1:应用场景
虚拟路由冗余协议VRRP通过把几台路由设备联合成一台虚拟的路由设备,实现网关设备的主备备份,保障网络的可靠通信。如下图所示,SWA和SWB组成一个VRRP备份组,正常情况下,SWA作为为master设备,并承担业务转发;SWB为backup设备,不承担业务转发,如果SWA发生故障,SWB会接管成为master设备,继续完成业务流量转发,实现网关备份的功能。
2:配置思路
采用VRRP主备备份实现网关冗余备份,配置思路如下:
2.1:配置各设备接口地址及路由协议,使各设备层网络间连通
2.2:在SwitchA和SwitchB上配置VRRP备份组。其中,SwitchA上配置较高优先级和20秒抢占延时,作为Master设备承担流量转发;SwitchB上配置较低优先级,作为备用交换机,实现网关冗余备份
3:配置设备间网络互联
3.1:SWA—配置valn、接口地址
<HUAWEI> system-view [HUAWEI] sysname SWA [SWA] vlan batch 100 300 创建vlan [SWA] interface gigabitethernet 0/0/1 [SWA-GigabitEthernet0/0/1] port link-type hybrid 接口类型为混合接口 [SWA-GigabitEthernet0/0/1] port hybrid pvid vlan 300 允许端口转发无标签报文时打上vlan300标签进行转发,类似Access功能 [SWA-GigabitEthernet0/0/1] port hybrid untagged vlan 300 允许接收VLAN标签为300的数据帧,允许转发VLAN标签为300的数据帧,转发时去掉VLAN标签 [SWA-GigabitEthernet0/0/1] quit [SWA] interface gigabitethernet 0/0/2 [SWA-GigabitEthernet0/0/2] port link-type hybrid [SWA-GigabitEthernet0/0/2] port hybrid pvid vlan 100 [SWA-GigabitEthernet0/0/2] port hybrid untagged vlan 100 [SWA-GigabitEthernet0/0/2] quit [SWA] interface vlanif 100 [SWA-Vlanif100] ip address 10.1.1.1 24 [SWA-Vlanif100] quit [SWA] interface vlanif 300 [SWA-Vlanif300] ip address 192.168.1.1 24 [SWA-Vlanif300] quit
3.2:SWB—配置valn、接口地址
<HUAWEI> system-view [HUAWEI] sysname SWB [SWB] vlan batch 100 200 [SWB] interface gigabitethernet 0/0/1 [SWB-GigabitEthernet0/0/1] port link-type hybrid [SWB-GigabitEthernet0/0/1] port hybrid pvid vlan 200 [SWB-GigabitEthernet0/0/1] port hybrid untagged vlan 200 [SWB-GigabitEthernet0/0/1] quit [SWB] interface gigabitethernet 0/0/2 [SWB-GigabitEthernet0/0/2] port link-type hybrid [SWB-GigabitEthernet0/0/2] port hybrid pvid vlan 100 [SWB-GigabitEthernet0/0/2] port hybrid untagged vlan 100 [SWB-GigabitEthernet0/0/2] quit [SWB] interface vlanif 100 [SWB-Vlanif100] ip address 10.1.1.2 24 [SWB-Vlanif100] quit [SWB] interface vlanif 300 [SWB-Vlanif200] ip address 192.168.2.1 24 [SWB-Vlanif200] quit
3.3:SWC—配置valn、接口地址
<HUAWEI> system-view [HUAWEI] sysname SWC [SWC] vlan batch 200 300 400 [SWC] interface gigabitethernet 0/0/1 [SWC-GigabitEthernet0/0/1] port link-type hybrid [SWC-GigabitEthernet0/0/1] port hybrid pvid vlan 300 [SWC-GigabitEthernet0/0/1] port hybrid untagged vlan 300 [SWC-GigabitEthernet0/0/1] quit [SWC] interface gigabitethernet 0/0/2 [SWC-GigabitEthernet0/0/2] port link-type hybrid [SWC-GigabitEthernet0/0/2] port hybrid pvid vlan 200 [SWC-GigabitEthernet0/0/2] port hybrid untagged vlan 200 [SWC-GigabitEthernet0/0/2] quit [SWC] interface gigabitethernet 0/0/3 [SWC-GigabitEthernet0/0/3] port link-type hybrid [SWC-GigabitEthernet0/0/3] port hybrid pvid vlan 400 [SWC-GigabitEthernet0/0/3] port hybrid untagged vlan 400 [SWC-GigabitEthernet0/0/3] quit [SWC] interface vlanif 300 [SWC-Vlanif300] ip address 192.168.1.2 24 [SWC-Vlanif300] quit [SWC] interface vlanif 400 [SWC-Vlanif400] ip address 172.16.1.1 24 [SWC-Vlanif400] quit [SWC] interface vlanif 200 [SWC-Vlanif200] ip address 192.168.2.2 24 [SWC-Vlanif200] quit
