interface FastEthernet1/0
ip address 172.17.1.2 255.255.255.0
standby 10 ip 172.17.1.1
standby 10 preempt
standby 10 track Serial0/0 20 <--- 如果S0/0 down了,该HSRP实例的优先级会降低20,
end
interface FastEthernet1/0
ip address 172.17.1.3 255.255.255.0
standby 10 ip 172.17.1.1
standby 10 priority 90
standby 10 preempt
standby 10 track Serial0/0 20
end
interface FastEthernet1/0
ip address 172.17.1.2 255.255.255.0
standby 20 ip 172.17.1.1
standby 20 preempt
standby 20 track Serial0/0 20
end
ip address 172.17.1.3 255.255.255.0
standby 20 ip 172.17.1.1
standby 20 priority 90
standby 20 preempt
standby 20 track Serial0/0 20
end
R1#sh ip int bri
Interface IP-Address OK? Method Status Proocol
Serial0/0 10.0.0.1 YES manual up up
FastEthernet1/0 172.17.1.2 YES manual up up
Loopback0 172.17.251.1 YES manual up up
......
172.17.0.0/24 is subnetted, 3 subnets
S 172.17.252.0 [1/0] via 172.17.1.3 <-- next hop R2
[1/0] via 10.0.0.2 <-- next hop R3
C 172.17.251.0 is directly connected, Loopback0
C 172.17.1.0 is directly connected, FastEthernet1/0
10.0.0.0/30 is subnetted, 1 subnets
C 10.0.0.0 is directly connected, Serial0/0
......
S 172.17.252.0 [1/0] via 10.0.1.2
S 172.17.251.0 [1/0] via 172.17.1.2
C 172.17.1.0 is directly connected, FastEthernet1/0
10.0.0.0/30 is subnetted, 1 subnets
C 10.0.1.0 is directly connected, Serial0/0
172.17.0.0/24 is subnetted, 3 subnets
C 172.17.252.0 is directly connected, Loopback0
S 172.17.251.0 [1/0] via 172.17.1.3 <-- next hop R4
[1/0] via 10.0.0.1 <-- next hop R1
C 172.17.1.0 is directly connected, FastEthernet1/0
10.0.0.0/30 is subnetted, 1 subnets
C 10.0.0.0 is directly connected, Serial0/0
Interface IP-Address OK? Method Status Protocol
Serial0/0 10.0.1.2 YES manual up up
FastEthernet1/0 172.17.1.3 YES manual up up
R4#sh ip route
172.17.0.0/24 is subnetted, 3 subnets
S 172.17.252.0 [1/0] via 172.17.1.2
S 172.17.251.0 [1/0] via 10.0.1.1
C 172.17.1.0 is directly connected, FastEthernet1/0
10.0.0.0/30 is subnetted, 1 subnets
C 10.0.1.0 is directly connected, Serial0/0
配置好了,我们来验证一下。我们在R1上使用扩展ping,并且记录路由:
R1#ping
Protocol [ip]:
Target IP address: 172.17.252.1
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 172.17.251.1
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]: R
Number of hops [ 9 ]:
Loose, Strict, Record, Timestamp, Verbose[RV]:
Sweep range of sizes [n]:
Type escape sequence to abort.
......
Record route:
(172.17.1.2)
(10.0.1.1)
(172.17.1.3)
(172.17.252.1)
(172.17.1.2)
(10.0.1.2)
(172.17.1.3)
(172.17.251.1) <*>
(0.0.0.0)
End of list
Total option bytes= 40, padded length=40
Record route:
(10.0.0.1)
(172.17.252.1)
(10.0.0.2)
(172.17.251.1) <*>
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
End of list
Total option bytes= 40, padded length=40
Record route:
(172.17.1.2)
(10.0.1.1)
......
