H3C M-LAG与双活网关接口结合应用场景实验

M建

已于 2024-10-11 19:56:57 修改

阅读量1.2k

点赞数 20

分类专栏：网工生涯知识库文章标签：交换机 M-LAG

于 2024-08-22 17:08:12 首次发布

本文链接：https://blog.csdn.net/m0_37568649/article/details/141433047

版权

网工生涯知识库专栏收录该内容

38 篇文章 6 订阅

订阅专栏

H3C M-LAG与双活网关接口结合应用场景实验

实验拓扑

实验需求

此实验需要在模拟器中使用交换机型号 S6850
SW3 为接入交换机，连接 PC1 在 VLAN 10，连接 PC2在 VLAN 20，SW3 双上行连接到两台核心交换机
SW1 和 SW2 为核心交换机，配置 M-LAG，并作为 VLAN 10 和 VLAN 20 的三层网关，下行跨设备聚合对接接入交换机 SW3。上行不配置 M-LAG，分别通过两条链路接入到路由器 R1

实验步骤

PC1和PC2分别如图示配置IP地址

在SW3上创建VLAN10和VLAN20，连接PC1和PC2的接口分别以Access类型接入到VLAN10和VLAN20

[SW3] vlan 10
[SW3] vlan 20
[SW3] interface GigabitEthernet1/0/3
[SW3-GigabitEthernet1/0/3] port access vlan 10
[SW3] interface GigabitEthernet1/0/4
[SW3-GigabitEthernet1/0/4] port access vlan 20

配置 SW1 和 SW2 形成 M-LAG 系统

修改 SW1 系统 MAC 地址为 1-1-1，系统编号为 1，优先级 4096

[SW1]m-lag system-mac 1-1-1
Changing the system MAC address might flap the peer link and cause M-LAG system setup failure. Continue? [Y/N]:y

[SW1]m-lag system-number 1
Changing the system number might flap the peer link and cause M-LAG system setup failure. Continue? [Y/N]:y

[SW1]m-lag system-priority 4096
Changing the system priority might flap the peer link and cause M-LAG system setup failure. Continue? [Y/N]:y

在 SW1 上配置 G1/0/1 口为 Keepalive 接口，Keepalive 源地址为本端 1.1.1.1，目的地址为 SW2 的 1.1.1.2，并在 MAD 中排除 Keepalive 接口

[SW1]m-lag keepalive ip destination 1.1.1.2 source 1.1.1.1
[SW1]interface GigabitEthernet1/0/1
[SW1-GigabitEthernet1/0/1]port link-mode route
[SW1-GigabitEthernet1/0/1]ip address 1.1.1.1 24   //Keepalive 接口 IP 地址可自定义网络中未使用的地址，双方 Keepalive 口地址需要在同一网段
[SW1]m-lag mad exclude interface GigabitEthernet1/0/1

在 SW1 上把 FGE1/0/53 和 FGE1/0/54 口加入到 BAGG1 动态聚合口，并把该聚合口配置为 SW1 的 Peer-link 口

[SW1]interface Bridge-Aggregation 1
[SW1-Bridge-Aggregation1]link-aggregation mode dynamic
[SW1]interface range fge1/0/53 fge1/0/54
[SW1-if-range]port link-aggregation group 1
[SW1]interface Bridge-Aggregation 1
[SW1-Bridge-Aggregation1]port m-lag peer-link 1

　　由于模拟器不支持关闭报文入接口与静态MAC地址表项匹配检查功能，特此说明实际环境中Peer-link口需要配置undo mac-address static source-check enable

修改 SW2 系统 MAC 地址与 SW1 相同为 1-1-1，系统编号为 2，优先级 4096

[SW2]m-lag system-mac 1-1-1
Changing the system MAC address might flap the peer link and cause M-LAG system setup failure. Continue? [Y/N]:y

[SW2]m-lag system-number 2
Changing the system number might flap the peer link and cause M-LAG system setup failure. Continue? [Y/N]:y

[SW2]m-lag system-priority 4096
Changing the system priority might flap the peer link and cause M-LAG system setup failure. Continue? [Y/N]:y

在 SW2 上配置 G1/0/1 口为 Keepalive 接口，Keepalive 源地址为本端 1.1.1.2，目的地址为 SW1 的 1.1.1.1，并在 MAD 中排除 Keepalive 接口

[SW2]m-lag keepalive ip destination 1.1.1.1 source 1.1.1.2
[SW2]interface GigabitEthernet1/0/1
[SW2-GigabitEthernet1/0/1]port link-mode route
[SW2-GigabitEthernet1/0/1]ip address 1.1.1.2 24
[SW2]m-lag mad exclude interface g1/0/1

