首先介绍下背景:客户单位的网点目前使用的线路是SDH+FR,网点到地市核心使用的路由协议为RIP,根据实际测试,出现链路故障时,不做任何优化的情况下路由收敛需要4分钟。客户单位有计划将网点的FR线路升级为MSTP。
      众所周知,MSTP线路如果在中间某一点出现故障,是不会导致设备物理端口出现协议层down的。物理接口处于UP状态时,路由是不会进行收敛的。为了避免此种情况,并加快网络收敛速度,思科工程师建议使用IP SLA+EEM。于是使用两台Cisco2801进行模拟测试,使用的IOS为c2801-entbasek9-mz.150-1.M.bin。
     模拟拓扑如下:
     设备的主要配置如下:
     R1:
hostname R1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$HYYK$evVsS7tjNc5JkX/VuIhCE0
!
no aaa new-model
no network-clock-participate wic 1
dot11 syslog
ip source-route
!
!
!         
!
ip cef
no ip domain lookup
multilink bundle-name authenticated
!
!
!
!
!
archive
log config
  hidekeys
!
!
controller E1 0/1/0
line-termination 75-ohm
channel-group 0 unframed
!
!
track 1 ip sla 1
!
!
!         
!
interface Loopback0
ip address 56.16.0.1 255.255.255.0
!
interface Loopback1
ip address 56.16.128.1 255.255.255.0
!
interface FastEthernet0/0
ip address 56.16.234.1 255.255.255.252
speed 100
full-duplex
!
interface FastEthernet0/1
speed 100
full-duplex
!
interface Serial0/1/0:0
ip address 56.16.244.1 255.255.255.252
!
router rip
version 2
offset-list 0 in 3 Serial0/1/0:0
offset-list 0 out 3 Serial0/1/0:0
network 56.0.0.0
no auto-summary
!
ip forward-protocol nd
!
!
ip http server
no ip http secure-server
ip route 56.16.234.2 255.255.255.255 FastEthernet0/0
!
ip sla 1
icmp-echo 56.16.234.2
frequency 5
ip sla schedule 1 life forever start-time now
disable-eadi
!
tftp-server flash:c2801-entbasek9-mz.150-1.M.bin
!
control-plane
!         
!
line con 0
line aux 0
line vty 0 4
password cisco
login
!
scheduler allocate 20000 1000
event manager environment 1
event manager applet rip_track_1
event track 1 state down
action 1.0 cli command "enable"
action 2.0 cli command "conf t"
action 3.0 cli command "int f 0/0"
action 3.1 cli command "shut"   //shut物理端口后,路由表就会发生变化,原本从F0/0学到的路由删除,取而代之的是从S0/1/0:0学到的路由
action 3.2 cli command "no sh" //执行no shut命令是为了避免MSTP链路恢复了,端口仍处于关闭状态。反正MSTP线路故障不恢复的话就算UP了,也收不到路由更新。
action 4.0 cli command "end"
!
end
R2:
hostname R2
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$XJXH$eN1O2.Eyv1T5GiWj/M2Rb/
!
no aaa new-model
no network-clock-participate wic 1
dot11 syslog
ip source-route
!
!
!         
!
ip cef
no ip domain lookup
multilink bundle-name authenticated
!
!
!
!
!
!
!
controller E1 0/1/0
line-termination 75-ohm
channel-group 0 unframed
!
controller E1 0/1/1
!
!
track 1 ip sla 1
!
!
!
!         
interface Loopback0
ip address 56.26.0.1 255.255.255.0
!
interface Loopback1
ip address 56.26.128.1 255.255.255.0
!
interface FastEthernet0/0
ip address 56.16.234.2 255.255.255.252
speed 100
full-duplex
!
interface FastEthernet0/1
speed 100
full-duplex
!
interface Serial0/1/0:0
ip address 56.16.244.2 255.255.255.252
!
router rip
version 2
offset-list 0 in 3 FastEthernet0/1
offset-list 0 out 3 FastEthernet0/1
network 56.0.0.0
no auto-summary
!
ip forward-protocol nd
!
!
ip http server
no ip http secure-server
ip route 56.16.234.1 255.255.255.255 FastEthernet0/0
!
ip sla 1
icmp-echo 56.16.234.1
frequency 5
ip sla schedule 1 life forever start-time now
disable-eadi
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
password cisco
login
!
scheduler allocate 20000 1000
event manager environment 1
event manager applet rip_track_2
event track 1 state down
action 1.0 cli command "enable"
action 2.0 cli command "conf t"
action 3.0 cli command "int f 0/0"
action 3.1 cli command "shut"
action 3.2 cli command "no sh"
action 4.0 cli command "end"
!
end   
当两个交换机之间的连线拔掉之后,track 1 可以发现56.16.234.2无法ping到,SLA状态转为down,触发了EEM,执行EEM定义的语句。
*Jan  9 05:58:40.911: %TRACKING-5-STATE: 1 ip sla 1 state Up->Down
*Jan  9 05:58:40.995: %SYS-5-CONFIG_I: Configured from console by  on vty0 (EEM:rip_track_1)
*Jan  9 05:58:42.963: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
再查看路由表时,路由已经是从S0/1/0:0学习到的。在配置中的探测频率与延时情况下,粗略判断路由收敛的时间在5秒左右,比自行收敛快数十倍。
其中有一个需要注意到地方是配置中的那条主机路由:ip route 56.16.234.2 255.255.255.255 FastEthernet0/0
用于确保探测对端地址的ICMP报文只能从F0/0发出,避免ICMP探测报文从其他路径到达目标,造成误判。
初步使用了一下EEM,觉得这个功能非常强大