|
HSRP: 该协议中含有多台路由器,对应一个HSRP组。该组中只有一个路由器承担转发用户流量的职责,这就是活动路由器。当活动路由器失效后,备份路由器将承担该职责,成为新的活动路由器。这就是热备份的原理。 我们通过一个小案例说明它的热备份原理。 案例拓扑:
实验原理: R1作为vlan10用户的的主路由器,即vlan10用户访问inter网时,数据都走r1通过,当r1坏掉时,vlan10用户的数据可以通过r2访问internet R2作为vlan20用户的的主路由器,即vlan20用户访问inter网时,数据都走r2通过,当r2坏掉时,vlan20用户的数据可以通过r1访问internet 当然我们还可以在sw1和sw2之间做端口聚合,再做一次备份 参考配置: r1# show run Building configuration... Current configuration : 1199 bytes ! version 12.4 ! hostname r1 ! interface FastEthernet0/0 ip address 1.1.1.1 255.255.255.0 ip nat outside(作为nat的外部端口) ip virtual-reassembly duplex auto speed auto ! interface FastEthernet1/0 no ip address ip nat inside(nat的内部端口) ip virtual-reassembly duplex auto speed auto ! interface FastEthernet1/0.10(划分子接口) encapsulation dot1Q 10(封装dot1q) ip address 192.168.10.1 255.255.255.0 ip nat inside ip virtual-reassembly standby 10 ip 192.168.10.254 standby 10 priority 120(作为vlan10的主路由器) standby 10 preempt standby 10 track FastEthernet0/0 30(在fa0/0上做端口监听,若出现故障优先级减30) ! interface FastEthernet1/0.20(划分子接口) encapsulation dot1Q 20(封装dot1q) ip address 192.168.20.1 255.255.255.0 ip nat inside ip virtual-reassembly standby 20 ip 192.168.20.254(r1为vlan20的备份路由器) ! ip http server no ip http secure-server ! ip route 0.0.0.0 0.0.0.0 1.1.1.2 ! ip nat inside source list 1 interface FastEthernet0/0 overload(nat端口复用) ! access-list 1 permit any ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 ! ! End r2#show run Building configuration... Current configuration : 1209 bytes ! version 12.4 ! hostname r2 ! interface FastEthernet0/0 no ip address ip nat inside(nat内部端口) ip virtual-reassembly shutdown duplex auto speed auto ! interface FastEthernet0/0.10(划分子接口) encapsulation dot1Q 10(封装dot1q) ip address 192.168.10.2 255.255.255.0 ip nat inside ip virtual-reassembly standby 10 ip 192.168.10.254(r2作为vlan10的备份路由) ! interface FastEthernet0/0.20(划分子接口) encapsulation dot1Q 20(封装dot1q) ip address 192.168.20.2 255.255.255.0 ip nat inside ip virtual-reassembly standby 20 ip 192.168.20.254 standby 20 priority 120(r2作为vlan10的主路由) standby 20 preempt standby 20 track FastEthernet1/0 30(在fa1/0上监听当路由器出现故障优先级降低30) ! interface FastEthernet1/0 ip address 2.2.2.1 255.255.255.0 ip nat outside(nat外部端口) ip virtual-reassembly duplex auto speed auto ! ip route 0.0.0.0 0.0.0.0 2.2.2.2 ! ip nat inside source list 1 interface FastEthernet1/0 overload(nat端口复用) ! access-list 1 permit any ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 ! End sw1#show run Building configuration... Current configuration : 1060 bytes ! version 12.4 hostname sw1 interface FastEthernet0/1 switchport mode trunk ! interface FastEthernet0/10 switchport access vlan 10 ! interface FastEthernet0/14 switchport access vlan 20 ! interface FastEthernet0/15 switchport mode trunk ! interface Vlan10 no ip address ! interface Vlan20 no ip address End sw2#show run Building configuration... Current configuration : 987 bytes ! version 12.4 hostname sw2 interface FastEthernet0/0 switchport mode trunk ! interface FastEthernet0/10 switchport access vlan 10 ! interface FastEthernet0/14 switchport access vlan 20 ! interface FastEthernet0/15 switchport mode trunk ! interface Vlan1 no ip address ! interface Vlan10 no ip address ! interface Vlan20 no ip address end isp#show run Building configuration... Current configuration : 669 bytes ! version 12.4 hostname isp ! interface Loopback1 ip address 3.3.3.3 255.255.255.0 ! interface FastEthernet0/0 ip address 1.1.1.2 255.255.255.0 duplex auto speed auto ! interface FastEthernet10 ip address 2.2.2.2 255.255.255.0 duplex auto speed auto ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 ! End VRRP: 它是一种路由容错协议,也可以叫做备份路由协议。一个局域网络内的所有主机都设置缺省路由,当网内主机发出的目的地址不在本网段时,报文将被通过缺省路由发往外部路由器,从而实现了主机与外部网络的通信。当缺省路由器down掉(即端口关闭)之后,内部主机将无法与外部通信,如果路由器设置了VRRP时,那么这时,虚拟路由将启用备份路由器,从而实现全网通信。 案例拓扑:
