注册 登录  
 加关注
   显示下一条  |  关闭
温馨提示!由于新浪微博认证机制调整,您的新浪微博帐号绑定已过期,请重新绑定!立即重新绑定新浪微博》  |  关闭

山林客

简单不一定幸福,但幸福其实可以很简单。

 
 
 

日志

 
 
关于我

2004年毕业于中山大学,毕业后专注于网站开发和网络工程技术。先后取得SCWCD、CCNP认证,对Asp/Java有丰富的开发经验,对网络工程也有较深的研究。真诚欢迎大家多多指教、多多指点、多多指正,共同分享IT道路和人生道路上的喜怒哀乐。

网易考拉推荐

三种路由器冗余协议的配置示例  

2009-02-22 16:26:08|  分类: Cisco |  标签: |举报 |字号 订阅

  下载LOFTER 我的照片书  |

拓扑图

三种路由器冗余协议的配置示例 - 瑞志.net - 山林客

实验用到的是4台3640路由器,我用的镜像是unzip-c3640-ik9o3s-mz.124-10.bin

其中HSRP和VRRP用到SW1、SW2和SW3,而GLBP则用到全部4台路由器。

一、HSRP

1. 配置HSRP

SW1(config)#interface vlan 50
SW1(config-if)#ip address 192.168.1.10 255.255.255.0
SW1(config-if)#standby 1 priority 200
SW1(config-if)#standby 1 preempt
SW1(config-if)#standby 1 ip 192.168.1.1
SW1(config-if)#standby 1 authentication MyKey
SW1(config-if)#standby 2 priority 100
SW1(config-if)#standby 2 ip 192.168.1.2
SW1(config-if)#standby 2 authentication MyKey
SW1(config-if)#^Z

SW2(config)#interface vlan 50
SW2(config-if)#ip address 192.168.1.11 255.255.255.0
SW2(config-if)#standby 1 priority 100
SW2(config-if)#standby 1 ip 192.168.1.1
SW2(config-if)#standby 1 authentication MyKey
SW2(config-if)#standby 2 priority 200
SW2(config-if)#standby 2 preempt
SW2(config-if)#standby 2 ip 192.168.1.2
SW2(config-if)#standby 2 authentication MyKey
SW2(config-if)#^Z

我们在这里一共配置了两个standby group,其中SW1充当group 1的active router,并配置了抢占,同时,它还充当了group 2的standby router。同理,SW2是group 2的active router,同时为group 1的standby router。

这时侯我们查看HSRP信息:

SW1#show standby vlan 50 brief
                     P indicates configured to preempt.
                     |
Interface   Grp Prio P  State    Active          Standby         Virtual IP    
Vl50        1   200     P  Init     unknown         unknown         192.168.1.1   
Vl50        2   100          Init     unknown         unknown         192.168.1.2   

显示HSRP的状态为Init,而Standby为Unknown,这是由于我们还没有配置VLAN 50及将端口关联到VLAN 50

2. 在SW1和SW2上配置VLAN

SW1(vlan)#vlan 50
VLAN 50 added:
    Name: VLAN0050
SW1(vlan)#exit
APPLY completed.
Exiting....
SW1#config t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#int f0/1
SW1(config-if)#switchport
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 50
SW1(config-if)#

 

SW2#vlan database
SW2(vlan)#vlan 50
VLAN 50 added:
    Name: VLAN0050
SW2(vlan)#exit
APPLY completed.
Exiting....
SW2#config t
Enter configuration commands, one per line.  End with CNTL/Z.
SW2(config)#int f0/1
SW2(config-if)#switch
SW2(config-if)#switchport mode access
SW2(config-if)#switchport access vlan 50

 

配置完成后我们可以看到SW1和SW2经历如下过程:

SW1(config-if)#
*Mar  1 00:17:08.155: %HSRP-5-STATECHANGE: Vlan50 Grp 1 state Speak -> Standby
*Mar  1 00:17:08.155: %HSRP-5-STATECHANGE: Vlan50 Grp 2 state Speak -> Standby
*Mar  1 00:17:08.655: %HSRP-5-STATECHANGE: Vlan50 Grp 1 state Standby -> Active
*Mar  1 00:17:08.659: %HSRP-5-STATECHANGE: Vlan50 Grp 2 state Standby -> Active
*Mar  1 00:17:17.783: %HSRP-5-STATECHANGE: Vlan50 Grp 2 state Active -> Speak

