan 10
#
interface Ethernet0/0/4
port link-type access
port default vlan 20
#
interface Ethernet0/0/5
#
interface Ethernet0/0/6
———————————————————————————————————————————
LSW2
<LSW2>sys
Enter system view, return user view with Ctrl+Z.
[LSW2]int g0/0/2
[LSW2-GigabitEthernet0/0/2]port link-type trunk
[LSW2-GigabitEthernet0/0/2]port trunk allow-pass vlan all
[LSW2-GigabitEthernet0/0/2]int g0/0/1
[LSW2-GigabitEthernet0/0/1]port link-type trunk
[LSW2-GigabitEthernet0/0/1]port trunk allow-pass vlan all
[LSW2-GigabitEthernet0/0/1]q
[LSW2]display curr
#
sysname LSW2
#
undo info-center enable
#
vlan batch 10 20
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
#
interface Vlanif1
#
interface Vlanif10
ip address 192.168.10.253 255.255.255.0
#
interface Vlanif20
ip address 192.168.20.252 255.255.255.0
#
interface MEth0/0/1
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/3
#
interface GigabitEthernet0/0/4
———————————————————————————————————————————
LSW3
<LSW2>sys
Enter system view, return user view with Ctrl+Z.
[LSW2]un in en
Info: Information center is disabled.
[LSW2]int g0/0/1
[LSW2-GigabitEthernet0/0/1]port link-type trunk
[LSW2-GigabitEthernet0/0/1]port trunk allow-pass vlan all
[LSW2-GigabitEthernet0/0/1]int g0/0/2
[LSW2-GigabitEthernet0/0/2]port link-type trunk
[LSW2-GigabitEthernet0/0/2]port trunk allow-pass vlan all
[LSW2-GigabitEthernet0/0/2]q
[LSW2]display curr
#
sysname LSW2
#
undo info-center enable
#
vlan batch 10 20
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
#
interface Vlanif1
#
interface Vlanif10
ip address 192.168.10.252 255.255.255.0
#
interface Vlanif20
ip address 192.168.20.253 255.255.255.0
#
———————————————————————————————————————————
配置VRRP虚拟网关
LSW2
[LSW2]int vlan 10 #进入vlan 10
[LSW2-Vlanif10]vrrp vrid 10 virtual-ip 192.168.10.254 #配置vlan 10 的虚拟网关192.168.10.254
[LSW2-Vlanif10]vrrp vrid 10 priority 120 #配置vlan 10的vrrp的优先级为120
[LSW2-Vlanif10]vrrp vrid 10 preempt-mode timer delay 3 #vlan 10 的抢占时间为3秒
[LSW2-Vlanif10]vrrp vrid 10 track interface GigabitEthernet 0/0/1 reduced 30 #配置接口检测当g0/0/1口故障自动降级30
[LSW2]int vlan 20
[LSW2-Vlanif20]vrrp vrid 20 virtual-ip 192.168.20.254
[LSW2-Vlanif20]vrrp vrid 20 priority 100
[LSW2-Vlanif20]vrrp vrid 20 preempt-mode timer delay 3
———————————————————————————————————————————
LSW3
<LSW2>SYS
Enter system view, return user view with Ctrl+Z.
[LSW2]int vlan 10
[LSW2-Vlanif10]vrrp vrid 10 virtual-ip 192.168.10.254
[LSW2-Vlanif10]vrrp vrid 10 priority 100
[LSW2-Vlanif10]vrrp vrid 10 preempt-mode timer delay 3
<LSW2>SYS
[LSW2]int vlan 20
[LSW2-Vlanif20]vrrp vrid 20 virtual-ip 192.168.20.254
[LSW2-Vlanif20]vrrp vrid 20 priority 120
[LSW2-Vlanif20]vrrp vrid 20 preempt-mode timet delay 3
[LSW2-Vlanif20]vrrp vrid 20 track interface GigabitEthernet 0/0/2 reduced 30
———————————————————————————————————————————
查看VRRP配置
LSW2
[LSW2]display vrrp br
VRID State Interface Type Virtual IP
----------------------------------------------------------------
10 Master Vlanif10 Normal 192.168.10.254 #可以看到在LSW2上当前是主
20 Backup Vlanif20 Normal 192.168.20.254 #可以看到在LSW2上当前是备
----------------------------------------------------------------
Total:2 Master:1 Backup:1 Non-active:0
LSW3
[LSW2]display vrrp br
VRID State Interface Type Virtual IP
----------------------------------------------------------------
10 Backup Vlanif10 Normal 192.168.10.254
20 Master Vlanif20 Normal 192.168.20.254
----------------------------------------------------------------
Total:2 Master:1 Backup:1 Non-active:0
———————————————————————————————————————————
验证抢占
我们手动将LSW3的G0/0/2口断掉
[LSW2]int g0/0/2
[LSW2-GigabitEthernet0/0/2]shutdown
再在LSW2上查看是否切换
[LSW2]display vrrp br
VRID State Interface Type Virtual IP
----------------------------------------------------------------
10 Master Vlanif10 Normal 192.168.10.254
20 Master Vlanif20 Normal 192.168.20.254 #成功切换
----------------------------------------------------------------
Total:2 Master:2 Backup:0 Non-active:0
扫一扫
430
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