实验原理: Sw1作为实例10的主路由器,来自vlan10和vlan20的数据以sw1为根选举阻塞端口 Sw2作为实例10的主路由器,来自vlan30和vlan40的数据以sw2为根选举阻塞端口 若主路由器发生故障,可以使用备份路由器进行数据转发 参考配置: Sw1 [Huawei-Vlanif40] [Huawei-Vlanif40]dis cu # sysname Huawei # vlan batch 10 20 30 40 # stp instance 10 root primary stp instance 20 root secondary # cluster enable stp region-configuration region-name A revision-level 1 instance 10 vlan 10 20 instance 20 vlan 30 40 active region-configuration # interface Vlanif1 # interface Vlanif10 ip address 192.168.10.1 255.255.255.0 vrrp vrid 10 virtual-ip 192.168.10.254 vrrp vrid 10 priority 120 vrrp vrid 20 virtual-ip 192.168.10.253 # interface Vlanif20 ip address 192.168.20.1 255.255.255.0 vrrp vrid 21 virtual-ip 192.168.20.254 vrrp vrid 22 virtual-ip 192.168.20.253 vrrp vrid 22 priority 120 # interface Vlanif30 ip address 192.168.30.1 255.255.255.0 vrrp vrid 31 virtual-ip 192.168.30.254 vrrp vrid 31 priority 120 vrrp vrid 32 virtual-ip 192.168.30.253 # interface Vlanif40 ip address 192.168.40.1 255.255.255.0 vrrp vrid 41 virtual-ip 192.168.40.254 vrrp vrid 42 virtual-ip 192.168.40.253 vrrp vrid 42 priority 120 # interface Ethernet0/0/1 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface Ethernet0/0/2 port link-type trunk port trunk allow-pass vlan 2 to 4094 # [Huawei]dis vrrp brief VRIDStateInterfaceTypeVirtual IP ---------------------------------------------------------------- 10BackupVlanif10Normal192.168.10.253 20MasterVlanif10Normal192.168.10.254 21MasterVlanif20Normal192.168.20.253 22BackupVlanif20Normal192.168.20.254 31BackupVlanif30Normal192.168.30.253 32MasterVlanif30Normal192.168.30.254 41MasterVlanif40Normal192.168.40.253 42BackupVlanif40Normal192.168.40.254 ---------------------------------------------------------------- Total:8Master:4Backup:4Non-active:0 Sw2 [Huawei]dis cu # sysname Huawei # vlan batch 10 20 30 40 # stp instance 10 root secondary stp instance 20 root primary # drop illegal-mac alarm # diffserv domain default # stp region-configuration region-name A revision-level 1 instance 10 vlan 10 20 instance 20 vlan 30 40 active region-configuration interface Vlanif1 # interface Vlanif10 ip address 192.168.10.2 255.255.255.0 vrrp vrid 10 virtual-ip 192.168.10.254 vrrp vrid 20 virtual-ip 192.168.10.253 vrrp vrid 20 priority 120 # interface Vlanif20 ip address 192.168.20.2 255.255.255.0 vrrp vrid 21 virtual-ip 192.168.20.254 vrrp vrid 21 priority 120 vrrp vrid 22 virtual-ip 192.168.20.253 # interface Vlanif30 ip address 192.168.30.2 255.255.255.0 vrrp vrid 31 virtual-ip 192.168.30.254 vrrp vrid 32 virtual-ip 192.168.30.253 vrrp vrid 32 priority 120 # interface Vlanif40 ip address 192.168.40.2 255.255.255.0 vrrp vrid 41 virtual-ip 192.168.40.254 vrrp vrid 41 priority 120 vrrp vrid 42 virtual-ip 192.168.40.253 # interface Ethernet0/0/1 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface Ethernet0/0/2 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface Ethernet0/0/21 port link-type trunk port trunk allow-pass vlan 2 to 4094 [Huawei]dis vrrp brief VRIDStateInterfaceTypeVirtual IP ---------------------------------------------------------------- 10BackupVlanif10Normal192.168.10.254 20MasterVlanif10Normal192.168.10.253 21MasterVlanif20Normal192.168.20.254 22BackupVlanif20Normal192.168.20.253 31BackupVlanif30Normal192.168.30.254 32MasterVlanif30Normal192.168.30.253 