目录
1.VRRP协议
虚拟路由器冗余协议
VRRP协议是一种网关备份协议——实现网关的备份,解决多个网关之间相互冲突的问题
VRRP作用:出口网关的备份,保证出口网关的高用性。
2.VRRP协议的优点
单网关的缺点:当网关路由器出现故障时,网段以该设备为网关的主机都不能与Internet进行通信。
VRRP的好处:
- 主路由器失效后,备份路由器立即顶替主路由器的工作,保证数据的不丢失。
- 两个不同的路由器成为不同组的主路由器,相互备份。
- 跟踪上行链路接口状态,当上行链路接口失效时,自动将备份路由份提升为主路由器,保证数据的不丢失。
3.工作原理
通过在冗余网关间共享虚拟MAC和IP地址,保证数据转发时并不是转给某一个具体网关的IP,而是
把数据转发给虚拟网关的IP,因此,不论哪一个路由器成为主路由,都不会影响数据通信。通过组
播协议对数据端口进行监控,一旦检测数据转发的端口坏掉,主路由器会停发HELLO包,备份路
由提升为主路由,实现数据的稳定高效转发。
VRRP默认接口的优先级是100
主路由器一旦失效后,默认路由器的优先级会自动降10
4.拓扑图
二层交换机
<Huawei>u t m
Info: Current terminal monitor is off.
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname L2-sw1
[L2-sw1]user-interface console 0
[L2-sw1-ui-console0]idle-timeout 0 0
[L2-sw1-ui-console0]q
[L2-sw1]vlan bat 10 20
[L2-sw1]int e0/0/1
[L2-sw1-Ethernet0/0/1]port link-type access
[L2-sw1-Ethernet0/0/1]port default vlan 10
[L2-sw1-Ethernet0/0/1]int e0/0/2
[L2-sw1-Ethernet0/0/2]port link-type access
[L2-sw1-Ethernet0/0/2]port default vlan 20
[L2-sw1-Ethernet0/0/2]int g0/0/1
[L2-sw1-GigabitEthernet0/0/1]port link-type trunk
[L2-sw1-GigabitEthernet0/0/1]port trunk allow-pass vlan all
[L2-sw1-GigabitEthernet0/0/1]int g0/0/2
[L2-sw1-GigabitEthernet0/0/2]port link-type trunk
[L2-sw1-GigabitEthernet0/0/2]port trunk allow-pass vlan all三层交换机L3-SW1
<Huawei>u t m
Info: Current terminal monitor is off.
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname L3-sw1
[L3-sw1]user-interface console 0
[L3-sw1-ui-console0]idle-timeout 0 0
[L3-sw1-ui-console0]q
[L3-sw1]int g0/0/1
[L3-sw1-GigabitEthernet0/0/1]port link-type trunk
[L3-sw1-GigabitEthernet0/0/1]port trunk allow-pass vlan all
[L3-sw1-GigabitEthernet0/0/1]vlan bat 10 20 100
Info: This operation may take a few seconds. Please wait for a moment...done.
[L3-sw1]int vlanif 10
[L3-sw1-Vlanif10]ip add 192.168.10.10 24
[L3-sw1-Vlanif10]vrrp vrid 1 virtual-ip 192.168.10.1
[L3-sw1-Vlanif10]vrrp vrid 1 priority 105
[L3-sw1-Vlanif10]vrrp vrid 1 track interface g0/0/2
[L3-sw1-Vlanif10]int vlanif 20
[L3-sw1-Vlanif20]ip add 192.168.20.10 24
[L3-sw1-Vlanif20]vrrp vrid 2 virtual-ip 192.168.20.1
[L3-sw1-Vlanif20]vrrp vrid 2 track interface g0/0/2
[L3-sw1-Vlanif20]int g0/0/2
[L3-sw1-GigabitEthernet0/0/2]port link-type access
[L3-sw1-GigabitEthernet0/0/2]port default vlan 100
[L3-sw1-GigabitEthernet0/0/2]int vlan 100
[L3-sw1-Vlanif100]ip add 10.10.10.1 24
[L3-sw1-Vlanif100]q
[L3-sw1]ip route-static 1.1.1.1 32 10.10.10.11
[L3-sw1]display vrrp
Vlanif10 | Virtual Router 1
State : Master
Virtual IP : 192.168.10.1
Master IP : 192.168.10.10
PriorityRun : 105
PriorityConfig : 105
MasterPriority : 105
Preempt : YES Delay Time : 0 s
TimerRun : 1 s
TimerConfig : 1 s
Auth type : NONE
Virtual MAC : 0000-5e00-0101
Check TTL : YES
Config type : normal-vrrp
Track IF : GigabitEthernet0/0/2 Priority reduced : 10
IF state : UP
Create time : 2021-08-24 18:22:18 UTC-08:00
Last change time : 2021-08-24 18:22:21 UTC-08:00
Vlanif20 | Virtual Router 1
State : Master
Virtual IP : 192.168.20.1
Master IP : 192.168.20.10
PriorityRun : 100
PriorityConfig : 100三层交换机L3-SW2
<Huawei>u t m
Info: Current terminal monitor is off.
