vrrp配置,vrrp配置实验报告
华为vrrp配置实例 参数详情
1、R1配置:
[R1]interface g0/0/0
[R1-GigabitEthernet0/0/0]ip address 192.168.1.254 24
[R1]interface g0/0/1
[R1-GigabitEthernet0/0/1]ip address 192.168.13.1 24
2、R2配置:
[R2]interface g0/0/0
[R2-GigabitEthernet0/0/0]ip add
[R2-GigabitEthernet0/0/0]ip address 192.168.1.253 24
[R2-GigabitEthernet0/0/0]int g0/0/1
[R2-GigabitEthernet0/0/1]ip add
[R2-GigabitEthernet0/0/1]ip address 192.168.23.1 24
3、R3配置:
[R3]interface g0/0/0
[R3-GigabitEthernet0/0/0]ip ad
[R3-GigabitEthernet0/0/0]ip address 192.168.13.2 24
[R3]interface g0/0/0
[R3-GigabitEthernet0/0/0]ip ad
[R3-GigabitEthernet0/0/0]ip address 192.168.13.2 24
[R3-LoopBack1]ip address 10.0.0.1 24
4、R1、R2配置vrrp,并监控g0/0/1
[R1-GigabitEthernet0/0/0]vrrp vrid 1 virtual-ip 192.168.1.250
[R1-GigabitEthernet0/0/0]vrrp vrid 1 track interface g0/0/1 reduced 50
[R2-GigabitEthernet0/0/0]vrrp vrid 1 virtual-ip 192.168.1.250
[R2-GigabitEthernet0/0/0]vrrp vrid 1 track interface g0/0/1 reduced 51
5、R1、R2、R3配置静态路由,确保全网互通
[R1]ip route-static 10.0.0.1 255.255.255.0 192.168.13.2
[R2]ip route-static 10.0.0.1 255.255.255.0 192.168.23.2
[R3]ip route-static 192.168.1.0 255.255.255.0 192.168.13.1
[R3]ip route-static 192.168.1.0 255.255.255.0 192.168.23.1
6、测试
R1上查看vrrp
R2上查看
PC上测试
7、模拟R2-R3线路故障,测试路由
在PC上跟踪路由
R2上看vrrp
vrrp自动切换R2为master路由,链路备份成功。
VRRP原理及配置实例
通过把几台路由设备联合组成一台虚拟路由设备,将虚拟路由设备的ip地址作为用户的默认网关地址实现与外部的通讯。当网关设备发生故障时,VRRP协议能够快速选举新的网关设备承担数据流量,保障网络的可靠通信。VRRP使用ip报文作为传输协议报文,协议号为112,使用固定的组播地址224.0.0.18进行发送,通过协议报文选举出一台路由器作为master,其他设备作为backup,来实现网关备份功能。VRRP只使用到advertisement这一种报文。
1.路由器的优先级(越大越优)
2.接口ip地址(越大越优)
master会周期性的发送advertisement报文,其实也就是一秒发送一次,如果backup每隔3秒没收到master发来的advertisement报文,则认为master down,就会进行新一轮的选举。
vrrp 1 ip A.B.C.D? #配置虚拟网关地址
vrrp 1 priority 120?? #配置设备优先级
vrrp 1 preempt??? #支持抢占性
vrrp 1 timers advertise1? # 配置advertisement时间为1秒
vrrp 1 authentication md5 key-string Cisco? #配置md5认证密码为Cisco
vrrp 1 track 1 decrement 30??? #监测1若是链路down了 则降低优先级30(例如track 1 interface ethernet 0/0 line-protocol)
track 1 interface Ethernet0/1 line-protocol
interface Ethernet0/1
ip address 192.168.2.2 255.255.255.0
interface Ethernet0/0
ip address 192.168.1.2 255.255.255.0
vrrp 1 ip 192.168.1.253
vrrp 1 priority 120
vrrp 1 track 1 decrement 30
interface Ethernet0/0
ip address 192.168.1.3 255.255.255.0
vrrp 1 ip 192.168.1.253
vrrp 1 priority 80
eNSP模拟实验-VRRP协议配置
? ? 主机在多个出口网关的情况下,仅需要配置一个虚拟网关IP地址作为出口网关,解决局域网主机访问外部网络的可靠性问题。
? ? VRRP,virtual router redundancy protocol虚拟路由器冗余协议,它是一种容错协议。该协议把几台路由器设备联合组成一台虚拟的路由设备,该虚拟路由器在本地局域网中拥有唯一的虚拟ID和虚拟IP地址。该虚拟路由器的是由一个master设备和若干backup,客户端只需要设置此虚拟IP作为网关地址就行。
? ? VRRP的master选举基于优先级,优先级取值范围是0-255。默认优先级为100,在接口上可以通过配置优先级的大小来手工选择master设备。
1、按照图示配置路由器和PC的接口地址。
2、部署OSPF网络,比如R1的配置如下,其他不再阐述。
[Huawei]ospf 1
[Huawei-ospf-1-area-0.0.0.0]net
[Huawei-ospf-1-area-0.0.0.0]network 172.16.2.0 0.0.0.255
[Huawei-ospf-1-area-0.0.0.0]network 172.16.3.0 0.0.0.255
3、配置VRRP协议。
? ? 双出口的方式连接到外网,对AR2 AR3出口网络路由器实现主备备份。在AR2 AR3上配置VRRP协,使用vrrp vrid 1 virsual-ip命令创建VRRP备份组。
AR2:
[Huawei-GigabitEthernet0/0/1]vrrp vrid 1 virtual-ip 172.16.1.254
AR3:
[Huawei-GigabitEthernet0/0/2]vrrp vrid 1 virtual-ip 172.16.1.254
配置完成后PC使用虚拟网关作为默认网关。VRRP协议中,优先级决定路由器在备份组中的角色,优先级高成为master。优先级相同则比较接口IP地址大小,较大成为master。优先级默认100,0被系统保留,255保留给IP地址拥有者使用。
