VRRP配置

學習目的

• 了解網絡負載均衡的功能和作用

• 理解VRRP協議的工作原理

• 掌握三層交換環境單組VRRP的配置方法

• 掌握VRRP認證配置方法

• 掌握VRRP跟蹤接口的配置方法

• 掌握使用VRRP實現負載均衡的配置方法

拓撲圖

????????

場景

???????? 你是公司的網絡管理員。當前的網絡中有兩個用戶。用R2、R3標注為公司用戶。R1使用回環口模擬為Internet服務器。此時網絡中有兩個網關，為實現冗余。現在使用VRRP來實現冗余。

學習任務

步驟一.基本配置與IP編址

???????? 在實驗之前，需要關閉部分設備接口，避免影響本次實驗。

???????? 本次實驗需要關閉S1的G0/0/9、G0/0/13和G0/0/14接口。關閉這些接口之后，開始實驗配置。

???????? 用戶網絡使用vlan1，S1使用vlan2與R1相連，S2使用vlan3與R1相連，R1配置loopback接口；R2、R3作為客戶，配置IP、缺省網關。

???????? 路由器R1模擬為廣域網，它的回環模擬為廣域網中的一臺服務器。

[Huawei]sysname R1

[R1]interface loopback0

[R1-LoopBack0]ip add 10.0.1.1 24

[R1-LoopBack0]interface g0/0/1

[R1-GigabitEthernet0/0/1]ip add 10.0.11.224

[R1-GigabitEthernet0/0/1]desc this portconnect to S1-G0/0/1

[R1-GigabitEthernet0/0/1]interface g0/0/2

[R1-GigabitEthernet0/0/2]ip add 10.0.12.224

[R1-GigabitEthernet0/0/2]desc this portconnect to S2-G0/0/2

[R1-GigabitEthernet0/0/2]q

R2是局域網中的一臺PC設備，使用網段10.0.123.0/24,網關為10.0.123.1.

R3是局域網中的另一臺PC設備，使用網段為10.0.123.0/24,網關為10.0.123.1.

交換機S1配置vlan1、2、3，接口模式為hybird模式。將接口G0/0/10配置為Trunk接口，允許所有vlan通過，G0/0/1配置為access類型接口，屬于vlan2，G0/0/2配置為access類型接口，屬于vlan1.配置vlanif1，為vlan1提供網關服務，IP地址為10.0.123.2/24;配置vlanif2，作為與R1連接的三層接口，ip地址為10.0.11.1/24.

[Huawei]sysname S1

[S1]vlan batch 1 to 3

[S1]interface g0/0/10

[S1-GigabitEthernet0/0/10]port link-typetrunk

[S1-GigabitEthernet0/0/10]port trunkallow-pass vlan all

[S1-GigabitEthernet0/0/10]interface g0/0/1

[S1-GigabitEthernet0/0/1]port link-typeaccess

[S1-GigabitEthernet0/0/1]port default vlan2

[S1-GigabitEthernet0/0/1]interface g0/0/2

[S1-GigabitEthernet0/0/2]port link-typeaccess

[S1-GigabitEthernet0/0/2]port default vlan1

[S1-GigabitEthernet0/0/2]interface vlanif 1

[S1-Vlanif1]ip add 10.0.123.2 24

[S1-Vlanif1]interface vlanif 2

[S1-Vlanif2]ip add 10.0.11.1 24

交換機S2配置vlan1、2、3.接口默認為hybired模式。將接口G0/0/10配置成trunk接口，允許所有vlan通過，G0/0/2配置為access類型接口，屬于vlan3，G0/0/3配置為access類型接口，屬于vlan1.配置vlanif1，為vlan1提供網關服務，IP地址為10.0.123.3/24，配置vlanif3，作為與R1連接的三層接口，IP地址為10.0.12.1/24.

[Huawei]sysname S2

[S2]vlan batch 1 to 3

[S2]interface g0/0/10

[S2-GigabitEthernet0/0/10]port link-typetrunk

[S2-GigabitEthernet0/0/10]port trunkallow-pass vlan all

[S2-GigabitEthernet0/0/10]interface g0/0/2

[S2-GigabitEthernet0/0/2]port link-typeaccess

[S2-GigabitEthernet0/0/2]port default vlan3

[S2-GigabitEthernet0/0/2]interface g0/0/3

[S2-GigabitEthernet0/0/3]port link-typeaccess

[S2-GigabitEthernet0/0/3]port default vlan1

[S2-GigabitEthernet0/0/3]interface vlanif 1

[S2-Vlanif1]ip add 10.0.123.3 24

[S2-Vlanif1]interface vlanif 3

[S2-Vlanif3]ip add 10.0.12.1 24

???????? 配置完成后，測試直連鏈路的連通性，在S2上測試其于S1、R1、R2、R3之間的聯通行。（使用ping命令測試，加上參數“-c 1”代表一個ping包進行測試。默認連續發送5個）。

[S2]ping -c 1 10.0.12.2

?PING 10.0.12.2: 56? data bytes,press CTRL_C to break

???Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=90 ms

?