在 SW2 上把 FGE1/0/53 和 FGE1/0/54 口加入到 BAGG1 动态聚合口，并把该聚合口配置为 SW2 的 Peer-link 口

[SW2]interface Bridge-Aggregation 1
[SW2-Bridge-Aggregation1]link-aggregation mode dynamic
[SW2]interface range fge1/0/53 fge1/0/54
[SW2-if-range]port link-aggregation group 1
[SW2]interface Bridge-Aggregation 1
[SW2-Bridge-Aggregation1]port m-lag peer-link 1

　　由于模拟器不支持关闭报文入接口与静态MAC地址表项匹配检查功能，特此说明实际环境中Peer-link口需要配置undo mac-address static source-check enable

此时在 SW1 和 SW2 上可以查看到 M-LAG 系统已经建立

[SW1]display m-lag summary
Flags: A -- Aggregate interface down, B -- No peer M-LAG interface configured
       C -- Configuration consistency check failed

Peer-link interface: BAGG1
Peer-link interface state (cause): UP
Keepalive link state (cause): UP

[SW2]display m-lag summary 
Flags: A -- Aggregate interface down, B -- No peer M-LAG interface configured
       C -- Configuration consistency check failed

Peer-link interface: BAGG1
Peer-link interface state (cause): UP
Keepalive link state (cause): UP

在 SW1 和 SW2 上配置下连 SW3 的接口为 M-LAG 接口，实现跨设备聚合

在 SW1 上创建 BAGG2 动态聚合口，把连接 SW3 的接口加入该聚合口，并设置为 M-LAG 接口

[SW1]interface Bridge-Aggregation 2
[SW1-Bridge-Aggregation2]link-aggregation mode dynamic
[SW1]interface GigabitEthernet1/0/2
[SW1-if-range]port link-aggregation group 2
[SW1]interface Bridge-Aggregation 2
[SW1-Bridge-Aggregation2]port m-lag group 1

在 SW2 上创建 BAGG2 动态聚合口，把连接 SW3 的接口加入该聚合口，并设置为 M-LAG 接口

[SW2]interface Bridge-Aggregation 2
[SW2-Bridge-Aggregation2]link-aggregation mode dynamic
[SW2]interface GigabitEthernet1/0/2
[SW2-if-range]port link-aggregation group 2
[SW2]interface Bridge-Aggregation 2
[SW2-Bridge-Aggregation2]port m-lag group 1

在 SW3 上创建 BAGG1 动态聚合口，把连接 SW1 和 SW2 的接口加入该聚合口

[SW3]interface Bridge-Aggregation 1
[SW3-Bridge-Aggregation1]link-aggregation mode dynamic
[SW3]interface range g1/0/1 to g1/0/2
[SW3-if-range]port link-aggregation group 1

此时在 SW1，SW2 和 SW3 上可以查看到跨设备链路聚合已经正常工作

[SW1]display link-aggregation summary 
Aggregation Interface Type: 
BAGG -- Bridge-Aggregation, BLAGG -- Blade-Aggregation, RAGG -- Route-Aggregation, SCH-B -- Schannel-Bundle 
Aggregation Mode: S -- Static, D -- Dynamic 
Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing
Actor System ID: 0x8000, 2898-b168-0200

AGG        AGG   Partner ID              Selected  Unselected  Individual  Share
Interface  Mode                          Ports     Ports       Ports       Type 
--------------------------------------------------------------------------------
BAGG1      D     0x8000, 2898-b66c-0300  2         0           0           Shar 
BAGG2      D     0x8000, 2898-b9f6-0400  1         0           0           Shar

[SW2]display link-aggregation summary 
Aggregation Interface Type: 
BAGG -- Bridge-Aggregation, BLAGG -- Blade-Aggregation, RAGG -- Route-Aggregation, SCH-B -- Schannel-Bundle 
Aggregation Mode: S -- Static, D -- Dynamic 
Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing
Actor System ID: 0x8000, 2898-b66c-0300

AGG        AGG   Partner ID              Selected  Unselected  Individual  Share
Interface  Mode                          Ports     Ports       Ports       Type 
--------------------------------------------------------------------------------
BAGG1      D     0x8000, 2898-b168-0200  2         0           0           Shar 
BAGG2      D     0x8000, 2898-b9f6-0400  1         0           0           Shar

