VRRP的理解

VRRP:虚拟路由冗余协议
作用:在一个网段的 多个网关之间,形成一个虚拟路由器,从而实现增强网关的稳定性。
原理:在多个真实的网关(接口)上运行VRRP 以后,多个网关之间会互相发送VRRP的(通告)报文,从而进行网关设备角色的选举。
角色
master:主网关
用来真正的转发用户发送的数据包;
在一个网段中,永远只有一个。
backup: 备份网关
平时不转发用户数据, 仅仅是监控(被动监控)主网关设备的状态。
如果主网关挂掉,则直接将自己升级为主网关;如果主网关没有挂掉,则一直保持backup状态;在一个网段中,可以有多个。

相关术语

  • VRRP路由
    运行VRRP协议的路由。一台VRRP路由器(的接口)可以同时参与到多个VRRP组中,在不同的组中,一台VRRP路由器可以充当不同的角色。
  • VRRP组
    一个VRRP组由多个VRRP路由器组成,使用相同的VRID进行标识,属于同一VRRP组的VRRP路由器相互交换信息,每一个VRRP组中只能有一个Master。
  • 虚拟MAC地址
    即虚拟路由器根据VRID生成的MAC地址。
    一个虚拟路由器拥有一个虚拟MAC地址,格式为:00-00-5E-00-01-{VRID}。
    当虚拟路由器回应ARP请求时,使用虚拟MAC地址,而不是接口的真实MAC地址。
  • 优先级
    用来标识虚拟路由器中各成员路由器的优先级。
    虚拟路由器根据优先级选举出Master和Backup。

VRRP工作流程

  1. Master选举:从VRRP组中选举一个Master,其余为Backup。
  2. 各设备协调工作:Master负责虚拟路由器的工作,Backup负责监听Master的状态。
  3. 故障转移:Master出现故障,回到步骤1。

    VRRP状态机

    VRRP协议的状态共有三种, 分别为初始状态(Initialize)、活动状态(Master)、备份状态(Backup)。
    ::: hljs-center

VRRP状态机.png

:::

  1. Initialize(初始状态): 设备启动时进入此状态,当收到接口 Startup的消息,将转入Backup或Master状态(IP地址拥有者的接口优先级为255,直接转为Master)。在此状态时,不会对VRRP报**任何处理。
  2. Master(活动状态):此状态的路由器会 定期发送 VRRP报文。以虚拟MAC地址响应对虚拟IP地址的ARP请求。转发目的MAC地址为虚拟MAC地址的IP报文。 如果它是虚拟 IP地址的拥有者,则接收目的IP地址为这个虚拟IP地址的IP报文。否则,丢弃这个IP报文。
  3. Backup(备状态):此状态的路由器会接收Master发送的VRRP报文,判断Master的状态是否正常。它对虚拟IP地址的ARP请求,不做响应。且丢弃目的MAC地址为虚拟MAC地址的IP报文。丢弃目的IP地址为虚拟IP地址的IP报文。

VRRP配置实验

::: hljs-center

VRRP课堂实验.png

:::
AR1配置

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]un in en
Info: Information center is disabled.
[Huawei]us  
[Huawei]user-in 
[Huawei]user-interface con  
[Huawei]user-interface console 0
[Huawei-ui-console0]i   
[Huawei-ui-console0]idle-timeout 0 0
[Huawei-ui-console0]q
[Huawei]sys R1
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 13.0.0.2 24
[R1-GigabitEthernet0/0/0]un shu
Info: Interface GigabitEthernet0/0/0 is not shutdown.
[R1-GigabitEthernet0/0/0]int g0/0/1
[R1-GigabitEthernet0/0/1]ip add 23.0.0.2 24
[R1-GigabitEthernet0/0/1]un shu
Info: Interface GigabitEthernet0/0/1 is not shutdown.
[R1-GigabitEthernet0/0/1]q
[R1]int l   
[R1]int LoopBack 1
[R1-LoopBack1]ip add 30.0.0.1 24
[R1-LoopBack1]q
[R1]dis ip br
           ^
Error: Unrecognized command found at '^' position.
[R1]dis ip int b    
[R1]dis ip int brief 
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 1
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 1

Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              13.0.0.2/24          up         up        
GigabitEthernet0/0/1              23.0.0.2/24          up         up        
GigabitEthernet0/0/2              unassigned           down       down      
LoopBack1                         30.0.0.1/24          up         up(s)     
NULL0                             unassigned           up         up(s)     
[R1]q
<R1>sa
  The current configuration will be written to the device. 
  Are you sure to continue? (y/n)[n]:y
  It will take several minutes to save configuration file, please wait.......
  Configuration file had been saved successfully
  Note: The configuration file will take effect after being activated
<R1>