可以看到,SW1先从Speak状态转为Standby,然后尝试称为Active,在Group 2中,由于SW2的优先级比SW1高,所以SW1又转换为Speak

输入debug standby events

SW1#debug standby events
HSRP Events debugging is on
SW1#
*Mar  1 00:05:24.131: HSRP: Vl50 Grp 1 Active: i/Resign rcvd (100/192.168.1.11)
*Mar  1 00:05:24.135: HSRP: Vl50 Grp 2 Active: j/Coup rcvd from higher pri router (200/192.168.1.11)
*Mar  1 00:05:24.139: HSRP: Vl50 Grp 2 Active router is 192.168.1.11, was local
*Mar  1 00:05:24.139: HSRP: Vl50 Grp 2 Active -> Speak
*Mar  1 00:05:24.139: %HSRP-5-STATECHANGE: Vlan50 Grp 2 state Active -> Speak
SW1#
*Mar  1 00:05:24.139: HSRP: Vl50 Grp 2 Redundancy "hsrp-Vl50-2" state Active -> Speak
SW1#
*Mar  1 00:05:27.131: HSRP: Vl50 Grp 1 Redundancy group hsrp-Vl50-1 state Active -> Active
SW1#
*Mar  1 00:05:30.131: HSRP: Vl50 Grp 1 Redundancy group hsrp-Vl50-1 state Active -> Active
SW1#
*Mar  1 00:05:34.123: HSRP: Vl50 Grp 1 Standby router is 192.168.1.11
*Mar  1 00:05:34.139: HSRP: Vl50 Grp 2 Speak: d/Standby timer expired (unknown)
*Mar  1 00:05:34.139: HSRP: Vl50 Grp 2 Standby router is local
*Mar  1 00:05:34.139: HSRP: Vl50 Grp 2 Speak -> Standby
*Mar  1 00:05:34.139: %HSRP-5-STATECHANGE: Vlan50 Grp 2 state Speak -> Standby
SW1#
*Mar  1 00:05:34.139: HSRP: Vl50 Grp 2 Redundancy "hsrp-Vl50-2" state Speak -> Standby

这里我们可以清晰看到每个状态的切换

 

查看SW1的HSRP状态

SW1#show standby vlan 50 brief
                     P indicates configured to preempt.
                     |
Interface   Grp  Prio    P State       Active               Standby            Virtual IP    
Vl50        1       200     P Active      local                192.168.1.11    192.168.1.1   
Vl50        2      100        Standby  192.168.1.11    local                192.168.1.2   

可以看到每个Group各自的active router和standby router,以及每个group的网关地址(这里的virtual ip)。

接下来,我们尝试关闭SW3的F0/0端口,让SW1和SW2不能通信,看会有什么结果。

首先在SW1上输入debug standby events

然后关闭SW3的F0/0端口

SW1#
*Mar  1 00:08:37.107: HSRP: Vl50 Grp 2 Standby: c/Active timer expired (192.168.1.11)
*Mar  1 00:08:37.107: HSRP: Vl50 Grp 2 Active router is local, was 192.168.1.11
*Mar  1 00:08:37.107: HSRP: Vl50 Grp 2 Standby router is unknown, was local
*Mar  1 00:08:37.111: HSRP: Vl50 Grp 2 Standby -> Active
*Mar  1 00:08:37.111: %HSRP-5-STATECHANGE: Vlan50 Grp 2 state Standby -> Active

SW1#
*Mar  1 00:08:37.111: HSRP: Vl50 Grp 2 Redundancy "hsrp-Vl50-2" state Standby -> Active
*Mar  1 00:08:38.095: HSRP: Vl50 Grp 1 Standby router is unknown, was 192.168.1.11
SW1#
*Mar  1 00:08:40.115: HSRP: Vl50 Grp 2 Redundancy group hsrp-Vl50-2 state Active -> Active
SW1#
*Mar  1 00:08:43.115: HSRP: Vl50 Grp 2 Redundancy group hsrp-Vl50-2 state Active -> Active

可以看到SW2自己成为group 2上的active router

SW1#show standby vlan 50 brief
                     P indicates configured to preempt.
                     |
Interface   Grp Prio P State    Active          Standby         Virtual IP    
Vl50        1   200  P Active   local           unknown         192.168.1.1   
Vl50        2   100    Active   local           unknown         192.168.1.2

我们再次把SW3的F0/0端口打开

SW1#
*Mar  1 00:11:04.111: HSRP: Vl50 Grp 1 Hello  in  192.168.1.11 Active  pri 100 vIP 192.168.1.1
*Mar  1 00:11:04.115: HSRP: Vl50 Grp 1 Active: h/Hello rcvd from lower pri Active router (100/192.168.1.11)
*Mar  1 00:11:04.163: HSRP: Vl50 Grp 2 Active: j/Coup rcvd from higher pri router (200/192.168.1.11)
*Mar  1 00:11:04.163: HSRP: Vl50 Grp 2 Active router is 192.168.1.11, was local