配置AR2的优先级为120,AR3的优先级默认100,使得AR2成为master,AR3为backup。
[Huawei-GigabitEthernet0/0/1]vrrp vrid 1 priority 120
配置完成后在AR2 AR3运行dis vrrp查看协议状态,AR2为master,AR3为backup。
测试PC访问网络的数据包转发路径,经过AR2。
4、验证主备切换,手动关闭交换机的g0/0/1接口, 在AR3运行dis vrrp查看协议状态,AR3为master,State : Master。重新开启端口后,AR2变为为master,AR3为backup。
5、查看报文。在AR3的g0/0/2口抓包查看报文,发现每隔一秒就会接收到AR2发送过来的VRRP报文,这个就是两台物理网关通信的方法,如果没有定期收到报文,那么物理网关(路由器)就会接管VIP。
华为交换机配置vrrp、mstp综合实验
;
1.PC1的网关ip位于汇聚交换机A,PC2的网关IP位于汇聚交换机B,默认均为vlan 1;
2.核心交换机A 与核心交换机B 采用VRRP实现高可用,双机互联端口采用二层聚合;
3.核心交换机A 指定为Vlan 194 和 vlan 192 的根桥(bridge root),核心交换机B指定为vlan195 和vlan193的根桥(bridge root);
汇聚层交换机A:
#生成树的模式选为mstp
stp mode mstp
#进入生成树的配置模式
stp region-configuration
region-name yongfu
#创建实例1,将vlan192、194划到实例1中
instance 1 vlan 192 194?
#创建实例1,将vlan193、195划到实例2中
instance 2 vlan 193 195
#激活配置
active region-configuration
interface Vlanif1
#接入层交换机的网关ip
ip address 10.12.192.254 255.255.255.128
interface Vlanif192
ip address 10.13.192.156 255.255.255.248
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#配置环回接口的IP地址
interface LoopBack0
ip address 1.1.1.1 255.255.255.0
#配置route-id 1.1.1.1
ospf 1 router-id 1.1.1.1
area 0
#宣告直连网络
? network 10.13.192.0 0.0.0.255
? network 10.12.192.128 0.0.0.127
汇聚层交换机B:
vlan batch 193
stp mode mstp
stp region-configuration
region-name yongfu
instance 1 vlan 192 194
instance 2 vlan 193 195
active region-configuration
interface Vlanif1
#pc2的网关ip
ip address 10.14.192.126 255.255.255.128
interface Vlanif193
ip address 10.13.193.156 255.255.255.248
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 193
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 193
#配置ospf,手动设置route-id
ospf 1 router-id 2.2.2.2
area 0
#宣告直连网段
? network 10.14.192.0 0.0.0.127
? network 10.13.193.152 0.0.0.7
核心交换机lsw1:
#创建vlan192-195
vlan batch 192 to 195
#指定该交换机为实例1的根网桥(即为vlan 192、194的根桥)
stp instance 1 root primary
#指定该交换机为实例2的根网桥(即为vlan 193、195的备根桥)
stp instance 2 root secondary
#配置mstp生成树协议
stp mode mstp
stp region-configuration
region-name yongfu
instance 1 vlan 192 194
instance 2 vlan 193 195
active region-configuration
interface Vlanif192
ip address 10.13.192.153 255.255.255.248
#配置vrrp协议,vrid为192,虚拟网关地址为10.13.192.155
vrrp vrid 192 virtual-ip 10.13.192.155
#默认优先级是100,现将优先级设置为120,为主网关设备
vrrp vrid 192 priority 120
interface Vlanif193
ip address 10.13.193.153 255.255.255.248
#不配置优先级,默认为100,作为备用网关
vrrp vrid 193 virtual-ip 10.13.193.155
interface Vlanif194
ip address 10.13.194.1 255.255.255.248
vrrp vrid 194 virtual-ip 10.13.194.3
vrrp vrid 194 priority 120
interface Vlanif195
ip address 10.13.195.1 255.255.255.248
vrrp vrid 195 virtual-ip 10.13.195.3
#配置聚合口
interface Eth-Trunk1
port link-type trunk
#放通所有vlan
port trunk allow-pass vlan 2 to 4094
#将接口划分为对应的vlan
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 192
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 193
#将GigabitEthernet0/0/3、GigabitEthernet0/0/4捆绑成一个聚合口
interface GigabitEthernet0/0/3
eth-trunk 1
interface GigabitEthernet0/0/4
eth-trunk 1
interface GigabitEthernet0/0/5
port link-type trunk
port trunk allow-pass vlan 2 to 4094
interface GigabitEthernet0/0/6
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#配置ospf,进程号为1,route-id为3.3.3.3
