这篇博客小编想来说说有关网络高可用性的问题,如果读者接触过园区网的规划,就会发现园区网的规划都少不了一种国际标准VRRP(虚拟路由器冗余协议)技术或者思科的HSRP,多了这两种技术的好处就是让园区网的可用性大大的提高了,由于网络设备都是硬件,不知道什么时候会出现问题,为了不影响用户的正常办公,人们便选择使用冗余技术来解决问题。

§ 什么是VRRP?

     ? VRRP(Virtual Router Redundancy Protocol):虚拟路由冗余协议是用于实现路由器冗余的协议,最新协议在RFC3768中定义。

§ VRRP的定义

     ? 在该协议中,对共享多存取访问介质(如以太网)上终端IP设备的默认网关(Default Gateway)进行冗余备份,从而在其中一台路由设备宕机时,备份路由设备及时接管转发工作,向用户提供透明的切换,提高了网络服务质量。

§ VRRP路由器

     ? 是指运行VRRP的路由器,是物理实体。

§ 虚拟路由器

     ? 是指VRRP协议创建的,是逻辑概念。

§ 主控路由器和备份路由器

     ? 一个VRRP组中有且只有一台处于主控角色的路由器,可以有一个或者多个处于备份角色的路由器。

     ? VRRP协议使用选择策略从路由器组中选出一台作为主控,负责ARP响应和转发IP数据包,组中的其它路由器作为备份的角色处于待命状态。

§ VRRP术语

clip_p_w_picpath002

§ 组成虚拟路由器的路由器会有三种状态

     ? Initialize

clip_p_w_picpath004

系统启动后进入此状态,当收到接口startup的消息,将转入Backup (优先级不为255时)或Master状态(优先级为255时)。在此状态时,路由器不会对VRRP报文做任何处理。

     ? Master

clip_p_w_picpath006

1.定期发送VRRP组播报文,发送免费(gratuitous)ARP报文

2.响应对虚拟IP地址的ARP请求,并且响应的是虚拟MAC地址,而不是接口的真实MAC地址。转发目的MAC地址为虚拟MAC地址的IP报文

3.在Master状态中只有接收到比自己的优先级大的VRRP报文时,才会转为Backup。只有当接收到接口的Shutdown事件时才会转为Initialize。

      ? Backup

1.接收Master发送的VRRP组播报文 从中了解Master的状态

2.对虚拟IP地址的ARP请求 不做响应

3.丢弃目的MAC地址为虚拟MAC地址的IP报文

4.丢弃目的IP地址为虚拟IP地址的IP报文

clip_p_w_picpath008

§ VRRP选举

VRRP的路由器都会发送和接收VRRP通告消息

     ? VRRP优先级

     ? 接口的IP地址

clip_p_w_picpath010

理论部分小编就说到这里了,然后就是具体实现了,小编这里使用的是华为的设备

小编列出一些常用的配置VRRP的命令

设置虚拟地址是否能被PING通

clip_p_w_picpath012

添加/删除虚拟IP

clip_p_w_picpath014

设置备份组的优先级

clip_p_w_picpath016

设置和取消监控端口

clip_p_w_picpath018

显示VRRP的状态信息

clip_p_w_picpath020

以下是小编的实验拓扑规划,小编这里使用了多网关冗余备份,同时加入了MSTP技术,这样网络的高可用性就大大的提升了

clip_p_w_picpath022

实验详情:

【SW1】

[Huawei-Vlanif40]

