本文主要是介绍【华为】VRRP的实验配置,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
【华为】VRRP的实验配置
- 实验需求
- 拓扑
- LSW 3
- LSW 1
- 基础配置
- VRRP
- DHCP
- OSPF
- 默认路由
- LSW 2
- 基本配置
- VRRP
- DHCP
- OSPF
- 默认路由
- R1
- ISP
- PC1
- PC2
- 测试
- 上网
- VRRP
- 实验需求
- 监视端口
- 配置文档
实验需求
① 该公司有市场部和技术部,分别划在VLAN 10 和 VLAN 20里面
② 此时为了网络的稳定性,需要在三层交换机上面做网关冗余技术(VRRP),要求LSW1作为PC1的主网关,PC2的备网关,LSW2作为PC2的主网关,PC1的备网关
③ 该公司的因特网出口 AR1 与两个汇聚交换机之间,采用三层方式互联,就是可以进行通信。
(这边可以注意一下:交换机要与路由器相连,让两边端口都能通信,有两种办法
- 进入交换机的接口,配置模式下undo switchport(模拟器一般不支持,真机支持)
- 用SVI接口,将交换机与路由器相连的端口设置为access端口,就OK了)
④ 然后在路由器AR1和两个汇聚交换机之间运行 OSPF,实现全互联
最终目的:
让PC1和PC2上网
拓扑
LSW 3
接入层的配置,只需要将端口划分一下
<Huawei>system-view
[Huawei]sysname LSW3
[LSW3]undo info-center enable
Info: Information center is disabled.[LSW3]vlan batch 10 20 ## 批量创建vlan 10 20
Info: This operation may take a few seconds. Please wait for a moment...done.[LSW3]int e0/0/3
[LSW3-Ethernet0/0/3]port link-type access ## 端口角色为access
[LSW3-Ethernet0/0/3]port default vlan 10 ## 将VLAN10 绑定在e0/0/3
[LSW3-Ethernet0/0/3]quit [LSW3]int e0/0/4
[LSW3-Ethernet0/0/4]port link-type access
[LSW3-Ethernet0/0/4]port default vlan 20
[LSW3-Ethernet0/0/4]quit[LSW3]int e0/0/1
[LSW3-Ethernet0/0/1]port link-type trunk ## 端口角色为trunk
[LSW3-Ethernet0/0/1]port trunk allow-pass vlan all ## trunk放行所有vlan
[LSW3-Ethernet0/0/1]quit [LSW3]int e0/0/2
[LSW3-Ethernet0/0/2]port link-type trunk
[LSW3-Ethernet0/0/2]port trunk allow-pass vlan all
[LSW3-Ethernet0/0/2]quit
LSW 1
基础配置
<Huawei>system-view ## 进入配置视图
Enter system view, return user view with Ctrl+Z. ## Ctrl+z可以回退到用户视图[Huawei]undo info-center enable ##关闭系统自动弹出消息
Info: Information center is disabled. ## 关闭成功[Huawei]sysname LSW1 ## 设备命名为LSW1[LSW1]vlan batch 10 20 100 ## 批量创建VLAN 10 20 100
Info: This operation may take a few seconds. Please wait for a moment...done.## 划分端口角色
[LSW1]int g0/0/3
[LSW1-GigabitEthernet0/0/3]port link-type trunk
[LSW1-GigabitEthernet0/0/3]port trunk allow-pass vlan all
[LSW1-GigabitEthernet0/0/3]quit [LSW1]int g0/0/2
[LSW1-GigabitEthernet0/0/2] port link-type trunk
[LSW1-GigabitEthernet0/0/2] port trunk allow-pass vlan all
[LSW1-GigabitEthernet0/0/2]quit ## 这个时候交换机与路由器互联的接口就用SVI接口来配置
[LSW1]int g0/0/1
[LSW1-GigabitEthernet0/0/1]port link-type access ## 将端口划分为access模式
[LSW1-GigabitEthernet0/0/1]port default vlan 100 ## 与VLAN 100 进行绑定
[LSW1-GigabitEthernet0/0/1]quit ## SVI接口
[LSW1]int vlan 100
[LSW1-Vlanif100]ip address 192.168.1.2 24
[LSW1-Vlanif100]quit
VRRP
[LSW1]interface Vlan10 ##进入SVI10接口
[LSW1-Vlanif10] ip address 192.168.10.251 255.255.255.0 ## 配置IP地址
## 创建vrrp组10,虚拟ip为192.168.10.254
[LSW1-Vlanif10] vrrp vrid 10 virtual-ip 192.168.10.254
## 修改优先级为120,作为VLAN 10的主网关,默认优先级是100
[LSW1-Vlanif10] vrrp vrid 10 priority 120
## 抢占延时为10秒,比如说我master坏了,我的backup变为master
## 那等我master修复好了,需要再等10s才能变为master
[LSW1-Vlanif10] vrrp vrid 10 preempt-mode timer delay 10
## 配置VRRP备份组监视接口,如果我g0/0/1的接口down了,优先级就会减30
## 这个时候就会走backup那边
[LSW1-Vlanif10]vrrp vrid 10 track interface g0/0/1 reduced 30
