中小型公司局域网路由备份访问外网路由配置（华为）

实验名称：内网访问外网 1. 配置思路： 1.先给PC机配置IP地址及子网掩码； PC1：192.168.10.1/24 PC2：192.168.20.1/24 PC3：192.168.10.2/24 PC4：192.168.20.2/24 2.给交换机SW3-SW4-SW5-SW6 创建vlan并把对应的端口加入vlan； <Huawei>system-view [SW3]vlan batch 10 20 [SW3]interface Ethernet0/0/1 [SW3-Ethernet0/0/1]port link-type access [SW3-Ethernet0/0/1]port default vlan 10 [SW3-Ethernet0/0/1]quit [SW3]interface Ethernet0/0/11 [SW3-Ethernet0/0/11]port link-type trunk [SW3-Ethernet0/0/11]port trunk allow-pass vlan all [SW3-Ethernet0/0/11]int gi0/0/13
[SW3-Ethernet0/0/13]port link-type access [SW3-Ethernet0/0/13]undo port link-type [SW3-Ethernet0/0/13]port link-type trunk [SW3-Ethernet0/0/13]port trunk allow-pass vlan all [SW3-Ethernet0/0/13]quit [SW3]q < SW3>save The current configuration will be written to the device. Are you sure to continue?[Y/N]y Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]: Now saving the current configuration to the slot 0. Save the configuration successfully. SW4 <Huawei>system-view [Huawei]sysname SW4 [SW4]vlan batch 10 20 [SW4]interface Ethernet0/0/1 [SW4-Ethernet0/0/1]port link-type access [SW4-Ethernet0/0/1]port default vlan 20 [SW4-Ethernet0/0/1]int e0/0/11 [SW4-Ethernet0/0/11]port link-type trunk [SW4-Ethernet0/0/11]port trunk allow-pass vlan all [SW4-Ethernet0/0/11]int e0/0/14 [SW4-Ethernet0/0/14]port link-type trunk [SW4-Ethernet0/0/14]port trunk allow-pass vlan all [SW4-Ethernet0/0/14]quit [SW4]q <SW4>save The current configuration will be written to the device. Are you sure to continue?[Y/N]y Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]: Now saving the current configuration to the slot 0. Save the configuration successfully. SW5 <Huawei>system-view [Huawei]sysname SW5 [SW5]vlan batch 10 20 [SW5]interface Ethernet0/0/1 [SW5-Ethernet0/0/1]port link-type access [SW5-Ethernet0/0/1]port default vlan 10 [SW5-Ethernet0/0/1]int e0/0/11 [SW5-Ethernet0/0/11]port link-type trunk [SW5-Ethernet0/0/11]port trunk allow-pass vlan all [SW5-Ethernet0/0/11]int e0/0/13 [SW5-Ethernet0/0/13]port link-type trunk [SW5-Ethernet0/0/13]port trunk allow-pass vlan all [SW5-Ethernet0/0/13]quit [SW5]q <SW5>save The current configuration will be written to the device. Are you sure to continue?[Y/N]y Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]: Now saving the current configuration to the slot 0. Save the configuration successfully. SW6 <Huawei>system-view [Huawei]sysname SW6 [SW6]vlan batch 10 20 [SW6]interface Ethernet0/0/1 [SW6-Ethernet0/0/1]port link-type access [SW6-Ethernet0/0/1]port default vlan 20 [SW6-Ethernet0/0/1]int e0/0/11 [SW6-Ethernet0/0/11]port link-type trunk [SW6-Ethernet0/0/11]port trunk allow-pass vlan all [SW6-Ethernet0/0/11]int e0/0/14 [SW6-Ethernet0/0/14]port link-type trunk [SW6-Ethernet0/0/14]port trunk allow-pass vlan all [SW6-Ethernet0/0/14]quit [SW6]q <SW6>save The current configuration will be written to the device. Are you sure to continue?[Y/N]y Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]: Now saving the current configuration to the slot 0. Save the configuration successfully.