ospf 1 router-id 3.3.3.3
area 0.0.0.0
#宣告直连网段
? network 10.13.192.152 0.0.0.7
? network 10.13.193.152 0.0.0.7
? network 10.13.194.0 0.0.0.7
? network 10.13.195.0 0.0.0.7
ip route-static 19.130.107.0 255.255.255.192 10.13.194.5
核心交换机lsw2:(配置与lsw1相似)
#创建vlan192-195
vlan batch 192 to 195
stp mode mstp
stp instance 2 root primary
stp instance 1 root secondary
stp region-configuration
region-name yongfu
instance 1 vlan 192 194
instance 2 vlan 193 195
active region-configuration
#配置个接口的ip地址,配置vrrp,设置主、备网关
interface Vlanif192
ip address 10.13.192.154 255.255.255.248
vrrp vrid 192 virtual-ip 10.13.192.155
interface Vlanif193
ip address 10.13.193.154 255.255.255.248
vrrp vrid 193 virtual-ip 10.13.193.155
vrrp vrid 193 priority 120
interface Vlanif194
ip address 10.13.194.2 255.255.255.248
vrrp vrid 194 virtual-ip 10.13.194.3
interface Vlanif195
ip address 10.13.195.2 255.255.255.248
vrrp vrid 195 virtual-ip 10.13.195.3
vrrp vrid 195 priority 120
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 192
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 193
interface GigabitEthernet0/0/3
eth-trunk 1
interface GigabitEthernet0/0/4
eth-trunk 1
interface GigabitEthernet0/0/5
port link-type trunk
port trunk allow-pass vlan 2 to 4094
interface GigabitEthernet0/0/6
port link-type trunk
port trunk allow-pass vlan 2 to 4094
交换机lsw14:
vlan batch 194
stp mode mstp?
stp region-configuration
region-name yongfu
instance 1 vlan 192 194
instance 2 vlan 193 195
active region-configuration
interface Vlanif1
ip address 10.13.192.133 255.255.255.252
interface Vlanif194
ip address 10.13.194.5 255.255.255.248
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 194
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 194
#配置ospf,进程号为1,route-id 5.5.5.5
ospf 1 router-id 5.5.5.5
area 0.0.0.0
? network 10.13.194.0 0.0.0.7
? network 10.13.192.132 0.0.0.3
ip route-static 19.130.107.0 255.255.255.0 10.13.192.134
交换机lsw15:
vlan batch 195
stp mode mstp
stp region-configuration
region-name yongu
instance 1 vlan 192 194
instance 2 vlan 193 195
active region-configuration
interface Vlanif1
ip address 10.13.192.149 255.255.255.252
interface Vlanif195
ip address 10.13.195.5 255.255.255.248
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 195
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 195
ospf 1 router-id 6.6.6.6
area 0.0.0.0
? network 10.13.192.148 0.0.0.3
? network 10.13.195.0 0.0.0.7
ip route-static 61.142.211.0 255.255.255.0 10.13.192.150
出口路由器R1:
interface Ethernet0/0/0
ip address 10.13.192.134 255.255.255.252
interface Ethernet0/0/1
ip address 19.130.107.1 255.255.255.0
ospf 1 router-id 7.7.7.7
area 0.0.0.0
? network 10.13.192.132 0.0.0.3
? network 19.130.107.0 0.0.0.255
ip route-static 0.0.0.0 0.0.0.0 10.13.192.133
出口路由器R2:
interface Ethernet0/0/0
ip address 10.13.192.150 255.255.255.252
interface Ethernet0/0/1
interface GigabitEthernet0/0/0
ip address 61.142.211.122 255.255.255.0
nat static global 61.142.211.123 inside 10.12.194.1 netmask 255.255.255.255
nat static enable
ospf 1 router-id 8.8.8.8
area 0.0.0.0
? network 10.13.192.148 0.0.0.3
? network 61.142.211.0 0.0.0.255
ip route-static 0.0.0.0 0.0.0.0 10.13.192.149