[Huawei-Vlanif40]dis cu

#

sysname Huawei

#

vlan batch 10 20 30 40

#

stp instance 10 root primary

stp instance 20 root secondary

#

cluster enable

stp region-configuration

region-name A

revision-level 1

instance 10 vlan 10 20

instance 20 vlan 30 40

active region-configuration

#

interface Vlanif1

#

interface Vlanif10

ip address 192.168.10.1 255.255.255.0

vrrp vrid 10 virtual-ip 192.168.10.254

vrrp vrid 10 priority 120

vrrp vrid 20 virtual-ip 192.168.10.253

#

interface Vlanif20

ip address 192.168.20.1 255.255.255.0

vrrp vrid 21 virtual-ip 192.168.20.254

vrrp vrid 22 virtual-ip 192.168.20.253

vrrp vrid 22 priority 120

#

interface Vlanif30

ip address 192.168.30.1 255.255.255.0

vrrp vrid 31 virtual-ip 192.168.30.254

vrrp vrid 31 priority 120

vrrp vrid 32 virtual-ip 192.168.30.253

#

interface Vlanif40

ip address 192.168.40.1 255.255.255.0

vrrp vrid 41 virtual-ip 192.168.40.254

vrrp vrid 42 virtual-ip 192.168.40.253

vrrp vrid 42 priority 120

#

interface Ethernet0/0/1

port link-type trunk

port trunk allow-pass vlan 2 to 4094

#

interface Ethernet0/0/2

port link-type trunk

port trunk allow-pass vlan 2 to 4094

#

【SW1】

[Huawei]dis vrrp brief

VRID State Interface Type Virtual IP

----------------------------------------------------------------

10 Backup Vlanif10 Normal 192.168.10.253

20 Master Vlanif10 Normal 192.168.10.254

21 Master Vlanif20 Normal 192.168.20.253

22 Backup Vlanif20 Normal 192.168.20.254

31 Backup Vlanif30 Normal 192.168.30.253

32 Master Vlanif30 Normal 192.168.30.254

41 Master Vlanif40 Normal 192.168.40.253

42 Backup Vlanif40 Normal 192.168.40.254

----------------------------------------------------------------

Total:8 Master:4 Backup:4 Non-active:0

【SW2】

[Huawei]dis cu

#

sysname Huawei

#

vlan batch 10 20 30 40

#

stp instance 10 root secondary

stp instance 20 root primary

#

drop illegal-mac alarm

#

diffserv domain default

#

stp region-configuration

region-name A

revision-level 1

instance 10 vlan 10 20

instance 20 vlan 30 40

active region-configuration

interface Vlanif1

#

interface Vlanif10

ip address 192.168.10.2 255.255.255.0

vrrp vrid 10 virtual-ip 192.168.10.254

vrrp vrid 20 virtual-ip 192.168.10.253

vrrp vrid 20 priority 120

#

interface Vlanif20

ip address 192.168.20.2 255.255.255.0

vrrp vrid 21 virtual-ip 192.168.20.254

vrrp vrid 21 priority 120

vrrp vrid 22 virtual-ip 192.168.20.253

#

interface Vlanif30

ip address 192.168.30.2 255.255.255.0

vrrp vrid 31 virtual-ip 192.168.30.254

vrrp vrid 32 virtual-ip 192.168.30.253

vrrp vrid 32 priority 120

#

interface Vlanif40

ip address 192.168.40.2 255.255.255.0

vrrp vrid 41 virtual-ip 192.168.40.254

vrrp vrid 41 priority 120

vrrp vrid 42 virtual-ip 192.168.40.253

#

interface Ethernet0/0/1

port link-type trunk

port trunk allow-pass vlan 2 to 4094

#

interface Ethernet0/0/2

port link-type trunk

port trunk allow-pass vlan 2 to 4094

#

interface Ethernet0/0/21

port link-type trunk

port trunk allow-pass vlan 2 to 4094

【SW2】

[Huawei]dis vrrp brief

VRID State Interface Type Virtual IP

----------------------------------------------------------------

10 Backup Vlanif10 Normal 192.168.10.254

20 Master Vlanif10 Normal 192.168.10.253

21 Master Vlanif20 Normal 192.168.20.254

22 Backup Vlanif20 Normal 192.168.20.253

31 Backup Vlanif30 Normal 192.168.30.254

32 Master Vlanif30 Normal 192.168.30.253

41 Master Vlanif40 Normal 192.168.40.254

42 Backup Vlanif40 Normal 192.168.40.253

----------------------------------------------------------------