*Mar  1 00:11:04.167: HSRP: Vl50 Grp 2 Active -> Speak
*Mar  1 00:11:04.167: %HSRP-5-STATECHANGE: Vlan50 Grp 2 state Active -> Speak
SW1#
*Mar  1 00:11:04.167: HSRP: Vl50 Grp 2 Redundancy "hsrp-Vl50-2" state Active -> Speak
SW1#
*Mar  1 00:11:07.115: HSRP: Vl50 Grp 1 Redundancy group hsrp-Vl50-1 state Active -> Active
SW1#
*Mar  1 00:11:10.115: HSRP: Vl50 Grp 1 Redundancy group hsrp-Vl50-1 state Active -> Active
SW1#
*Mar  1 00:11:14.163: HSRP: Vl50 Grp 2 Speak: d/Standby timer expired (unknown)
*Mar  1 00:11:14.163: HSRP: Vl50 Grp 2 Standby router is local
*Mar  1 00:11:14.163: HSRP: Vl50 Grp 2 Speak -> Standby
*Mar  1 00:11:14.163: %HSRP-5-STATECHANGE: Vlan50 Grp 2 state Speak -> Standby
SW1#
*Mar  1 00:11:14.167: HSRP: Vl50 Grp 2 Redundancy "hsrp-Vl50-2" state Speak -> Standby
*Mar  1 00:11:14.207: HSRP: Vl50 Grp 1 Standby router is 192.168.1.11

显示在group 2中有更高优先级的router,于是状态又切换回standby

SW1#show standby vlan 50 brief
                     P indicates configured to preempt.
                     |
Interface   Grp Prio P State    Active          Standby         Virtual IP    
Vl50        1   200  P Active   local           192.168.1.11    192.168.1.1   
Vl50        2   100    Standby  192.168.1.11    local           192.168.1.2   

 

二、VRRP

而对于VRRP,其配置大同小异,首先清除原来的配置

SW1(config)#no int vlan 50

然后做如下配置:

SW1(config)#int vlan 50
SW1(config-if)#ip address 192.168.1.10 255.255.255.0
SW1(config-if)#vrrp 1 priority 200
SW1(config-if)#vrrp 1 ip 192.168.1.1
SW1(config-if)#
*Mar  1 00:28:58.983: %VRRP-6-STATECHANGE: Vl50 Grp 1 state Init -> Backup
SW1(config-if)#vrrp
*Mar  1 00:29:02.203: %VRRP-6-STATECHANGE: Vl50 Grp 1 state Backup -> Master
SW1(config-if)#vrrp 2 priority 100
SW1(config-if)#no vrrp 2 preempt
SW1(config-if)#vrrp 2 ip 192.168.1.2
SW1(config-if)#
*Mar  1 00:29:23.695: %VRRP-6-STATECHANGE: Vl50 Grp 2 state Init -> Backup
SW1(config-if)#
*Mar  1 00:29:27.307: %VRRP-6-STATECHANGE: Vl50 Grp 2 state Backup -> Master
SW1(config-if)#
*Mar  1 00:30:35.971: %VRRP-6-STATECHANGE: Vl50 Grp 2 state Master -> Backup
SW1(config-if)#

我们看到SW1在gruop 1上是Master,在group 2上是backup,最后一行是在我配置完SW2之后输出的。因为VRRP默认是抢占的,所以在SW1上配置vrrp 2的时候我们需要禁用该group上的抢占。

SW2(config)#int vlan 50
SW2(config-if)#ip add 192.168.1.11 255.255.255.0
SW2(config-if)#vrrp 1 prio
SW2(config-if)#vrrp 1 priority 100
SW2(config-if)#no vrrp 1 preempt
SW2(config-if)#vrrp 1 ip 192.168.1.1
SW2(config-if)#
*Mar  1 00:29:44.067: %VRRP-6-STATECHANGE: Vl50 Grp 1 state Init -> Backup
SW2(config-if)#vrrp 2 priority 200
SW2(config-if)#vrrp 2 ip 192.168.1.2
SW2(config-if)#
*Mar  1 00:29:59.383: %VRRP-6-STATECHANGE: Vl50 Grp 2 state Init -> Backup
SW2(config-if)#
*Mar  1 00:30:02.603: %VRRP-6-STATECHANGE: Vl50 Grp 2 state Backup -> Master
SW2(config-if)#

查看状态

SW1#show vrrp brief
Interface          Grp Pri Time  Own Pre State   Master addr     Group addr
Vl50               1   200 3218           Y  Master  192.168.1.10    192.168.1.1   
Vl50               2   100 3609           Y  Backup  192.168.1.11    192.168.1.2  