SW1配置

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]un in en
Info: Information center is disabled.
[Huawei]us  
[Huawei]user-in 
[Huawei]user-interface con  
[Huawei]user-interface console 0
[Huawei-ui-console0]i   
[Huawei-ui-console0]idle-timeout 0 0
[Huawei-ui-console0]q
[Huawei]sys SW1
[SW1]v b 10 20
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW1]int e0/0/1
[SW1-Ethernet0/0/1]p l a
[SW1-Ethernet0/0/1]p d v 10
[SW1-Ethernet0/0/1]un shu
Info: Interface Ethernet0/0/1 is not shutdown.
[SW1-Ethernet0/0/1]int e0/0/2
[SW1-Ethernet0/0/2]p l a
[SW1-Ethernet0/0/2]p d v 20
[SW1-Ethernet0/0/2]un shu
Info: Interface Ethernet0/0/2 is not shutdown.
[SW1-Ethernet0/0/2]int e0/0/3
[SW1-Ethernet0/0/3]p l t
[SW1-Ethernet0/0/3]p t a v a
[SW1-Ethernet0/0/3]
[SW1-Ethernet0/0/3]int e0/0/4
[SW1-Ethernet0/0/4]p l t
[SW1-Ethernet0/0/4]p t a v a
[SW1-Ethernet0/0/4]un shu
Info: Interface Ethernet0/0/4 is not shutdown.
[SW1-Ethernet0/0/4]int e0/0/3
[SW1-Ethernet0/0/3]un shu
Info: Interface Ethernet0/0/3 is not shutdown.
[SW1-Ethernet0/0/3]q
[SW1]q
<SW1>sa
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.
<SW1>

SW2配置

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]un in en
Info: Information center is disabled.
[Huawei]us  
[Huawei]user-in 
[Huawei]user-interface con  
[Huawei]user-interface console 0
[Huawei-ui-console0]i   
[Huawei-ui-console0]idle-timeout 0 0
[Huawei-ui-console0]q
[Huawei]sys SW2
[SW2]v b 10 20 100
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW2]int g0/0/1
[SW2-GigabitEthernet0/0/1]p l t
[SW2-GigabitEthernet0/0/1]p t a v a
[SW2-GigabitEthernet0/0/1]un shu
Info: Interface GigabitEthernet0/0/1 is not shutdown.
[SW2-GigabitEthernet0/0/1]dis th
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
return
[SW2-GigabitEthernet0/0/1]int g0/0/2
[SW2-GigabitEthernet0/0/2]p l a
[SW2-GigabitEthernet0/0/2]p d v 100
[SW2-GigabitEthernet0/0/2]un shu
Info: Interface GigabitEthernet0/0/2 is not shutdown.
[SW2-GigabitEthernet0/0/2]dis th
#
interface GigabitEthernet0/0/2
 port link-type access
 port default vlan 100
#
return
[SW2-GigabitEthernet0/0/2]q
[SW2]int v  
[SW2]int Vlanif 10
[SW2-Vlanif10]ip add 192.168.10.100 24
[SW2-Vlanif10]un shu
Info: Interface Vlanif10 is not shutdown.
[SW2-Vlanif10]int Vlanif 20
[SW2-Vlanif20]ip add 192.168.20.100 24
[SW2-Vlanif20]un shu
Info: Interface Vlanif20 is not shutdown.
[SW2-Vlanif20]int v 
[SW2-Vlanif20]int vl    
[SW2-Vlanif20]int vl    
[SW2-Vlanif20]int vlanif 100
[SW2-Vlanif100]ip add 13.0.0.1 24
[SW2-Vlanif100]un shu
Info: Interface Vlanif100 is not shutdown.
[SW2-Vlanif100]q
[SW2]int v  
[SW2]int Vlanif 10
[SW2-Vlanif10]vrr   
[SW2-Vlanif10]vrrp v    
[SW2-Vlanif10]vrrp vrid 10 vi   
[SW2-Vlanif10]vrrp vrid 10 virtual-ip 192.168.10.1
[SW2-Vlanif10]vrr   
[SW2-Vlanif10]vrrp v    
[SW2-Vlanif10]vrrp vrid 10  
[SW2-Vlanif10]vrrp vrid 10 p    
[SW2-Vlanif10]vrrp vrid 10 pri  
[SW2-Vlanif10]vrrp vrid 10 priority 120
[SW2-Vlanif10]vrrp  
[SW2-Vlanif10]vrrp v    
[SW2-Vlanif10]vrrp vrid 10 pr   
[SW2-Vlanif10]vrrp vrid 10 pree 
[SW2-Vlanif10]vrrp vrid 10 preempt-mode ti  
[SW2-Vlanif10]vrrp vrid 10 preempt-mode timer de    
[SW2-Vlanif10]vrrp vrid 10 preempt-mode timer delay 3
[SW2-Vlanif10]vr    
[SW2-Vlanif10]vrrpv 
[SW2-Vlanif10]vrrp v    
[SW2-Vlanif10]vrrp vrid 10 t    
[SW2-Vlanif10]vrrp vrid 10 tr   
[SW2-Vlanif10]vrrp vrid 10 track int    
[SW2-Vlanif10]vrrp vrid 10 track interface g0/0/2 re    
[SW2-Vlanif10]vrrp vrid 10 track interface g0/0/2 reduced 30
[SW2-Vlanif10]q
[SW2]int vl 
[SW2]int Vlanif 20
[SW2-Vlanif20]vrr   
[SW2-Vlanif20]vrrp v    
[SW2-Vlanif20]vrrp vrid 20 vi   
[SW2-Vlanif20]vrrp vrid 20 virtual-ip 192.168.20.1
[SW2-Vlanif20]q
[SW2]q
<SW2>sa
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.
<SW2>