? ---10.0.12.2 ping statistics ---

??? 1packet(s) transmitted

??? 1packet(s) received

???0.00% packet loss

???round-trip min/avg/max = 90/90/90 ms

?

[S2]ping -c 1 10.0.123.2

?PING 10.0.123.2: 56? data bytes,press CTRL_C to break

???Reply from 10.0.123.2: bytes=56 Sequence=1 ttl=255 time=50 ms

?

? ---10.0.123.2 ping statistics ---

??? 1packet(s) transmitted

??? 1packet(s) received

???0.00% packet loss

???round-trip min/avg/max = 50/50/50 ms

?

[S2]ping -c 1 10.0.123.4

?PING 10.0.123.4: 56? data bytes,press CTRL_C to break

???Reply from 10.0.123.4: bytes=56 Sequence=1 ttl=128 time=70 ms

?

? ---10.0.123.4 ping statistics ---

??? 1packet(s) transmitted

??? 1packet(s) received

???0.00% packet loss

???round-trip min/avg/max = 70/70/70 ms

?

[S2]ping -c 1 10.0.123.5

?PING 10.0.123.5: 56? data bytes,press CTRL_C to break

???Reply from 10.0.123.5: bytes=56 Sequence=1 ttl=128 time=10 ms

?

? ---10.0.123.5 ping statistics ---

??? 1packet(s) transmitted

??? 1packet(s) received

???0.00% packet loss

???round-trip min/avg/max = 10/10/10 ms

步驟二.配置OSPF路由協議，實現s1、S2、R1之間的路由聯通

[S1]ospf 1.

[S1-ospf-1]area 0

[S1-ospf-1-area-0.0.0.0]network 10.0.0.00.255.255.255

[S1-ospf-1-area-0.0.0.0]q

[S1-ospf-1]silent-interface vlanif 1

?

[S2]ospf 1

[S2-ospf-1]area 0

[S2-ospf-1-area-0.0.0.0]network 10.0.0.00.255.255.255

[S2-ospf-1-area-0.0.0.0]q

[S2-ospf-1]silent-interface vlanif 1

?

[R1]ospf 1

[R1-ospf-1]area 0

[R1-ospf-1-area-0.0.0.0]network 10.0.0.00.255.255.255

配置完成后，稍等片刻，等待網絡收斂后，測試網絡的連通性。

[S2]ping -c 1 10.0.11.1

?PING 10.0.11.1: 56? data bytes,press CTRL_C to break

???Reply from 10.0.11.1: bytes=56 Sequence=1 ttl=254 time=60 ms

?

? ---10.0.11.1 ping statistics ---

??? 1packet(s) transmitted

??? 1packet(s) received

???0.00% packet loss

???round-trip min/avg/max = 60/60/60 ms

[S2]ping -c 1 10.0.1.1

?PING 10.0.1.1: 56? data bytes,press CTRL_C to break

???Reply from 10.0.1.1: bytes=56 Sequence=1 ttl=255 time=50 ms

?

? ---10.0.1.1 ping statistics ---

??? 1packet(s) transmitted

??? 1packet(s) received

???0.00% packet loss

??? round-tripmin/avg/max = 50/50/50 ms

?

[S2]ping -c 1 10.0.12.2

?PING 10.0.12.2: 56? data bytes,press CTRL_C to break

???Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=60 ms

?

? ---10.0.12.2 ping statistics ---

??? 1packet(s) transmitted

??? 1packet(s) received

???0.00% packet loss

???round-trip min/avg/max = 60/60/60 ms

步驟三.配置VRRP，實現網關冗余

???????? S1配置VRRP，使用VRRP組1，默認優先級為100，實驗中定義為105.

[S1]interface vlanif 1

[S1-Vlanif1]vrrp vrid 1 virtual-ip10.0.123.1

[S1-Vlanif1]vrrp vrid 1 priority 105

?

[S2]interface vlanif 1

[S2-Vlanif1]vrrp vri??