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname L3-sw2
[L3-sw2]user-interface console 0
[L3-sw2-ui-console0]idle-timeout 0 0
[L3-sw2-ui-console0]q
[L3-sw2]vlan bat 10 20 200
Info: This operation may take a few seconds. Please wait for a moment...done.
[L3-sw2]int g0/0/1
[L3-sw2-GigabitEthernet0/0/1]port link-type trunk
[L3-sw2-GigabitEthernet0/0/1]port trunk allow-pass vlan all
[L3-sw2-GigabitEthernet0/0/1]int vlan 10
[L3-sw2-Vlanif10]ip add 192.168.10.11 24
[L3-sw2-Vlanif10]vrrp vrid 1 virtual-ip 192.168.10.1
[L3-sw2-Vlanif10]vrrp vrid 1 track interface g0/0/2
[L3-sw2-Vlanif10]int vlan 20
[L3-sw2-Vlanif20]ip add 192.168.20.11 24
[L3-sw2-Vlanif20]vrrp vrid 2 virtual-ip 192.168.20.1
[L3-sw2-Vlanif20]vrrp vrid 2 priority 105
[L3-sw2-Vlanif20]vrrp vrid 2 track interface g0/0/2
[L3-sw2-Vlanif20]int g0/0/2
[L3-sw2-GigabitEthernet0/0/2]port link-type access
[L3-sw2-GigabitEthernet0/0/2]port default vlan 200
[L3-sw2-GigabitEthernet0/0/2]int vlan 200
[L3-sw2-Vlanif200]ip add 20.20.20.2 24
[L3-sw2-Vlanif200]q
[L3-sw2]ip route-static 1.1.1.1 32 20.20.20.11路由器R1
<Huawei>u t m
Info: Current terminal monitor is off.
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R1
[R1]user-interface console 0
[R1-ui-console0]idle-timeout 0 0
[R1-ui-console0]q
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 20.20.20.11 24
[R1-GigabitEthernet0/0/0]undo shutdown
[R1-GigabitEthernet0/0/0]int g0/0/1
[R1-GigabitEthernet0/0/1]ip add 10.10.10.11 24
[R1-GigabitEthernet0/0/1]undo shutdown
[R1-GigabitEthernet0/0/1]q
[R1]int LoopBack 0
[R1-LoopBack0]ip add 1.1.1.1 32
[R1-LoopBack0]q
[R1]ip route-static 192.168.10.0 24 10.10.10.1
[R1]ip route-static 192.168.10.0 24 20.20.20.2 preference 65
[R1]ip route-static 192.168.20.0 24 20.20.20.2
[R1]ip route-static 192.168.20.0 24 10.10.10.1 preference 65
[R1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 9 Routes : 9
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.10.10.0/24 Direct 0 0 D 10.10.10.11 GigabitEthernet
0/0/1
10.10.10.11/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
20.20.20.0/24 Direct 0 0 D 20.20.20.11 GigabitEthernet
0/0/0
20.20.20.11/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
192.168.10.0/24 Static 60 0 RD 10.10.10.1 GigabitEthernet
0/0/1
192.168.20.0/24 Static 60 0 RD 20.20.20.2 GigabitEthernet
0/0/0
测试 跟踪路由
总结
VRRP的接口IP(物理IP是真实的)必须存在,而且成员之间的接口IP地址必须不一样
接口虚拟IP必须一样,因为承担同一个组的流量
主路由器的优先级必须大于备份路由器
扫一扫
1298
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
