VRRP多备份组配置举例 一、组网需求 如图所示,某公司为了实现网关设备的冗余备份,以及内网主机流量的负载分担,在内部网络的出口处部署了两台设备,并使用VRRP负载分担功能,将这两台设备组成两台虚拟路由器,分别作为区域A和区域B的缺省网关。具体应用需求如下: · Device A是VRRP备份组1中的Master设备,Device B是VRRP备份组2中的Master设备。在正常情况下,区域A的用户通过Device A进行数据转发,区域B的用户通过Device B进行数据转发。 · 当Device A或者Device A的上行接口发生故障后,Device B能够迅速承担区域A内主机流量的转发任务;Device A故障恢复后,继续承担VRRP备份组1的网关功能; · 当Device B或者Device B的上行接口故障发生故障后,Device A能够迅速承担区域B内主机流量的转发任务;Device B故障恢复后,继续承担VRRP备份组2的网关功能。 图VRRP多备份组配置组网图
二、配置步骤
(1) Device A的配置
#配置接口IP地址。
<DeviceA> system-view
[DeviceA] interface gigabitethernet 1/1
[DeviceA-GigabitEthernet1/1] ip address 10.0.0.2 24
[DeviceA-GigabitEthernet1/1] quit
#请参考以上方法配置图2中其它接口的IP地址,配置步骤这里省略。
#创建VRRP备份组1,并配置VRRP备份组1的虚拟IP地址为10.0.0.1,并配置Device A在VRRP备份组1中的优先级为120,高于Device B的优先级。
[DeviceA] interface gigabitethernet 1/1
[DeviceA-GigabitEthernet1/1] vrrp vrid 1 virtual-ip 10.0.0.1
[DeviceA-GigabitEthernet1/1] vrrp vrid 1 priority 120
[DeviceA-GigabitEthernet1/1] quit
#创建VRRP备份组2,并配置VRRP备份组2的虚拟IP地址为11.0.0.1。
[DeviceA] interface gigabitethernet 1/3
[DeviceA-GigabitEthernet1/3] vrrp vrid 2 virtual-ip 11.0.0.1
[DeviceA-GigabitEthernet1/3] quit
#设置Device A工作在抢占方式,配置抢占延迟时间为5秒。
[DeviceA] interface gigabitethernet 1/1
[DeviceA-GigabitEthernet1/1] vrrp vrid 1 preempt-mode delay 5
[DeviceA-GigabitEthernet1/1] quit
#创建和上行接口GigabitEthernet1/2物理状态关联的Track项1。
[DeviceA] track 1 interface gigabitethernet 1/2
#配置监视Track项1,Track项的状态为Negative时,Device A在VRRP备份组1中的优先级降低的数值为50。
[DeviceA] interface gigabitethernet 1/1
[DeviceA-GigabitEthernet1/1] vrrp vrid 1 track 1 reduced 50
[DeviceA-GigabitEthernet1/1] quit
(2)Device B的配置 <DeviceB> system-view [DeviceB] interface gigabitethernet 1/1 [DeviceB-GigabitEthernet1/1] ip address 10.0.0.3 24 [DeviceB-GigabitEthernet1/1] quit #请参考以上方法配置图2中其它接口的IP地址,配置步骤省略。 #创建VRRP备份组1,并配置VRRP备份组1的虚拟IP地址为10.0.0.1。 [DeviceB] interface gigabitethernet 1/1 [DeviceB-GigabitEthernet1/1] vrrp vrid 1 virtual-ip 10.0.0.1 [DeviceB-GigabitEthernet1/1] quit #创建VRRP备份组2,并配置VRRP备份组2的虚拟IP地址为11.0.0.1,并配置Device B在VRRP备份组2中的优先级为120,高于Device A的优先级。 [DeviceB] interface gigabitethernet 1/3 [DeviceB-GigabitEthernet1/3] vrrp vrid 2 virtual-ip 11.0.0.1 [DeviceB-GigabitEthernet1/3] vrrp vrid 2 priority 120 #设置Device B工作在抢占方式,配置抢占延迟时间为5秒。 [DeviceB-GigabitEthernet1/3] vrrp vrid 2 preempt-mode delay 5 [DeviceB-GigabitEthernet1/3] quit #创建和上行接口GigabitEthernet 1/2物理状态关联的Track项2。 [DeviceB] track 2 interface gigabitethernet 1/2 #配置监视Track项2,Track项的状态为Negative时,Device B在VRRP备份组2中的优先级降低的数值为50。 [DeviceB] interface gigabitethernet 1/3 [DeviceB-GigabitEthernet1/3] vrrp vrid 2 track 2 reduced 50 [DeviceB-GigabitEthernet1/3] quit
三、验证配置 (1) 配置完成后,区域A和区域B中的主机都可以ping通外网。 #检查区域A的主机到目的端100.0.0.1是否可达。 <host A> ping 100.0.0.1
PING 100.0.0.1 (100.0.0.1): 56 data bytes
56 bytes from 100.0.0.1: seq=0 ttl=128 time=22.43 ms
56 bytes from 100.0.0.1: seq=1 ttl=128 time=7.17 ms
56 bytes from 100.0.0.1: seq=2 ttl=128 time=8.91 ms
56 bytes from 100.0.0.1: seq=3 ttl=128 time=7.45 ms
56 bytes from 100.0.0.1: seq=4 ttl=128 time=9.11 ms --- 100.0.0.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max = 7.17/11.01/22.43 ms #检查区域B的主机到目的端100.1.0.1是否可达。 <host C> ping 100.1.0.1
PING 100.1.0.1 (100.1.0.1): 56 data bytes
56 bytes from 100.1.0.1: seq=0 ttl=128 time=22.43 ms
56 bytes from 100.1.0.1: seq=1 ttl=128 time=7.17 ms
56 bytes from 100.1.0.1: seq=2 ttl=128 time=8.91 ms
56 bytes from 100.1.0.1: seq=3 ttl=128 time=7.45 ms
