双核心冗余结构下的网络架构中,HSRP,VRRP,STP都是最常用的几种技术。Cisco命名为HSRP(热备份路由协议),华为与H3C等国内的厂商称为虚拟路由冗余协议。名称不同但配置过程与作用却是类似的。
典型的网络结构如下图所示
此处我以client 1作为内网,ip地址段192.168.1.0/24 ,属于vlan3. lsw1与ar1连接处使用10.10.10.0/30,
Lsw2与ar1连接处使用20.20.20.0/30,client2作为目标网段,使用30.30.30.0/24.路由器与交换机上跑OSPF协议,LSW1作为活跃路由器。
配置前的准备工作例如IP地址,主要是看VRRP的配置。
LSW3配置
[LSW3]vlan 3
[LSW3-vlan3]quit
[LSW3]int e0/0/3
[LSW3-Ethernet0/0/3]port link-type access
[LSW3-Ethernet0/0/3]port default vlan 3
[LSW3-Ethernet0/0/3]quit
[LSW3]int e0/0/1
[LSW3-Ethernet0/0/1]port link-type trunk
[LSW3-Ethernet0/0/1]port trunk allow-pass vlan all
[LSW3-Ethernet0/0/1]quit
[LSW3]int e0/0/2
[LSW3-Ethernet0/0/2]port link-type trunk
[LSW3-Ethernet0/0/2]port trunk allow-pass vlan all
[LSW3-Ethernet0/0/2]quit
LSW1上的配置
[LSW1]vlan 20
[LSW1-vlan20]quit
[LSW1]int vlan 20
[LSW1-Vlanif20]ip add 10.10.10.1 30
[LSW1-Vlanif20]quit
[LSW1]int e0/0/1
[LSW1-Ethernet0/0/1]port link-type trunk
[LSW1-Ethernet0/0/1]port trunk allow-pass vlan all
[LSW1-Ethernet0/0/1]quit
[LSW1]int e0/0/2
[LSW1-Ethernet0/0/2]port link-type access
[LSW1-Ethernet0/0/2]port default vlan 20
[LSW1-Ethernet0/0/2]quit
[LSW1]ospf 1
[LSW1-ospf-1]are 0
[LSW1-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.255
[LSW1-ospf-1-area-0.0.0.0]network 10.10.10.0 0.0.0.3
[LSW1-ospf-1-area-0.0.0.0]quit
[LSW1]vlan 3
[LSW1-vlan3]quit
[LSW1]int vlan 3
[LSW1-Vlanif3]ip address 192.168.1.100 24
[LSW1-Vlanif3]quit
[LSW1-Vlanif3]vrrp vrid 1 virtual-ip 192.168.1.1 //虚拟ip
[LSW1-Vlanif3]vrrp vrid 1 priority 200 //优先级
[LSW1-Vlanif3]vrrp vrid 1 preempt-mode timer delay 5 //在5s后进行抢占
[LSW1-Vlanif3]vrrp vrid 1 track interface Ethernet 0/0/2 reduced 100 //当发现端口down掉后优先级降低100,
LSW2
[LSW2]vlan 20
[LSW2-vlan20]quit
[LSW2]int vlan 20
[LSW2-Vlanif20]ip add 20.20.20.1 30
[LSW2-Vlanif20]quit
[LSW2]int e0/0/1
[LSW2-Ethernet0/0/1]port link-type trunk
[LSW2-Ethernet0/0/1]port trunk allow-pass vlan all
[LSW2]int e0/0/2
[LSW2-Ethernet0/0/2]port link-type access
[LSW2-Ethernet0/0/2]port default vlan 20
[LSW2-Ethernet0/0/2]quit
[LSW2]ospf 1
[LSW2-ospf-1]area 0
[LSW2-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.255
[LSW2-ospf-1-area-0.0.0.0]network 20.20.20.0 0.0.0.3
[LSW2-ospf-1-area-0.0.0.0]quit
[LSW2-ospf-1]
[LSW2]vlan 3
[LSW2-vlan3]quit
[LSW2]int vlan 3
[LSW2-Vlanif3]ip add 192.168.1.200 24
[LSW2-Vlanif3]vrrp vrid 1 virtual-ip 192.168.1.1
[LSW2-Vlanif3]vrrp vrid 1 priority 120
[LSW2-Vlanif3]vrrp vrid 1 preempt-mode timer delay 5
AR1
<AR1>sys
Enter system view, return user view with Ctrl+Z.