[S2-Vlanif1]vrrp vrid 1 vir

[S2-Vlanif1]vrrp vrid 1 virtual-ip10.0.123.1

???????? 配置完成后，在R2和R3上測試他們與模擬的Internet服務器之間的通訊是否正常。

???????? 在S1上查看VRRP當前的狀態信息。

[S1]disp vrrp

?Vlanif1 | Virtual Router 1

? ??State : Master

???Virtual IP : 10.0.123.1

???Master IP : 10.0.123.2

???PriorityRun : 105

???PriorityConfig : 105

???MasterPriority : 105

???Preempt : YES?? Delay Time : 0 s

???TimerRun : 1 s

???TimerConfig : 1 s

???Auth type : NONE

???Virtual MAC : 0000-5e00-0101

???Check TTL : YES

???Config type : normal-vrrp

???Create time : 2014-07-03 11:58:33 UTC-08:00

Last change time: 2014-07-03 11:58:37 UTC-08:00

當前R2與R3都是通過S1將數據包發送至internet的。關閉S1的vlanif 1接口，然后測試網絡是否正常切換。

[S1]interface vlanif 1

[S1-Vlanif1]shutdown

???????? 在R2與R3上測試他們與模擬Internet服務器之間的通訊是否正常。

???????? 此時相當于S1設備停止工作，查看S1與S2的VRRP狀態。

[S1]disp vrrp

?Vlanif1 | Virtual Router 1

??? State : Initialize

???Virtual IP : 10.0.123.1

???Master IP : 0.0.0.0

???PriorityRun : 105

???PriorityConfig : 105

???MasterPriority : 0

???Preempt : YES?? Delay Time : 0 s

???TimerRun : 1 s

???TimerConfig : 1 s

???Auth type : NONE

???Virtual MAC : 0000-5e00-0101

???Check TTL : YES

???Config type : normal-vrrp

???Create time : 2014-07-03 11:58:33 UTC-08:00

Last change time: 2014-07-03 12:09:28 UTC-08:00

?

<S2>dispvrrp

? Vlanif1 | Virtual Router 1

? ??State : Master

??? Virtual IP : 10.0.123.1

??? Master IP : 10.0.123.2

??? PriorityRun : 100

??? PriorityConfig : 100

??? MasterPriority : 100

??? Preempt : YES?? Delay Time : 0 s

??? TimerRun : 1 s

??? TimerConfig : 1 s

??? Auth type : NONE

??? Virtual MAC : 0000-5e00-0101

??? Check TTL : YES

??? Config type : normal-vrrp

??? Create time : 2014-07-03 12:01:18 UTC-08:00

??? Last change time : 2014-07-03 12:01:21UTC-08:00

步驟四.跟蹤接口狀態

???????? 重新打開S1的vlanif1接口，并配置S1、S2蹤它們的G0/0/1、G0/0/2接口。

[S1]interfacevlanif 1

[S1-Vlanif1]undoshutdown

???????? 查看S1的vrrp狀態。

[S1]displ vrrp

? Vlanif1 | Virtual Router 1

??? State : Master

??? Virtual IP : 10.0.123.1

??? Master IP : 10.0.123.2

??? PriorityRun : 105

??? PriorityConfig : 105

??? MasterPriority : 105

??? Preempt : YES?? Delay Time : 0 s

??? TimerRun : 1 s

??? TimerConfig : 1 s

??? Auth type : NONE

??? Virtual MAC : 0000-5e00-0101

??? Check TTL : YES

??? Config type : normal-vrrp

??? Create time : 2014-07-03 11:58:33 UTC-08:00

??? Last change time : 2014-07-03 12:21:05UTC-08:00

???????? 此時R2與R3通過S1發送數據給internet。如果關閉S1的G0/0/1接口，或關閉R1的G0/0/1接口，網絡將無法自動切換到通過S2發送數據給internet。

???????? 關閉S1的G0/0/1接口

[S1]interfaceg0/0/1

[S1-GigabitEthernet0/0/1]shutdown

[S1]dis vrrp brief

VRID? State???????Interface??????????????? Type???? Virtual IP????

----------------------------------------------------------------

1???? Master?????? Vlanif1????????????????? Normal?? 10.0.123.1????

----------------------------------------------------------------

Total:1???? Master:1???? Backup:0???? Non-active:0

注：使用brief參數可以顯示簡略信息。

測試R2與internet的連通性。

顯示無法正常通信

重新打開S1的G0/0/1接口

[S1]interfaceg0/0/1

[S1-GigabitEthernet0/0/1]undoshutdown

S1和S2上配置VRRP的接口跟蹤，定義跟蹤G0/0/1接口，如果接口被關閉，則由此岸及降低10.這樣的情況下，S2將搶占S1的VRRP主角色

[S1]interfacevlanif 1

[S1-Vlanif1]vrrpvrid 1 track interface g0/0/1 reduced 10

?

[S2]interfacevlanif 1

[S2-Vlanif1]vrrpvrid 1 track interface g0/0/2 reduced 10

此時，測試網絡的連通性。

網絡正常時，R2可以與internet服務器通信。

關閉S1的G0/0/1接口

[S1]interfaceg0/0/1

[S1-GigabitEthernet0/0/1]shutdown

測試R2與internet服務器之間的連通性。

通訊依然正常，查看S1的vrrp狀態。

[S1]dis vrrp

? Vlanif1 | Virtual Router 1

??? State : Backup

??? Virtual IP : 10.0.123.1

??? Master IP : 10.0.123.3

??? PriorityRun : 95

??? PriorityConfig : 105

??? MasterPriority : 100

??? Preempt : YES?? Delay Time : 0 s

??? TimerRun : 1 s

??? TimerConfig : 1 s

??? Auth type : NONE

??? Virtual MAC : 0000-5e00-0101

??? Check TTL : YES

??? Config type : normal-vrrp

??? Track IF :GigabitEthernet0/0/1?? Priority reduced :10

??? IF state : DOWN

??? Create time : 2014-07-03 11:58:33 UTC-08:00

??? Last change time : 2014-07-03 14:58:38UTC-08:00

轉載于:https://blog.51cto.com/1054054/1434990

總結

以上是生活随笔為你收集整理的华为路由交换VRRP配置的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。