组网需求
正常情况下,主机以SwitchA为默认网关接入Internet,当SwitchA故障时,SwitchB接替SwitchA作为网关继续进行工作,实现网关的冗余备份。
SwitchA故障恢复后,其延时20秒通过抢占的方式重新成为Master,承担数据传输。
请确保该场景下互联接口的STP处于未使能状态。同时将互连接口退出VLAN1,避免形成环路。因为在使能STP的环形网络中,如果用交换机的VLANIF接口构建三层网络,会导致某个端口被阻塞,从而导致三层业务不能正常运行。
设备 | 接口 | 对应的Vlanif | IP地址 |
---|---|---|---|
SwitchA | GE1/0/1 | VLANIF300 | 192.168.1.1/24 |
GE1/0/2 | VLANIF100 | 10.1.1.1/24 | |
SwitchB | GE1/0/1 | VLANIF200 | 192.168.2.1/24 |
GE1/0/2 | VLANIF100 | 10.1.1.2/24 | |
SwitchC | GE1/0/1 | VLANIF300 | 192.168.1.2/24 |
GE1/0/2 | VLANIF200 | 192.168.2.2/24 | |
GE1/0/3 | VLANIF400 | 172.16.1.1/24 |
配置思路
采用VRRP主备备份实现网关冗余备份,配置思路如下:
配置各设备接口IP地址及路由协议,使各设备间网络层连通。
在SwitchA和SwitchB上配置VRRP备份组。其中,SwitchA上配置较高优先级和20秒抢占延时,作为Master设备承担流量转发;SwitchB上配置较低优先级,作为备用交换机,实现网关冗余备份。
操作步骤
配置设备间的网络互连
# 配置设备各接口的IP地址,以SwitchA为例。SwitchB和SwitchC的配置与SwitchA类似,详见配置文件。
<HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] vlan batch 100 300
[SwitchA] interface gigabitethernet 1/0/1
[SwitchA-GigabitEthernet1/0/1] port link-type hybrid
[SwitchA-GigabitEthernet1/0/1] port hybrid pvid vlan 300
[SwitchA-GigabitEthernet1/0/1] port hybrid untagged vlan 300
[SwitchA-GigabitEthernet1/0/1] quit
[SwitchA] interface gigabitethernet 1/0/2
[SwitchA-GigabitEthernet1/0/2] port link-type hybrid
[SwitchA-GigabitEthernet1/0/2] port hybrid pvid vlan 100
[SwitchA-GigabitEthernet1/0/2] port hybrid untagged vlan 100
[SwitchA-GigabitEthernet1/0/2] quit[SwitchA] interface vlanif 100
[SwitchA-Vlanif100] ip address 10.1.1.1 24
[SwitchA-Vlanif100] quit
[SwitchA] interface vlanif 300
[SwitchA-Vlanif300] ip address 192.168.1.1 24
[SwitchA-Vlanif300] quit
# 配置Switch的二层转发功能。
<HUAWEI> system-view
[HUAWEI] sysname Switch
[Switch] vlan 100
[Switch-vlan100] quit
[Switch] interface gigabitethernet 1/0/1
[Switch-GigabitEthernet1/0/1] port link-type hybrid
[Switch-GigabitEthernet1/0/1] port hybrid pvid vlan 100
[Switch-GigabitEthernet1/0/1] port hybrid untagged vlan 100
[Switch-GigabitEthernet1/0/1] quit[Switch] interface gigabitethernet 1/0/2
[Switch-GigabitEthernet1/0/2] port link-type hybrid
[Switch-GigabitEthernet1/0/2] port hybrid pvid vlan 100
[Switch-GigabitEthernet1/0/2] port hybrid untagged vlan 100
[Switch-GigabitEthernet1/0/2] quit
# 配置SwitchA、SwitchB和SwitchC间采用OSPF协议进行互连。以SwitchA为例,SwitchB和SwitchC的配置与SwitchA类似,详见配置文件。
[SwitchA] ospf 1[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit[SwitchA-ospf-1] quit
配置VRRP备份组
# 在SwitchA上创建VRRP备份组1,配置SwitchA在该备份组中的优先级为120,并配置抢占时间为20秒。
[SwitchA] interface vlanif 100
[SwitchA-Vlanif100] vrrp vrid 1 virtual-ip 10.1.1.111
[SwitchA-Vlanif100] vrrp vrid 1 priority 120
[SwitchA-Vlanif100] vrrp vrid 1 preempt-mode timer delay 20
[SwitchA-Vlanif100] quit
# 在SwitchB上创建VRRP备份组1,其在该备份组中的优先级为缺省值100。
[SwitchB] interface vlanif 100