41MasterVlanif40Normal192.168.40.254 42BackupVlanif40Normal192.168.40.253 ---------------------------------------------------------------- Total:8Master:4 Backup:4Non-active:0 Sw3 [Huawei]dis cu # sysname Huawei # vlan batch 10 20 30 40 # stp region-configuration region-name A revision-level 1 instance 10 vlan 10 20 instance 20 vlan 30 40 active region-configuration interface Vlanif1 # interface MEth0/0/1 # interface Ethernet0/0/1 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface Ethernet0/0/2 port link-type trunk port trunk allow-pass vlan 2 to 4094 # return sw4 <Huawei>dis cu # sysname Huawei # vlan batch 10 20 30 40 # interface Vlanif1 # interface MEth0/0/1 # interface Ethernet0/0/1 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface Ethernet0/0/2 port link-type trunk port trunk allow-pass vlan 2 to 4094 #
验证信息: Sw2 Instance 10 [Huawei]dis stp instance 10 -------[MSTI 10 Global Info]------- MSTI Bridge ID:4096.4c1f-ccb1-8c98 MSTI RegRoot/IRPC:0.4c1f-cc38-a98d / 1 MSTI RootPortId:128.21 MSTI Root Type:Secondary root Master Bridge:32768.4c1f-cc17-56ed Cost to Master:1 TC received:4 TC count per hello:0 Time since last TC:0 days 0h:0m:25s Number of TC:6 Last TC occurred:Ethernet0/0/21 ----[Port1(Ethernet0/0/1)][LEARNING]---- Port Role:Designated Port Port Priority:128 Port Cost(Dot1T ):Config=auto / Active=1 Designated Bridge/Port:4096.4c1f-ccb1-8c98 / 128.1 Port Times:RemHops 19 TC or TCN send:5 TC or TCN received:0 ----[Port2(Ethernet0/0/2)][LEARNING]---- Port Role:Designated Port Port Priority:128 Port Cost(Dot1T ):Config=auto / Active=1 Designated Bridge/Port:4096.4c1f-ccb1-8c98 / 128.2 Port Times:RemHops 19 TC or TCN send:5 TC or TCN received:2 ----[Port21(Ethernet0/0/21)][FORWARDING]---- Port Role:Root Port Port Priority:128 Port Cost(Dot1T ):Config=auto / Active=1 Designated Bridge/Port:0.4c1f-cc38-a98d / 128.21 Port Times:RemHops 20 TC or TCN send:2 TC or TCN received:2 ----[Port22(Ethernet0/0/22)][DISCARDING]---- Port Role:Alternate Port Port Priority:128 Port Cost(Dot1T ):Config=auto / Active=1 Designated Bridge/Port:0.4c1f-cc38-a98d / 128.22 Port Times:RemHops 20 TC or TCN send:0 TC or TCN received:0 Instance 20 [Huawei]dis stp instance 20 -------[MSTI 20 Global Info]------- MSTI Bridge ID:0.4c1f-ccb1-8c98 MSTI RegRoot/IRPC:0.4c1f-ccb1-8c98 / 0 MSTI RootPortId:0.0 MSTI Root Type:Primary root Master Bridge:32768.4c1f-cc17-56ed Cost to Master:1 TC received:7 TC count per hello:0 Time since last TC:0 days 0h:0m:59s Number of TC:6 Last TC occurred:Ethernet0/0/22 ----[Port1(Ethernet0/0/1)][FORWARDING]---- Port Role:Designated Port Port Priority:128 Port Cost(Dot1T ):Config=auto / Active=1 Designated Bridge/Port:0.4c1f-ccb1-8c98 / 128.1 Port Times:RemHops 20 TC or TCN send:8 TC or TCN received:0 ----[Port2(Ethernet0/0/2)][FORWARDING]---- Port Role:Designated Port Port Priority:128 Port Cost(Dot1T ):Config=auto / Active=1 Designated Bridge/Port:0.4c1f-ccb1-8c98 / 128.2 Port Times:RemHops 20 TC or TCN send:9 TC or TCN received:3 ----[Port21(Ethernet0/0/21)][FORWARDING]---- Port Role:Designated Port Port Priority:128 Port Cost(Dot1T ):Config=auto / Active=1 Designated Bridge/Port:0.4c1f-ccb1-8c98 / 128.21 Port Times:RemHops 20 TC or TCN send:3 TC or TCN received:4 ----[Port22(Ethernet0/0/22)][FORWARDING]---- Port Role:Designated Port Port Priority:128 Port Cost(Dot1T ):Config=auto / Active=1 Designated Bridge/Port:0.4c1f-ccb1-8c98 / 128.22 Port Times:RemHops 20 TC or TCN send:2 TC or TCN received:0
| 
QQ群⑧:
窥视卡
雷达卡
发表于 2013-5-13 09:52:57
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