可以看出,两条线路都正常时,负载跑在两条线路上。
R1#sh ip int bri
Interface IP-Address OK? Method Status Protocol
Serial0/0 10.0.0.1 YES manual administratively down down
FastEthernet1/0 172.17.1.2 YES manual up up
Loopback0 172.17.251.1 YES manual up up
R1#sh ip route
172.17.0.0/24 is subnetted, 3 subnets
S 172.17.252.0 [1/0] via 172.17.1.3
C 172.17.251.0 is directly connected, Loopback0
C 172.17.1.0 is directly connected, FastEthernet1/0
172.17.0.0/24 is subnetted, 3 subnets
S 172.17.252.0 [1/0] via 10.0.1.2
S 172.17.251.0 [1/0] via 172.17.1.2
C 172.17.1.0 is directly connected, FastEthernet1/0
10.0.0.0/30 is subnetted, 1 subnets
C 10.0.1.0 is directly connected, Serial0/0
Interface IP-Address OK? Method Status Protocol
Serial0/0 10.0.0.2 YES manual up down
FastEthernet1/0 172.17.1.2 YES manual up up
Loopback0 172.17.252.1 YES manual up up
R3#sh ip route
172.17.0.0/24 is subnetted, 3 subnets
C 172.17.252.0 is directly connected, Loopback0
S 172.17.251.0 [1/0] via 172.17.1.3
C 172.17.1.0 is directly connected, FastEthernet1/0
172.17.0.0/24 is subnetted, 3 subnets
S 172.17.252.0 [1/0] via 172.17.1.2
S 172.17.251.0 [1/0] via 10.0.1.1
C 172.17.1.0 is directly connected, FastEthernet1/0
10.0.0.0/30 is subnetted, 1 subnets
C 10.0.1.0 is directly connected, Serial0/0
R1#ping
Protocol [ip]:
Target IP address: 172.17.252.1
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 172.17.251.1
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]: R
Number of hops [ 9 ]:
Loose, Strict, Record, Timestamp, Verbose[RV]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Reply to request 0 (172 ms).
Record route:
(172.17.1.2)
(10.0.1.1)
(172.17.1.3)
(172.17.252.1)
(172.17.1.2)
(10.0.1.2)
(172.17.1.3)
(172.17.251.1) <*>
(0.0.0.0)
End of list
Record route:
(172.17.1.2)
(10.0.1.1)
(172.17.1.3)
(172.17.252.1)
(172.17.1.2)
(10.0.1.2)
(172.17.1.3)
(172.17.251.1) <*>
(0.0.0.0)
End of list
Record route:
(172.17.1.2)
(10.0.1.1)
(172.17.1.3)
(172.17.252.1)
(172.17.1.2)
(10.0.1.2)
(172.17.1.3)
(172.17.251.1) <*>
(0.0.0.0)
End of list
R1#
可以看出,一条线路失败后,所有负载都跑在正常的线路上。
R1#sh run
interface Serial0/0
ip address 10.0.0.1 255.255.255.252
ip nat outside
!
interface FastEthernet1/0
ip address 172.17.1.2 255.255.255.0
ip nat inside
!
ip nat inside source static 172.17.1.100 172.17.251.100
interface Serial0/0
ip address 10.0.1.1 255.255.255.252
ip nat outside
!
interface FastEthernet1/0
ip address 172.17.1.3 255.255.255.0
ip nat inside
!
ip nat inside source static 172.17.1.100 172.17.251.100
interface Serial0/0
ip address 10.0.0.2 255.255.255.252
ip nat outside
!
interface FastEthernet1/0
ip address 172.17.1.2 255.255.255.0
ip nat inside
!
ip nat inside source static 172.17.1.100 172.17.252.100
interface Serial0/0
ip address 10.0.1.2 255.255.255.252
ip nat outside
!
interface FastEthernet1/0
ip address 172.17.1.3 255.255.255.0
ip nat inside
!
ip nat inside source static 172.17.1.100 172.17.252.100
然后,在客户A的应用服务器上(笔者在设计阶段,用的是模拟器,故用模拟的路由器代替客户A和B的应用服务器)执行扩展ping,并记录路由:
ClientA#ping
Protocol [ip]:
Target IP address: 172.17.252.100
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface:
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Number of hops [ 9 ]:
Loose, Strict, Record, Timestamp, Verbose[RV]:
Sweep range of sizes [n]:
Reply to request 0 (292 ms).
Record route:
(172.17.1.100)
(172.17.1.2)
(10.0.1.1)
(172.17.1.3)
(172.17.1.100)
(172.17.1.100)
(172.17.1.2)
(10.0.1.2)
(172.17.1.3)
<*>
End of list
Record route:
(172.17.1.100)
(10.0.0.1)
(172.17.1.2)
(172.17.1.100)
(172.17.1.100)
(10.0.0.2)
(172.17.1.2)
(172.17.1.100) <*>
(0.0.0.0)
End of list
Total option bytes= 40, padded length=40
Record route:
(172.17.1.100)
(172.17.1.2)
(10.0.1.1)
(172.17.1.3)
(172.17.1.100)
(172.17.1.100)
(172.17.1.2)
(10.0.1.2)
(172.17.1.3)
<*>
End of list
至于一条线路失效后的情况,也跟前面未配置NAT时的情况一样,跟我们预期的一致。