3.4:SW—配置vlan
<HUAWEI> system-view [HUAWEI] sysname SW [SW] vlan 100 [SW-vlan100] quit [SW] interface gigabitethernet 0/0/1 [SW-GigabitEthernet0/0/1] port link-type hybrid [SW-GigabitEthernet0/0/1] port hybrid pvid vlan 100 [SW-GigabitEthernet0/0/1] port hybrid untagged vlan 100 [SW-GigabitEthernet0/0/1] quit [SW] interface gigabitethernet 0/0/2 [SW-GigabitEthernet0/0/2] port link-type hybrid [SW-GigabitEthernet0/0/2] port hybrid pvid vlan 100 [SW-GigabitEthernet0/0/2] port hybrid untagged vlan 100 [SW-GigabitEthernet0/0/2] quit [SW] interface gigabitethernet 0/0/3 [SW-GigabitEthernet0/0/3] port link-type hybrid [SW-GigabitEthernet0/0/3] port hybrid pvid vlan 100 [SW-GigabitEthernet0/0/3] port hybrid untagged vlan 100 [SW-GigabitEthernet0/0/3] quit
3.5:配置路由协议
SWA、SWB、SWC;采用OSPF路由协议进行互联,也可以采用静态路由的 方式,只要能互联互通就可以。
交换机A [SWA] ospf 1 [SWA-ospf-1] area 0 [SWA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 路由宣告这里的掩码要反写 [SWA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [SWA-ospf-1-area-0.0.0.0] quit [SWA-ospf-1] quit 交换机B [SWB] ospf 1 [SWB-ospf-1] area 0 [SWB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SWB-ospf-1-area-0.0.0.0] network 192.168.2.0 0.0.0.255 [SWB-ospf-1-area-0.0.0.0] quit [SWB-ospf-1] quit 交换机C [SWC] ospf 1 [SWC-ospf-1] area 0 [SWC-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SWC-ospf-1-area-0.0.0.0] network 192.168.2.0 0.0.0.255 [SWC-ospf-1-area-0.0.0.0] network 172.16.1.0 0.0.0.255 [SWC-ospf-1-area-0.0.0.0] quit [SWC-ospf-1] quit
4:配置VRRP备份组
4.1:配置SWA—VRRP备份组
[SWA] interface vlanif 100 [SWA-Vlanif100] vrrp vrid 1 virtual-ip 10.1.1.111 配置VRRP备份组vrid 1中的虚拟IP地址 [SWA-Vlanif100] vrrp vrid 1 priority 120 配置在vrid 1中的优先级为120;其余设备不指定优先级,默认为100;数字越大,优先级越高 [SWA-Vlanif100] vrrp vrid 1 preempt-mode timer delay 20 配置master设备的抢占时延为20秒 [SWA-Vlanif100] quit
4.2:配置SWB—VRRP备份组
[SWB] interface vlanif 100 [SWB-Vlanif100] vrrp vrid 1 virtual-ip 10.1.1.111 [SWB-Vlanif100] quit
5:关闭互联接口的STP功能
该步骤千万不能省,官方文档有说明,但是在配置中未写。千万注意
5.1关闭SWA互联接口的STP
[SWA] interface gigabitethernet 0/0/1
[SWA-GigabitEthernet0/0/1] stp disable
[SWA-GigabitEthernet0/0/1] interface gigabitethernet 0/0/2
[SWA-GigabitEthernet0/0/2] stp disable
5.2关闭SWB互联接口的STP
[SWB] interface gigabitethernet 0/0/1
[SWB-GigabitEthernet0/0/1] stp disable
[SWB-GigabitEthernet0/0/1] interface gigabitethernet 0/0/2
[SWB-GigabitEthernet0/0/2] stp disable
5.3关闭SWC互联接口的STP
[SWC] interface gigabitethernet 0/0/1
[SWC-GigabitEthernet0/0/1] stp disable
[SWC-GigabitEthernet0/0/1] interface gigabitethernet 0/0/2
[SWC-GigabitEthernet0/0/2] stp disable
[SWC-GigabitEthernet0/0/2] interface gigabitethernet 0/0/3
[SWC-GigabitEthernet0/0/3] stp disable
5.4关闭SW互联接口的STP
[SW] interface gigabitethernet 0/0/1