[LSW1-Vlanif10]quit[LSW1]interface Vlan20
[LSW1-Vlanif20] ip address 192.168.20.251 255.255.255.0
[LSW1-Vlanif20] vrrp vrid 20 virtual-ip 192.168.20.254
[LSW1-Vlanif20] vrrp vrid 20 preempt-mode timer delay 10
[LSW1-Vlanif20] vrrp vrid 20 track interface g0/0/1 reduced 30
[LSW1-Vlanif20]quit
DHCP
全局下的DHCP,才能去指定我的默认网关是192.168.10.254
如果是接口下的DHCP,它的默认网关是该接口,比如说VLAN10的网关就变成了192.168.10.252了,那就与我们的VRRP的冲突了,所以我们选择是全局下的DHCP
[LSW1]dhcp enable ## 开启DHCP功能
Info: The operation may take a few seconds. Please wait for a moment.done.## 创建地址池vlan10 和 vlan20
[LSW1]ip pool vlan10
Info:It''s successful to create an IP address pool. ## 创建成功
[LSW1-ip-pool-vlan10]network 192.168.10.0 mask 255.255.255.0 ## 下发的范围和掩码
[LSW1-ip-pool-vlan10]dns-list 8.8.8.8 ## dns
[LSW1-ip-pool-vlan10]gateway-list 192.168.10.254 ## 默认网关
[LSW1-ip-pool-vlan10]excluded-ip-address 192.168.10.101 192.168.10.250 ## 保留地址
[LSW1-ip-pool-vlan10]lease 7 ## 租期为7天
[LSW1-ip-pool-vlan10]quit[LSW1] ip pool vlan20
Info:It's successful to create an IP address pool.
[LSW1-ip-pool-vlan20] gateway-list 192.168.20.254
[LSW1-ip-pool-vlan20] network 192.168.20.0 mask 255.255.255.0
[LSW1-ip-pool-vlan20] excluded-ip-address 192.168.20.101 192.168.20.250
[LSW1-ip-pool-vlan20] lease 7
[LSW1-ip-pool-vlan20] dns-list 8.8.8.8
[LSW1-ip-pool-vlan20]quit ## 进入SVI接口中全局调用DHCP
[LSW1]int vlan 10
[LSW1-Vlanif10]dhcp select global
[LSW1-Vlanif10]quit[LSW1]int vlan 20
[LSW1-Vlanif20]dhcp select global
[LSW1-Vlanif20]quit
OSPF
## 进入OSPF进程110,RID手动改为2.2.2.2
[LSW1]ospf 110 router-id 2.2.2.2
[LSW1-ospf-110]area 0 ## 进入骨干区域
[LSW1-ospf-110-area-0.0.0.0]network 192.168.1.0 0.0.0.255 ## 宣告路由信息
[LSW1-ospf-110-area-0.0.0.0]network 192.168.10.0 0.0.0.255
[LSW1-ospf-110-area-0.0.0.0]network 192.168.20.0 0.0.0.255
[LSW1-ospf-110-area-0.0.0.0]quit
[LSW1-ospf-110]qu
默认路由
这个一定要写的,因为PC要上网
把流量发到网关的时候,它找不到相对应的路由条目,就会导致通信失败
这个时候就需要再写一条默认路由,来指向全部IP地址,把流量丢给出口路由器AR1
[LSW1]ip route-static 0.0.0.0 0 192.168.1.1
LSW 2
基本配置
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname LSW2[LSW2]undo info-center enable
Info: Information center is disabled.[LSW2]vlan batch 10 20 200 300
Info: This operation may take a few seconds. Please wait for a moment...done.[LSW2]int g0/0/3
[LSW2-GigabitEthernet0/0/3]port link-type trunk
[LSW2-GigabitEthernet0/0/3]port trunk allow-pass vlan all
[LSW2-GigabitEthernet0/0/3]quit [LSW2]int g0/0/2 ## 作为心跳口,传输双方VLAN流量
[LSW2-GigabitEthernet0/0/2]port link-type trunk
[LSW2-GigabitEthernet0/0/2]port trunk allow-pass vlan all
[LSW2-GigabitEthernet0/0/2]quit[LSW2]int g0/0/1
[LSW2-GigabitEthernet0/0/1]port link-type access
[LSW2-GigabitEthernet0/0/1]port default vlan 200
[LSW2-GigabitEthernet0/0/1]quit[LSW2]int vlan 200
[LSW2-Vlanif200]ip address 192.168.2.3 24
[LSW2-Vlanif200]quitVRRP
[LSW2]interface Vlan10
[LSW2-Vlanif10] ip address 192.168.10.252 255.255.255.0
[LSW2-Vlanif10] vrrp vrid 10 virtual-ip 192.168.10.254