[SwitchB-Vlanif100] vrrp vrid 1 virtual-ip 10.1.1.111
[SwitchB-Vlanif100] quit
验证配置结果
# 完成上述配置以后,在SwitchA和SwitchB上分别执行display vrrp命令,可以看到SwitchA在备份组中的状态为Master,SwitchB在备份组中的状态为Backup。
[SwitchA] display vrrp Vlanif100 | Virtual Router 1 State : Master Virtual IP : 10.1.1.111 Master IP : 10.1.1.1 PriorityRun : 120 PriorityConfig : 120 MasterPriority : 120 Preempt : YES Delay Time : 20 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-01-12 20:15:46 Last change time : 2012-01-12 20:15:46
[SwitchB] display vrrp Vlanif100 | Virtual Router 1 State : Backup Virtual IP : 10.1.1.111 Master IP : 10.1.1.1 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 120 Preempt : YES Delay Time : 0 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-01-12 20:15:46 Last change time : 2012-01-12 20:15:46
# 在SwitchA和SwitchB上执行display ip routing-table命令,SwitchA上可以看到路由表中有一条目的地址为虚拟IP地址的直连路由,而SwitchB上该路由为OSPF路由。SwitchA和SwitchB上的显示信息如下。
[SwitchA] display ip routing-tableRoute Flags: R - relay, D - download to fib, T - to vpn-instance------------------------------------------------------------------------------ Routing Tables: Public Destinations : 9 Routes : 10 Destination/Mask Proto Pre Cost Flags NextHop Interface 10.1.1.0/24 Direct 0 0 D 10.1.1.1 Vlanif100 10.1.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif100 10.1.1.111/32 Direct 0 0 D 127.0.0.1 Vlanif100 127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0 172.16.1.0/24 OSPF 10 2 D 192.168.1.2 Vlanif300 192.168.1.0/24 Direct 0 0 D 192.168.1.1 Vlanif300 192.168.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif300 192.168.2.0/24 OSPF 10 2 D 10.1.1.2 Vlanif100 OSPF 10 2 D 192.168.1.2 Vlanif300
[SwitchB] display ip routing-tableRoute Flags: R - relay, D - download to fib, T - to vpn-instance----------------
Routing Tables: Public Destinations : 9 Routes : 10 Destination/Mask Proto Pre Cost Flags NextHop Interface 10.1.1.0/24 Direct 0 0 D 10.1.1.2 Vlanif100 10.1.1.2/32 Direct 0 0 D 127.0.0.1 Vlanif100 10.1.1.111/32 OSPF 10 2 D 10.1.1.1 Vlanif100 127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0 172.16.1.0/24 OSPF 10 2 D 192.168.2.2 Vlanif200 192.168.1.0/24 OSPF 10 2 D 10.1.1.1 Vlanif100 OSPF 10 2 D 192.168.2.2 Vlanif200 192.168.2.0/24 Direct 0 0 D 192.168.2.1 Vlanif200 192.168.2.1/32 Direct 0 0 D 127.0.0.1 Vlanif200
# 在SwitchA的接口GE1/0/2上执行shutdown命令,模拟SwitchA出现故障。
[SwitchA] interface gigabitethernet 1/0/2
[SwitchA-GigabitEthernet1/0/2] shutdown
[SwitchA-GigabitEthernet1/0/2] quit
# 在SwitchB上执行display vrrp命令查看VRRP状态信息,可以看到SwitchB的状态是Master。
[SwitchB] display vrrp Vlanif100 | Virtual Router 1 State : Master Virtual IP : 10.1.1.111 Master IP : 10.1.1.2 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 100 Preempt : YES Delay Time : 0 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-01-12 20:15:46 Last change time : 2012-01-12 20:18:40