56 bytes from 100.1.0.1: seq=4 ttl=128 time=9.11 ms --- 100.1.0.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max = 7.17/11.01/22.43 ms
(2) 通过display vrrp verbose命令查看配置后的结果。 #查看Device A上全部IPv4 VRRP备份组的详细信息,显示Device A在VRRP备份组1中为Master设备,在VRRP备份组2中为Backup设备。 [DeviceA] display vrrp verbose IPv4 Virtual Router Information: Running Mode : Standard Total number of virtual routers : 2 Interface GigabitEthernet1/1
VRID : 1 Adver Timer : 100
Admin Status : Up State : Master
Config Pri : 120 Running Pri : 120
Preempt Mode : Yes Delay Time : 5
Auth Type : None
Virtual IP : 10.0.0.1
Virtual MAC : 0000-5e00-0101
Master IP : 10.0.0.2
VRRP Track Information:
Track Object : 1 State : Positive Pri Reduced : 50
Interface GigabitEthernet1/3
VRID : 2 Adver Timer : 100
Admin Status : Up State : Backup
Config Pri : 100 Running Pri : 100
Preempt Mode : Yes Delay Time : 0
Auth Type : None
Become Master : 3550ms left
Virtual IP : 11.0.0.1
Master IP : 11.0.0.3
#查看Device B上全部IPv4 VRRP备份组的详细信息,显示Device B在备份组1中为Backup设备,在备份组2中为Master设备。 [DeviceB] display vrrp verbose IPv4 Virtual Router Information: Running Mode : Standard Total number of virtual routers : 2 Interface GigabitEthernet1/1
VRID : 1 Adver Timer : 100
Admin Status : Up State : Backup
Config Pri : 100 Running Pri : 100
Preempt Mode : Yes Delay Time : 0
Auth Type : None
Become Master : 3500ms left
Virtual IP : 10.0.0.1
Master IP : 10.0.0.2
Interface GigabitEthernet1/3
VRID : 2 Adver Timer : 100
Admin Status : Up State : Master
Config Pri : 120 Running Pri : 120
Preempt Mode : Yes Delay Time : 5
Auth Type : None
Virtual IP : 11.0.0.1
Virtual MAC : 0000-5e00-0102
Master IP : 11.0.0.3
VRRP Track Information:
Track Object : 2 State : Positive Pri Reduced : 50
#Device A出现故障后,通过display vrrp verbose命令查看Device B上备份组的详细信息。可以看到Device B抢占为备份组1的Master。 [DeviceB] display vrrp verbose IPv4 Virtual Router Information: Running Mode : Standard Total number of virtual routers : 2 Interface GigabitEthernet1/1
VRID : 1 Adver Timer : 100
Admin Status : Up State : Master
Config Pri : 100 Running Pri : 100
Preempt Mode : Yes Delay Time : 0
Auth Type : None
Virtual IP : 10.0.0.1
Virtual MAC : 0000-5e00-0101
Master IP : 10.0.0.3
Interface GigabitEthernet1/3
VRID : 2 Adver Timer : 100
Admin Status : Up State : Master
Config Pri : 120 Running Pri : 120
Preempt Mode : Yes Delay Time : 5
Auth Type : None
Virtual IP : 11.0.0.1
Virtual MAC : 0000-5e00-0102
Master IP : 11.0.0.3
VRRP Track Information:
Track Object : 2 State : Positive Pri Reduced : 50
以上显示信息表示Device A出现故障后,区域A和区域B中的主机仍然可以ping通外网。
#当Device A故障恢复后,显示Device A上备份组的详细信息。 [DeviceA] display vrrp verbose IPv4 Virtual Router Information: Running Mode : Standard Total number of virtual routers : 2 Interface GigabitEthernet1/1
VRID : 1 Adver Timer : 100
Admin Status : Up State : Master
Config Pri : 120 Running Pri : 120
Preempt Mode : Yes Delay Time : 5
Auth Type : None
Virtual IP : 10.0.0.1
Virtual MAC : 0000-5e00-0101
Master IP : 10.0.0.2
VRRP Track Information:
Track Object : 1 State : Positive Pri Reduced : 50
Interface GigabitEthernet1/3
VRID : 2 Adver Timer : 100
Admin Status : Up State : Backup
Config Pri : 100 Running Pri : 100
Preempt Mode : Yes Delay Time : 0
Become Master : 3550ms left
Auth Type : None
Virtual IP : 11.0.0.1
Master IP : 11.0.0.3
以上显示信息表示当Device A故障恢复后,Device A在VRRP备份组1中恢复为原来的优先级并抢占成为该备份组的Master,区域A内的主机通过Device A与外界通信。