Total:8 Master:4 Backup:4 Non-active:0

【SW2】

Instance 10

[Huawei]dis stp ins

[Huawei]dis stp instance 10

-------[MSTI 10 Global Info]-------

MSTI Bridge ID :4096.4c1f-ccb1-8c98

MSTI RegRoot/IRPC :0.4c1f-cc38-a98d / 1

MSTI RootPortId :128.21

MSTI Root Type :Secondary root

Master Bridge :32768.4c1f-cc17-56ed

Cost to Master :1

TC received :4

TC count per hello :0

Time since last TC :0 days 0h:0m:25s

Number of TC :6

Last TC occurred :Ethernet0/0/21

----[Port1(Ethernet0/0/1)][LEARNING]----

Port Role :Designated Port

Port Priority :128

Port Cost(Dot1T ) :Config=auto / Active=1

Designated Bridge/Port :4096.4c1f-ccb1-8c98 / 128.1

Port Times :RemHops 19

TC or TCN send :5

TC or TCN received :0

----[Port2(Ethernet0/0/2)][LEARNING]----

Port Role :Designated Port

Port Priority :128

Port Cost(Dot1T ) :Config=auto / Active=1

Designated Bridge/Port :4096.4c1f-ccb1-8c98 / 128.2

Port Times :RemHops 19

TC or TCN send :5

TC or TCN received :2

----[Port21(Ethernet0/0/21)][FORWARDING]----

Port Role :Root Port

Port Priority :128

Port Cost(Dot1T ) :Config=auto / Active=1

Designated Bridge/Port :0.4c1f-cc38-a98d / 128.21

Port Times :RemHops 20

TC or TCN send :2

TC or TCN received :2

----[Port22(Ethernet0/0/22)][DISCARDING]----

Port Role :Alternate Port

Port Priority :128

Port Cost(Dot1T ) :Config=auto / Active=1

Designated Bridge/Port :0.4c1f-cc38-a98d / 128.22

Port Times :RemHops 20

TC or TCN send :0

TC or TCN received :0

Instance 20

[Huawei]dis stp instance 20

-------[MSTI 20 Global Info]-------

MSTI Bridge ID :0.4c1f-ccb1-8c98

MSTI RegRoot/IRPC :0.4c1f-ccb1-8c98 / 0

MSTI RootPortId :0.0

MSTI Root Type :Primary root

Master Bridge :32768.4c1f-cc17-56ed

Cost to Master :1

TC received :7

TC count per hello :0

Time since last TC :0 days 0h:0m:59s

Number of TC :6

Last TC occurred :Ethernet0/0/22

----[Port1(Ethernet0/0/1)][FORWARDING]----

Port Role :Designated Port

Port Priority :128

Port Cost(Dot1T ) :Config=auto / Active=1

Designated Bridge/Port :0.4c1f-ccb1-8c98 / 128.1

Port Times :RemHops 20

TC or TCN send :8

TC or TCN received :0

----[Port2(Ethernet0/0/2)][FORWARDING]----

Port Role :Designated Port

Port Priority :128

Port Cost(Dot1T ) :Config=auto / Active=1

Designated Bridge/Port :0.4c1f-ccb1-8c98 / 128.2

Port Times :RemHops 20

TC or TCN send :9

TC or TCN received :3

----[Port21(Ethernet0/0/21)][FORWARDING]----

Port Role :Designated Port

Port Priority :128

Port Cost(Dot1T ) :Config=auto / Active=1

Designated Bridge/Port :0.4c1f-ccb1-8c98 / 128.21

Port Times :RemHops 20

TC or TCN send :3

TC or TCN received :4

----[Port22(Ethernet0/0/22)][FORWARDING]----

Port Role :Designated Port

Port Priority :128

Port Cost(Dot1T ) :Config=auto / Active=1

Designated Bridge/Port :0.4c1f-ccb1-8c98 / 128.22

Port Times :RemHops 20

TC or TCN send :2

TC or TCN received :0

【SW3】

[Huawei]dis cu

#

sysname Huawei

#

vlan batch 10 20 30 40

#

stp region-configuration

region-name A

revision-level 1

instance 10 vlan 10 20

instance 20 vlan 30 40

active region-configuration

interface Vlanif1

#

interface MEth0/0/1

#

interface Ethernet0/0/1

port link-type trunk

port trunk allow-pass vlan 2 to 4094

#

interface Ethernet0/0/2

port link-type trunk

port trunk allow-pass vlan 2 to 4094

#

return

【SW4】

<Huawei>dis cu

#

sysname Huawei

#

vlan batch 10 20 30 40

#

interface Vlanif1

#

interface MEth0/0/1

#

interface Ethernet0/0/1

port link-type trunk

port trunk allow-pass vlan 2 to 4094

#

interface Ethernet0/0/2

port link-type trunk

port trunk allow-pass vlan 2 to 4094

#