[LSW2-Vlanif10] vrrp vrid 10 preempt-mode timer delay 10
[LSW2-Vlanif10] vrrp vrid 10 track interface g0/0/1 reduced 30
[LSW2-Vlanif10]quit[LSW2] interface Vlanif20
[LSW2-Vlanif20] ip address 192.168.20.252 255.255.255.0
[LSW2-Vlanif20] vrrp vrid 20 virtual-ip 192.168.20.254
[LSW2-Vlanif20] vrrp vrid 20 priority 120
[LSW2-Vlanif20] vrrp vrid 20 preempt-mode timer delay 10
[LSW2-Vlanif20]vrrp vrid 20 track interface g0/0/1 reduced 30
[LSW2-Vlanif20]quit
DHCP
[LSW2]dhcp enable
Info: The operation may take a few seconds. Please wait for a moment.done.## 全局下的DHCP,才能去指定我的默认网关是192.168.10.254
[LSW2]ip pool vlan10
Info:It''s successful to create an IP address pool.
[LSW2-ip-pool-vlan10]network 192.168.10.0 mask 255.255.255.0
[LSW2-ip-pool-vlan10]dns-list 8.8.8.8
[LSW2-ip-pool-vlan10]gateway-list 192.168.10.254
[LSW2-ip-pool-vlan10]excluded-ip-address 192.168.10.101 192.168.10.250
[LSW2-ip-pool-vlan10]lease 7
[LSW2-ip-pool-vlan10]quit[LSW2] ip pool vlan20
Info:It's successful to create an IP address pool.
[LSW2-ip-pool-vlan20] gateway-list 192.168.20.254
[LSW2-ip-pool-vlan20] network 192.168.20.0 mask 255.255.255.0
[LSW2-ip-pool-vlan20] excluded-ip-address 192.168.20.101 192.168.20.250
[LSW2-ip-pool-vlan20] lease 7
[LSW2-ip-pool-vlan20] dns-list 8.8.8.8
[LSW2-ip-pool-vlan20]quit [LSW2]int vlan 10
[LSW2-Vlanif10]dhcp select global
[LSW2-Vlanif10]quit[LSW2]int vlan 20
[LSW2-Vlanif20]dhcp select global
[LSW2-Vlanif20]quit
OSPF
[LSW2]ospf 110
[LSW2-ospf-110]area 0
[LSW2-ospf-110-area-0.0.0.0]network 192.168.2.0 0.0.0.255
[LSW2-ospf-110-area-0.0.0.0]network 192.168.20.0 0.0.0.255
[LSW2-ospf-110-area-0.0.0.0]network 192.168.10.0 0.0.0.255
[LSW2-ospf-110-area-0.0.0.0]quit
[LSW2-ospf-110]quit
默认路由
[LSW2]ip route-static 0.0.0.0 0 192.168.2.1
R1
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname AR1[AR1]int g0/0/1
[AR1-GigabitEthernet0/0/1]ip address 192.168.1.1 24
[AR1-GigabitEthernet0/0/1]quit[AR1]int g0/0/2
[AR1-GigabitEthernet0/0/2]ip address 192.168.2.1 24
[AR1-GigabitEthernet0/0/2]qu## OSPF
[AR1]ospf 110
[AR1-ospf-110]area 0
[AR1-ospf-110-area-0.0.0.0]network 192.168.1.0 0.0.0.255
[AR1-ospf-110-area-0.0.0.0]network 192.168.2.0 0.0.0.255
[AR1-ospf-110-area-0.0.0.0]quit
[AR1-ospf-110]quit## NAT(Easy IP)
[AR1]acl 2000
[AR1-acl-basic-2000]rule permit source 192.168.10.0 0.0.0.255
[AR1-acl-basic-2000]rule permit source 192.168.20.0 0.0.0.255
[AR1-acl-basic-2000]quit [AR1]int g0/0/0
[AR1-GigabitEthernet0/0/0]nat outbound 2000
[AR1-GigabitEthernet0/0/0]quit
ISP
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.[Huawei]sysname ISP[ISP]undo info-center enable
Info: Information center is disabled.[ISP]int g0/0/0
[ISP-GigabitEthernet0/0/0]ip address 202.101.1.1 24
[ISP-GigabitEthernet0/0/0]quit
PC1
查看是否获取到地址 PC>ipconfig
PC2
测试
上网
PC1
PC2
VRRP
实验需求
此时为了网络的稳定性,需要在三层交换机上面做网关冗余技术(VRRP),要求LSW1作为PC1的主网关,PC2的备网关,LSW2作为PC2的主网关,PC1的备网关
监视端口