3.给路由器配置VRRP虚拟网关及备份网关. 链路的负载均衡 （例如AR1挂掉以后可以通过AR2与外部相连不影响正常工作） <R1>system-view [R1]interface GigabitEthernet 0/0/0 [R1-GigabitEthernet0/0/0]vrrp vrid 10 virtual-ip 192.168.10.254 [R1-GigabitEthernet0/0/0]vrrp vrid 10 priority 250 [R1-GigabitEthernet0/0/0]vrrp vrid 10 track interface GigabitEthernet 0/0/2 reduced 200 [R1-GigabitEthernet0/0/0]quit [R1]interface GigabitEthernet 0/0/1 [R1-GigabitEthernet0/0/1]vrrp vrid 20 virtual-ip 192.168.20.254 [R1-GigabitEthernet0/0/1]vrrp vrid 20 priority 50 [R1-GigabitEthernet0/0/1]vrrp vrid 20 track interface GigabitEthernet 0/0/2 increased 100 [R1-GigabitEthernet0/0/1]quit R2 <Huawei>system-view [R2]interface GigabitEthernet 0/0/0 [R2-GigabitEthernet0/0/0]vrrp vrid 20 virtual-ip 192.168.20.254 [R2-GigabitEthernet0/0/0]vrrp vrid 20 priority 100 [R2-GigabitEthernet0/0/0]vrrp vrid 20 track interface GigabitEthernet 0/0/2 increased 50 [R2-GigabitEthernet0/0/0]quit [R2]interface GigabitEthernet 0/0/1 [R2-GigabitEthernet0/0/1]vrrp vrid 10 virtual-ip 192.168.10.254 [R2-GigabitEthernet0/0/1]vrrp vrid 10 priority 100 [R2-GigabitEthernet0/0/1]vrrp vrid 10 track interface GigabitEthernet 0/0/2 increased 50 [R2-GigabitEthernet0/0/1]quit <Huawei>system-view [R3]interface GigabitEthernet 0/0/1

[R3-GigabitEthernet0/0/1]vrrp vrid 20 virtual-ip 192.168.20.254 [R3-GigabitEthernet0/0/1]vrrp vrid 20 priority 250 [R3-GigabitEthernet0/0/1]vrrp vrid 20 track interface GigabitEthernet 0/0/2 reduced 200 [R3]interface GigabitEthernet 0/0/0 [R3-GigabitEthernet0/0/0]vrrp vrid 10 virtual-ip 192.168.10.254 [R3-GigabitEthernet0/0/0]vrrp vrid 10 priority 80 [R3-GigabitEthernet0/0/0]vrrp vrid 10 track interface GigabitEthernet 0/0/2 increased 20 [R3-GigabitEthernet0/0/0]quit 说明: vlan 10的主网关在AR1上，vlan10的副网关同时在AR2和AR3上，vlan20的主网关在AR3上 ，同时AR1和AR2都具备vlan20的副网关，AR2同时具备vkan10和vlan20的副网关 ； 列如： AR1挂掉了，那么PC1和PC2在AR2和AR3上都可以通过；

4.给连接外网交换机的路由器端口配置IP地址让内网可以访问外网； AR1： <Huawei>system-view [R1]itnerface ethernet 0/0/2 [R1-GigabitEthernet0/0/2]ip address 192.168.30.1 255.255.255.0
[R1-GigabitEthernet0/0/2]quit [R1]ospf 1 [R1-ospf-1]area 0 [R1-ospf-1-area-0.0.0.0]network 192.168.30.1 0.0.0.0 [R1-ospf-1-area-0.0.0.0]network 192.168.10.0 0.0.0.255 [R1-ospf-1-area-0.0.0.0]network 192.168.20.0 0.0.0.255 SW7： <Huawei>system-view [SW7]vlan batch 30 40 [SW7]interface ethernet 0/0/1 [SW7-Ethernet0/0/1]port link-type access [SW7-Ethernet0/0/1]port default vlan 30 [SW7-Ethernet0/0/1]q [SW7]interface Vlanif 30 [SW7-Vlanif30]ip address 192.168.30.2 255.255.255.0 [SW7-Vlanif30]q [SW7]inteface ethernet 0/0/4 [SW7-Ethernet0/0/4]port link-type access [SW7-Ethernet0/0/4]port default vlan 40 [SW7-Ethernet0/0/4]q [SW7]interface Vlanif 40 [SW7-Vlanif40]ip address 192.168.40.1 255.255.255.0 [SW7]ospf 1 [SW7-ospf-1] area 0 [SW7-ospf-1-area-0.0.0.0]network 192.168.30.2 0.0.0.0 [SW7-ospf-1-area-0.0.0.0]network 192.168.40.1 0.0.0.0 R4： <Huawei>system-view [R4]itnerface gi 0/0/1 [R4-GigabitEthernet0/0/1]ip address 192.168.40.2 255.255.255.0 [R4-GigabitEthernet0/0/1]q [R4]interface GigabitEthernet 0/0/0 [R4-GigabitEthernet0/0/0]ip address 192.168.50.254 255.255.255.0 [R4]ospf1 [R4-ospf-1] area 0 [R4-ospf-1-area-0.0.0.0]network 192.168.40.2 0.0.0.0 [R4-ospf-1-area-0.0.0.0]network 192.168.50.254 0.0.0.0 server1： IP：192.168.50.1 255.255.255.0 网关：192.168.50.254 测试： AR2 和 AR3 同理 ；就不做过多操作了。