# 在SwitchA的接口GE1/0/2上执行undo shutdown命令。
[SwitchA] interface gigabitethernet 1/0/2
[SwitchA-GigabitEthernet1/0/2] undo shutdown
[SwitchA-GigabitEthernet1/0/2] quit
# 等待20秒后,在SwitchA上执行display vrrp命令查看VRRP状态信息,可以看到SwitchA的状态恢复成Master。
[SwitchA] display vrrp Vlanif100 | Virtual Router 1 State : Master Virtual IP : 10.1.1.111 Master IP : 10.1.1.1 PriorityRun : 120 PriorityConfig : 120 MasterPriority : 120 Preempt : YES Delay Time : 20 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-01-12 20:15:46 Last change time : 2012-01-12 20:20:56
配置文件
SwitchA的配置文件
# sysname SwitchA # vlan batch 100 300 # interface Vlanif100 ip address 10.1.1.1 255.255.255.0 vrrp vrid 1 virtual-ip 10.1.1.111 vrrp vrid 1 priority 120 vrrp vrid 1 preempt-mode timer delay 20 # interface Vlanif300 ip address 192.168.1.1 255.255.255.0 # interface GigabitEthernet1/0/1 port link-type hybrid port hybrid pvid vlan 300 port hybrid untagged vlan 300 # interface GigabitEthernet1/0/2 port link-type hybrid port hybrid pvid vlan 100 port hybrid untagged vlan 100 # ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.255 network 192.168.1.0 0.0.0.255 # return
SwitchB的配置文件
# sysname SwitchB # vlan batch 100 200 # interface Vlanif100 ip address 10.1.1.2 255.255.255.0 vrrp vrid 1 virtual-ip 10.1.1.111 # interface Vlanif200 ip address 192.168.2.1 255.255.255.0 # interface GigabitEthernet1/0/1 port link-type hybrid port hybrid pvid vlan 200 port hybrid untagged vlan 200 # interface GigabitEthernet1/0/2 port link-type hybrid port hybrid pvid vlan 100 port hybrid untagged vlan 100 # ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.255 network 192.168.2.0 0.0.0.255 # return
SwitchC的配置文件
# sysname SwitchC # vlan batch 200 300 400 # interface Vlanif200 ip address 192.168.2.2 255.255.255.0 # interface Vlanif300 ip address 192.168.1.2 255.255.255.0 # interface Vlanif400 ip address 172.16.1.1 255.255.255.0 # interface GigabitEthernet1/0/1 port link-type hybrid port hybrid pvid vlan 300 port hybrid untagged vlan 300 # interface GigabitEthernet1/0/2 port link-type hybrid port hybrid pvid vlan 200 port hybrid untagged vlan 200 # interface GigabitEthernet1/0/3 port link-type hybrid port hybrid pvid vlan 400 port hybrid untagged vlan 400 # ospf 1 area 0.0.0.0 network 172.16.1.0 0.0.0.255 network 192.168.1.0 0.0.0.255 network 192.168.2.0 0.0.0.255 # return
Switch的配置文件
# sysname Switch # vlan batch 100 # interface GigabitEthernet1/0/1 port link-type hybrid port hybrid pvid vlan 100 port hybrid untagged vlan 100 # interface GigabitEthernet1/0/2 port link-type hybrid port hybrid pvid vlan 100 port hybrid untagged vlan 100 # return
已有 0 条评论了