[AR1]int g0/0/0
[AR1-GigabitEthernet0/0/0]ip add 10.10.10.2 30
[AR1-GigabitEthernet0/0/0]quit
[AR1]int g0/0/1
[AR1-GigabitEthernet0/0/1]quit
[AR1]int g0/0/2
[AR1-GigabitEthernet0/0/2]ip add 30.30.30.1 24
[AR1-GigabitEthernet0/0/2]quit
[AR1-ospf-1]area 0
[AR1-ospf-1-area-0.0.0.0]network 10.10.10.0 0.0.0.3
[AR1-ospf-1-area-0.0.0.0]network 20.20.20.0 0.0.0.3
[AR1-ospf-1-area-0.0.0.0]network 30.30.30.0 0.0.0.255
配置完毕后在CLIENT1上PING CLIENT2
查看VRRP组的状态
[LSW1]display vrrp 1
Vlanif3 | Virtual Router 1
State : Master
Virtual IP : 192.168.1.1
Master IP : 192.168.1.100
PriorityRun : 200
PriorityConfig : 200
MasterPriority : 200
Preempt : YES Delay Time : 5 s
TimerRun : 1 s
TimerConfig : 1 s
Auth type : NONE
Virtual MAC : 0000-5e00-0101
Check TTL : YES
Config type : normal-vrrp
Track IF : Ethernet0/0/2 Priority reduced : 100
IF state : UP
Create time : 2013-04-27 18:13:50 UTC-08:00
Last change time : 2013-04-27 18:30:33 UTC-08:00
[LSW2]disp vrrp 1
Vlanif3 | Virtual Router 1
State : Backup
Virtual IP : 192.168.1.1
Master IP : 192.168.1.100
PriorityRun : 120
PriorityConfig : 120
MasterPriority : 200
Preempt : YES Delay Time : 5 s
TimerRun : 1 s
TimerConfig : 1 s
Auth type : NONE
Virtual MAC : 0000-5e00-0101
Check TTL : YES
Config type : normal-vrrp
Create time : 2013-04-27 18:17:01 UTC-08:00
Last change time : 2013-04-27 18:55:32 UTC-08:00
将LSW1连接路由器的接口关闭再观察vrrp状态
[LSW1]disp vrrp 1
Vlanif3 | Virtual Router 1
State : Backup
Virtual IP : 192.168.1.1
Master IP : 192.168.1.200
PriorityRun : 100
PriorityConfig : 200
MasterPriority : 120
Preempt : YES Delay Time : 5 s
TimerRun : 1 s
TimerConfig : 1 s
Auth type : NONE
Virtual MAC : 0000-5e00-0101
Check TTL : YES
Config type : normal-vrrp
Track IF : Ethernet0/0/2 Priority reduced : 100
IF state : DOWN
Create time : 2013-04-27 18:13:50 UTC-08:00
Last change time : 2013-04-27 19:03:03 UTC-08:00
[LSW2]disp vrrp 1
Vlanif3 | Virtual Router 1
State : Master
Virtual IP : 192.168.1.1
Master IP : 192.168.1.200
PriorityRun : 120
PriorityConfig : 120
MasterPriority : 120
Preempt : YES Delay Time : 5 s
TimerRun : 1 s
TimerConfig : 1 s
Auth type : NONE
Virtual MAC : 0000-5e00-0101
Check TTL : YES
Config type : normal-vrrp
Create time : 2013-04-27 18:17:01 UTC-08:00
Last change time : 2013-04-27 19:03:02 UTC-08:00
切换期间客户端之间的通信丢了一个数据包
此结果说明,VRRP工作基本正常。