[SW-GigabitEthernet0/0/1] stp disable
[SW-GigabitEthernet0/0/1] interface gigabitethernet 0/0/2
[SW-GigabitEthernet0/0/2] stp disable
[SW-GigabitEthernet0/0/2] interface gigabitethernet 0/0/3
[SW-GigabitEthernet0/0/3] stp disable
6:验证配置结果
6.1:查看SWA的VRRP状态
通过dis vrrp命令可以看到SWA在备份组的状态为master
6.2:查看SWB的VRRP状态
通过dis vrrp命令可以看到SWB在备份组的状态为Backup
6.3:故障模拟验证
在SWA上执行接口shutdow命令,模拟网络故障,查看SWA和SWB VRRP状态。在将0/0/2口shutdown后,可以看到在SWA上VRRP状态已经从master状态变成初始化(initialize)状态
此时SWB已经接管了从backup变成master状态。
在SWA上接口g0/0/2下执行undo shutdown后,等待20秒,SWA继续成为naster状态
7:配置文件
7.1:SWA配置文件
#
sysname SWA
#
vlan batch 100 300
#
interface Vlanif100
ip address 10.1.1.1 255.255.255.0
vrrp vrid 1 virtual-ip 10.1.1.111
vrrp vrid 1 priority 120
vrrp vrid 1 preempt-mode timer delay 20
#
interface Vlanif300
ip address 192.168.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
port hybrid pvid vlan 300
port hybrid untagged vlan 300
stp disable
#
interface GigabitEthernet0/0/2
port hybrid pvid vlan 100
port hybrid untagged vlan 100 300
stp disable
#
ospf 1
area 0.0.0.0
network 10.1.1.0 0.0.0.255
network 192.168.1.0 0.0.0.255
#
return
7.2:SWB配置文件
#
sysname SWB
#
undo info-center enable
#
vlan batch 100 200
#
interface Vlanif100
ip address 10.1.1.2 255.255.255.0
vrrp vrid 1 virtual-ip 10.1.1.111
#
interface Vlanif200
ip address 192.168.2.1 255.255.255.0
#
interface GigabitEthernet0/0/1
port hybrid pvid vlan 200
port hybrid untagged vlan 200
stp disable
#
interface GigabitEthernet0/0/2
port hybrid pvid vlan 100
port hybrid untagged vlan 100
stp disable
#
ospf 1
area 0.0.0.0
network 10.1.1.0 0.0.0.255
network 192.168.2.0 0.0.0.255
#
return
7.3:SWC配置文件
#
sysname SWC
#
undo info-center enable
#
vlan batch 200 300 400
#
interface Vlanif200
ip address 192.168.2.2 255.255.255.0
#
interface Vlanif300
ip address 192.168.1.2 255.255.255.0
#
interface Vlanif400
ip address 172.16.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
port hybrid pvid vlan 300
port hybrid untagged vlan 300
stp disable
#
interface GigabitEthernet0/0/2
port hybrid pvid vlan 200
port hybrid untagged vlan 200
stp disable
#
interface GigabitEthernet0/0/3
port hybrid pvid vlan 400
port hybrid untagged vlan 400
#
interface GigabitEthernet0/0/4
port hybrid pvid vlan 400
port hybrid untagged vlan 400
#
ospf 1
area 0.0.0.0
network 192.168.1.0 0.0.0.255
network 192.168.2.0 0.0.0.255
network 172.16.1.0 0.0.0.255
#
return
7.4:SW配置文件
#
sysname SW
#
undo info-center enable
#
vlan batch 100
#
interface GigabitEthernet0/0/1
port hybrid pvid vlan 100
port hybrid untagged vlan 100
stp disable
#
interface GigabitEthernet0/0/2
port hybrid pvid vlan 100
port hybrid untagged vlan 100
stp disable
#
interface GigabitEthernet0/0/3
port hybrid pvid vlan 100
port hybrid untagged vlan 100
stp disable
#
return
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