SW1#show vrrp
Vlan50 - Group 1 
  State is Master 
  Virtual IP address is 192.168.1.1
  Virtual MAC address is 0000.5e00.0101
  Advertisement interval is 1.000 sec
  Preemption enabled
  Priority is 200
  Master Router is 192.168.1.10 (local), priority is 200
  Master Advertisement interval is 1.000 sec
  Master Down interval is 3.218 sec

Vlan50 - Group 2 
  State is Backup 
  Virtual IP address is 192.168.1.2
  Virtual MAC address is 0000.5e00.0102
  Advertisement interval is 1.000 sec
  Preemption enabled
  Priority is 100
  Master Router is 192.168.1.11, priority is 200
  Master Advertisement interval is 1.000 sec
  Master Down interval is 3.609 sec (expires in 3.113 sec)

三、GLBP

而GLBP与前两者的特性有较大的出入,主要体现在客户机的配置上。对于前两者,客户机要分别指定不同的网关来实现均衡负载,而GLBP则可以指定为同一个网关,因为GLBP中有一台路由器(AVG)会负责处理客户机的ARP请求,并能够将其他路由器的MAC地址分配给不同的客户机。实际上,响应的并不是某一台具体路由器的物理MAC地址,而是一个虚拟的MAC地址,这样做的好处是,即使某一台路由器down掉,其他路由器可以接管这个虚拟MAC地址,从而不会影响到客户机。每个虚拟MAC地址中会有一台路由器成为AVF,同时它也是其他虚拟MAC地址的监听者,它正常情况下负责转发客户机发送给该虚拟MAC地址的数据,而如果这个AVF down掉,那么其他路由器将接管这个AVF角色。

SW1(config)#interface vlan 50
SW1(config-if)#ip address 192.168.1.10 255.255.255.0
SW1(config-if)#glbp 1 priority 200
SW1(config-if)#glbp 1 preempt
SW1(config-if)#glbp 1 ip 192.168.1.1

*Mar  1 01:59:11.643: %GLBP-6-STATECHANGE: Vlan50 Grp 1 state Standby -> Active
*Mar  1 02:16:41.803: %GLBP-6-FWDSTATECHANGE: Vlan50 Grp 1 Fwd 1 state Active -> Listen
*Mar  1 02:16:41.867: %GLBP-6-FWDSTATECHANGE: Vlan50 Grp 1 Fwd 2 state Active -> Listen
*Mar  1 02:16:54.751: %GLBP-6-FWDSTATECHANGE: Vlan50 Grp 1 Fwd 3 state Listen -> Active

上面有几条输出的信息,第一条显示SW1成为AVG,同时最后一条显示它同时担当序号为3的虚拟MAC地址的AVF,而对于序号为1和2的虚拟MAC地址,它则是一个监听者。

SW1#show glbp brief
Interface   Grp  Fwd Pri State    Address         Active router   Standby route
Vl50        1    -   200 Active   192.168.1.1     local           192.168.1.11 
Vl50        1    1   7   Listen   0007.b400.0101  192.168.1.11    -
Vl50        1    2   7   Listen   0007.b400.0102  192.168.1.12    -
Vl50        1    3   7   Active   0007.b400.0103  local           -

这里更明确显示SW1的角色:是group 1的AVG,同时也是虚拟MAC地址0007.b400.0103的AVF,还是其他两个虚拟MAC地址的监听者(我们可以将其称为备用AVF)。

本实例还增加多了一台路由器SW4。

其他两台路由器的配置

 SW2(config)#interface vlan 50
SW2(config-if)#ip address 192.168.1.11 255.255.255.0
SW2(config-if)#glbp 1 priority 150
SW2(config-if)#glbp 1 preempt
SW2(config-if)#glbp 1 ip 192.168.1.1

SW4(config)#interface vlan 50
SW4(config-if)#ip add 192.168.1.12 255.255.255.0
SW4(config-if)#glbp 1 priority 100
SW4(config-if)#glbp 1 ip 192.168.1.1

 

  评论这张
 
阅读(3526)| 评论(2)
推荐 转载

历史上的今天

评论

<#--最新日志,群博日志--> <#--推荐日志--> <#--引用记录--> <#--博主推荐--> <#--随机阅读--> <#--首页推荐--> <#--历史上的今天--> <#--被推荐日志--> <#--上一篇,下一篇--> <#-- 热度 --> <#-- 网易新闻广告 --> <#--右边模块结构--> <#--评论模块结构--> <#--引用模块结构--> <#--博主发起的投票-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

页脚

网易公司版权所有 ©1997-2018