[SW3]display link-aggregation summary 
Aggregation Interface Type: 
BAGG -- Bridge-Aggregation, BLAGG -- Blade-Aggregation, RAGG -- Route-Aggregation, SCH-B -- Schannel-Bundle 
Aggregation Mode: S -- Static, D -- Dynamic 
Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing
Actor System ID: 0x8000, 2898-b9f6-0400

AGG        AGG   Partner ID              Selected  Unselected  Individual  Share
Interface  Mode                          Ports     Ports       Ports       Type 
--------------------------------------------------------------------------------
BAGG1      D     0x1000, 0001-0001-0001  2         0           0           Shar

在 SW1 和 SW2 上为 VLAN 10 和 VLAN 20 创建三层接口，两端配置相同的 MAC 地址和 IP 地址

在 SW1 和 SW2 上创建 VLAN 10 和 VLAN 20，把 SW1、SW2 和 SW3 之间相连的聚合口配置为 Trunk，并允许 VLAN 10 和 VLAN 20 通过

[SW1] vlan 10
[SW1] vlan 20
[SW1]interface Bridge-Aggregation2
[SW1-Bridge-Aggregation2]port link-type trunk
[SW1-Bridge-Aggregation2]port trunk permit vlan all

[SW2] vlan 10
[SW2] vlan 20
[SW2]interface Bridge-Aggregation2
[SW2-Bridge-Aggregation2]port link-type trunk
[SW2-Bridge-Aggregation2]port trunk permit vlan all

[SW3]interface Bridge-Aggregation1
[SW3-Bridge-Aggregation1]port link-type trunk
[SW3-Bridge-Aggregation1]port trunk permit vlan all

在 SW1 上创建 VLAN 10 和 VLAN 20 的三层接口，配置 MAC 地址和 IP 地址

[SW1]interface Vlan-interface 10
[SW1-Vlan-interface10]mac-address 1-2-1
[SW1-Vlan-interface10]ip address 192.168.1.254 24
[SW1]interface Vlan-interface 20
[SW1-Vlan-interface20]mac-address 1-2-2
[SW1-Vlan-interface20]ip address 192.168.2.254 24

在 SW2 上创建 VLAN 10 和 VLAN 20 的三层接口，配置与 SW1 相同的 MAC 地址和 IP 地址

[SW2]interface Vlan-interface 10
[SW2-Vlan-interface10]mac-address 1-2-1
[SW2-Vlan-interface10]ip address 192.168.1.254 24
[SW2]interface Vlan-interface 20
[SW2-Vlan-interface20]mac-address 1-2-2
[SW2-Vlan-interface20]ip address 192.168.2.254 24

在 SW1 和 SW2 上配置上行接口 IP 地址，配置 R1 的 IP 地址

[SW1]interface GigabitEthernet 1/0/3
[SW1-GigabitEthernet1/0/3]port link-mode route
[SW1-GigabitEthernet1/0/3]ip address 10.1.1.2 24
[SW1]interface LoopBack 0
[SW1-LoopBack0]ip address 11.11.11.11 32

[SW2]interface GigabitEthernet 1/0/3
[SW2-GigabitEthernet1/0/3]port link-mode route
[SW2-GigabitEthernet1/0/3]ip address 10.2.2.2 24
[SW2]interface LoopBack 0
[SW2-LoopBack0]ip address 22.22.22.22 32

[R1]interface GigabitEthernet 0/0
[R1-GigabitEthernet0/0]ip address 10.1.1.1 24
[R1]interface GigabitEthernet 0/1
[R1-GigabitEthernet0/1]ip address 10.2.2.1 24
[R1]interface LoopBack 0
[R1-LoopBack0]ip address 33.33.33.33 32

在 SW1、SW2 和 R1 上配置 OSPF，使路由互通

[SW1]ospf 1 router-id 11.11.11.11
[SW1-ospf-1]area 0.0.0.0
[SW1-ospf-1-area-0.0.0.0]network 1.1.1.0 0.0.0.255
[SW1-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
[SW1-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.255
[SW1-ospf-1-area-0.0.0.0]network 192.168.2.0 0.0.0.255
[SW1-ospf-1-area-0.0.0.0]network 11.11.11.11 0.0.0.0
[SW1-ospf-1-area-0.0.0.0]quit
[SW1-ospf-1]silent-interface Vlan-interface10
[SW1-ospf-1]silent-interface Vlan-interface20