当LSW1的G0/0/1接口down了,这个时候VLAN10的主网关就要变成了LSW2身上了
[LSW1]int g0/0/1
[LSW1-GigabitEthernet0/0/1]shutdown
LSW1身上查看,都变成了backup
LSW2身上查看,都变成了master,说明监视端口完全没问题的
配置文档
LSW1
#
sysname LSW1
#
undo info-center enable
#
vlan batch 10 20 100
#
dhcp enable
#
ip pool vlan10gateway-list 192.168.10.254network 192.168.10.0 mask 255.255.255.0excluded-ip-address 192.168.10.101 192.168.10.250lease day 7 hour 0 minute 0 dns-list 8.8.8.8
#
ip pool vlan20gateway-list 192.168.20.254network 192.168.20.0 mask 255.255.255.0excluded-ip-address 192.168.20.101 192.168.20.250lease day 7 hour 0 minute 0dns-list 8.8.8.8
#
interface Vlanif10ip address 192.168.10.251 255.255.255.0vrrp vrid 10 virtual-ip 192.168.10.254vrrp vrid 10 priority 120vrrp vrid 10 preempt-mode timer delay 10 vrrp vrid 10 track interface GigabitEthernet0/0/1 reduced 30dhcp select global
#
interface Vlanif20ip address 192.168.20.251 255.255.255.0vrrp vrid 20 virtual-ip 192.168.20.254vrrp vrid 20 preempt-mode timer delay 10vrrp vrid 20 track interface GigabitEthernet0/0/1dhcp select global
#
interface Vlanif100ip address 192.168.1.2 255.255.255.0
#
interface GigabitEthernet0/0/1port link-type accessport default vlan 100
#
interface GigabitEthernet0/0/2 port link-type trunkport trunk allow-pass vlan all
#
interface GigabitEthernet0/0/3port link-type trunkport trunk allow-pass vlan all
#
ospf 110 router-id 2.2.2.2area 0.0.0.0network 192.168.1.0 0.0.0.255network 192.168.10.0 0.0.0.255network 192.168.20.0 0.0.0.255
#
ip route-static 0.0.0.0 0.0.0.0 192.168.1.1
LSW2
#
sysname LSW2
#
undo info-center enable
#
vlan batch 10 20 200
#
dhcp enable
#
ip pool vlan10gateway-list 192.168.10.254network 192.168.10.0 mask 255.255.255.0excluded-ip-address 192.168.10.101 192.168.10.250lease day 7 hour 0 minute 0 dns-list 8.8.8.8
#
ip pool vlan20gateway-list 192.168.20.254network 192.168.20.0 mask 255.255.255.0excluded-ip-address 192.168.20.101 192.168.20.250lease day 7 hour 0 minute 0dns-list 8.8.8.8
#
interface Vlanif10ip address 192.168.10.252 255.255.255.0vrrp vrid 10 virtual-ip 192.168.10.254vrrp vrid 10 preempt-mode timer delay 10vrrp vrid 10 track interface GigabitEthernet0/0/1dhcp select global
#
interface Vlanif20ip address 192.168.20.252 255.255.255.0vrrp vrid 20 virtual-ip 192.168.20.254vrrp vrid 20 priority 120vrrp vrid 20 preempt-mode timer delay 10vrrp vrid 20 track interface GigabitEthernet0/0/1 reduced 30dhcp select global
#
interface Vlanif200ip address 192.168.2.3 255.255.255.0
#
interface GigabitEthernet0/0/1port link-type accessport default vlan 200
#
interface GigabitEthernet0/0/2port link-type trunk port trunk allow-pass vlan all
#
interface GigabitEthernet0/0/3port link-type trunkport trunk allow-pass vlan all
#
ospf 110area 0.0.0.0network 192.168.2.0 0.0.0.255network 192.168.20.0 0.0.0.255network 192.168.10.0 0.0.0.255
#
ip route-static 0.0.0.0 0.0.0.0 192.168.2.1
这篇关于【华为】VRRP的实验配置的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