SW3配置

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]un in en
Info: Information center is disabled.
[Huawei]us  
[Huawei]user-in 
[Huawei]user-interface con  
[Huawei]user-interface console 0
[Huawei-ui-console0]i   
[Huawei-ui-console0]idle-timeout 0 0
[Huawei-ui-console0]q
[Huawei]sys SW3
[SW3]int g0/0/1
[SW3-GigabitEthernet0/0/1]q
[SW3]v b 10 20 100
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW3]int g0/0/1
[SW3-GigabitEthernet0/0/1]p l a
[SW3-GigabitEthernet0/0/1]p t a v a
                          ^
Error:Ambiguous command found at '^' position.
[SW3-GigabitEthernet0/0/1]p l t
[SW3-GigabitEthernet0/0/1]p t a v a
[SW3-GigabitEthernet0/0/1]int g0/0/2
[SW3-GigabitEthernet0/0/2]p l a
[SW3-GigabitEthernet0/0/2]p d v 100
[SW3-GigabitEthernet0/0/2]un shu
Info: Interface GigabitEthernet0/0/2 is not shutdown.
[SW3-GigabitEthernet0/0/2]q
[SW3]int v  
[SW3]int Vlanif 10
[SW3-Vlanif10]ip add 192.168.10.200 24
[SW3-Vlanif10]un shu
Info: Interface Vlanif10 is not shutdown.
[SW3-Vlanif10]int Vlanif 20
[SW3-Vlanif20]ip add 192.168.20.200 24
[SW3-Vlanif20]un shu
Info: Interface Vlanif20 is not shutdown.
[SW3-Vlanif20]int vlan  
[SW3-Vlanif20]int vlanif 100
[SW3-Vlanif100]ip add 23.0.0.1 24
[SW3-Vlanif100]un shu
Info: Interface Vlanif100 is not shutdown.
[SW3-Vlanif100]di in  br
PHY: Physical
*down: administratively down
(l): loopback
(s): spoofing
(b): BFD down
(e): ETHOAM down
(dl): DLDP down
(d): Dampening Suppressed
InUti/OutUti: input utility/output utility
Interface                   PHY   Protocol InUti OutUti   inErrors  outErrors
GigabitEthernet0/0/1        up    up          0%     0%          0          0
GigabitEthernet0/0/2        up    up          0%     0%          0          0
GigabitEthernet0/0/3        down  down        0%     0%          0          0
GigabitEthernet0/0/4        down  down        0%     0%          0          0
GigabitEthernet0/0/5        down  down        0%     0%          0          0
GigabitEthernet0/0/6        down  down        0%     0%          0          0
GigabitEthernet0/0/7        down  down        0%     0%          0          0
GigabitEthernet0/0/8        down  down        0%     0%          0          0
GigabitEthernet0/0/9        down  down        0%     0%          0          0
GigabitEthernet0/0/10       down  down        0%     0%          0          0
GigabitEthernet0/0/11       down  down        0%     0%          0          0
GigabitEthernet0/0/12       down  down        0%     0%          0          0
GigabitEthernet0/0/13       down  down        0%     0%          0          0
GigabitEthernet0/0/14       down  down        0%     0%          0          0
GigabitEthernet0/0/15       down  down        0%     0%          0          0
GigabitEthernet0/0/16       down  down        0%     0%          0          0
GigabitEthernet0/0/17       down  down        0%     0%          0          0
GigabitEthernet0/0/18       down  down        0%     0%          0          0