[SW2]ospf 1 router-id 22.22.22.22
[SW2-ospf-1]area 0.0.0.0
[SW2-ospf-1-area-0.0.0.0]network 1.1.1.0 0.0.0.255
[SW2-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
[SW2-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.255
[SW2-ospf-1-area-0.0.0.0]network 192.168.2.0 0.0.0.255
[SW2-ospf-1-area-0.0.0.0]network 22.22.22.22 0.0.0.0
[SW2-ospf-1-area-0.0.0.0]quit
[SW2-ospf-1]silent-interface Vlan-interface10
[SW2-ospf-1]silent-interface Vlan-interface20

[R1]ospf 1 router-id 33.33.33.33
[R1-ospf-1]area 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 10.2.2.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 33.33.33.33 0.0.0.0

实验验证

在 PC 上测试能 Ping 通网关和 R1

<H3C>ping 192.168.1.254
Ping 192.168.1.254 (192.168.1.254): 56 data bytes, press CTRL_C to break
56 bytes from 192.168.1.254: icmp_seq=0 ttl=255 time=1.103 ms
56 bytes from 192.168.1.254: icmp_seq=1 ttl=255 time=0.406 ms
56 bytes from 192.168.1.254: icmp_seq=2 ttl=255 time=0.652 ms
56 bytes from 192.168.1.254: icmp_seq=3 ttl=255 time=0.898 ms
56 bytes from 192.168.1.254: icmp_seq=4 ttl=255 time=0.853 ms

--- Ping statistics for 192.168.1.254 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.406/0.782/1.103/0.237 ms
<H3C>%Jun  7 17:32:42:961 2024 H3C PING/6/PING_STATISTICS: Ping statistics for 192.168.1.254: 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss, round-trip min/avg/max/std-dev = 0.406/0.782/1.103/0.237 ms.

<H3C>ping 33.33.33.33
Ping 33.33.33.33 (33.33.33.33): 56 data bytes, press CTRL_C to break
56 bytes from 33.33.33.33: icmp_seq=0 ttl=254 time=1.149 ms
56 bytes from 33.33.33.33: icmp_seq=1 ttl=254 time=0.885 ms
56 bytes from 33.33.33.33: icmp_seq=2 ttl=254 time=1.051 ms
56 bytes from 33.33.33.33: icmp_seq=3 ttl=254 time=1.077 ms
56 bytes from 33.33.33.33: icmp_seq=4 ttl=254 time=0.797 ms

--- Ping statistics for 33.33.33.33 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.797/0.992/1.149/0.130 ms
<H3C>%Jun  7 17:32:49:419 2024 H3C PING/6/PING_STATISTICS: Ping statistics for 33.33.33.33: 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss, round-trip min/avg/max/std-dev = 0.797/0.992/1.149/0.130 ms.

<H3C>ping 192.168.2.254
Ping 192.168.2.254 (192.168.2.254): 56 data bytes, press CTRL_C to break
56 bytes from 192.168.2.254: icmp_seq=0 ttl=255 time=0.602 ms
56 bytes from 192.168.2.254: icmp_seq=1 ttl=255 time=0.512 ms
56 bytes from 192.168.2.254: icmp_seq=2 ttl=255 time=0.697 ms
56 bytes from 192.168.2.254: icmp_seq=3 ttl=255 time=0.804 ms
56 bytes from 192.168.2.254: icmp_seq=4 ttl=255 time=1.062 ms

--- Ping statistics for 192.168.2.254 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.512/0.735/1.062/0.190 ms
<H3C>%Jun  7 17:33:10:860 2024 H3C PING/6/PING_STATISTICS: Ping statistics for 192.168.2.254: 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss, round-trip min/avg/max/std-dev = 0.512/0.735/1.062/0.190 ms.

<H3C>ping 33.33.33.33
Ping 33.33.33.33 (33.33.33.33): 56 data bytes, press CTRL_C to break
56 bytes from 33.33.33.33: icmp_seq=0 ttl=254 time=0.787 ms
56 bytes from 33.33.33.33: icmp_seq=1 ttl=254 time=0.859 ms
56 bytes from 33.33.33.33: icmp_seq=2 ttl=254 time=1.196 ms
56 bytes from 33.33.33.33: icmp_seq=3 ttl=254 time=1.060 ms
56 bytes from 33.33.33.33: icmp_seq=4 ttl=254 time=0.943 ms

--- Ping statistics for 33.33.33.33 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.787/0.969/1.196/0.145 ms
<H3C>%Jun  7 17:33:18:294 2024 H3C PING/6/PING_STATISTICS: Ping statistics for 33.33.33.33: 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss, round-trip min/avg/max/std-dev = 0.787/0.969/1.196/0.145 ms.