GigabitEthernet0/0/19       down  down        0%     0%          0          0
GigabitEthernet0/0/20       down  down        0%     0%          0          0
GigabitEthernet0/0/21       down  down        0%     0%          0          0
GigabitEthernet0/0/22       down  down        0%     0%          0          0
GigabitEthernet0/0/23       down  down        0%     0%          0          0
GigabitEthernet0/0/24       down  down        0%     0%          0          0
MEth0/0/1                   down  down        0%     0%          0          0
NULL0                       up    up(s)       0%     0%          0          0
Vlanif1                     up    down        --     --          0          0
Vlanif10                    up    up          --     --          0          0
Vlanif20                    up    up          --     --          0          0
Vlanif100                   up    up          --     --          0          0
[SW3-Vlanif100]q
[SW3]int v  
[SW3]int Vlanif 10
[SW3-Vlanif10]vrr   
[SW3-Vlanif10]vrrp v    
[SW3-Vlanif10]vrrp vrid 10 v    
[SW3-Vlanif10]vrrp vrid 10 virtual-ip 192.168.10.1
[SW3-Vlanif10]vr    
[SW3-Vlanif10]vrrp v    
[SW3-Vlanif10]vrrp vrid 10 p    
[SW3-Vlanif10]vrrp vrid 10 pri  
[SW3-Vlanif10]vrrp vrid 10 priority 115
[SW3-Vlanif10]q
[SW3]in 
[SW3]int    
[SW3]int vl 
[SW3]int Vlanif 20
[SW3-Vlanif20]vrr   
[SW3-Vlanif20]vrrp v    
[SW3-Vlanif20]vrrp vrid 20 v    
[SW3-Vlanif20]vrrp vrid 20 virtual-ip 192.168.20.1
[SW3-Vlanif20]v 
[SW3-Vlanif20]vrrp v    
[SW3-Vlanif20]vrrp vrid 20 pri  
[SW3-Vlanif20]vrrp vrid 20 priority 120
[SW3-Vlanif20]v 
[SW3-Vlanif20]vrrp v    
[SW3-Vlanif20]vrrp vrid 20 tr   
[SW3-Vlanif20]vrrp vrid 20 track in 
[SW3-Vlanif20]vrrp vrid 20 track interface g0/0/2 re    
[SW3-Vlanif20]vrrp vrid 20 track interface g0/0/2 reduced 30
[SW3-Vlanif20]q
[SW3]dis vr 
[SW3]dis vrrp
  Vlanif10 | Virtual Router 10
    State : Backup
    Virtual IP : 192.168.10.1
    Master IP : 192.168.10.100
    PriorityRun : 115
    PriorityConfig : 115
    MasterPriority : 120
    Preempt : YES   Delay Time : 0 s
    TimerRun : 1 s
    TimerConfig : 1 s
    Auth type : NONE
    Virtual MAC : 0000-5e00-010a
    Check TTL : YES
    Config type : normal-vrrp
    Create time : 2021-10-19 15:32:11 UTC-08:00
    Last change time : 2021-10-19 15:32:11 UTC-08:00

  Vlanif20 | Virtual Router 20
    State : Master
    Virtual IP : 192.168.20.1
    Master IP : 192.168.20.200
    PriorityRun : 120
    PriorityConfig : 120
    MasterPriority : 120
    Preempt : YES   Delay Time : 0 s
    TimerRun : 1 s
    TimerConfig : 1 s
    Auth type : NONE
    Virtual MAC : 0000-5e00-0114
    Check TTL : YES
    Config type : normal-vrrp
    Track IF : GigabitEthernet0/0/2   Priority reduced : 30
    IF state : UP
    Create time : 2021-10-19 15:32:51 UTC-08:00
    Last change time : 2021-10-19 15:33:03 UTC-08:00

[SW3]q
<SW3>sa
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.
<SW3>