这篇博客小编想来说说有关网络高可用性的问题,如果读者接触过园区网的规划,就会发现园区网的规划都少不了一种国际标准VRRP(虚拟路由器冗余协议)技术或者思科的HSRP,多了这两种技术的好处就是让园区网的可用性大大的提高了,由于网络设备都是硬件,不知道什么时候会出现问题,为了不影响用户的正常办公,人们便选择使用冗余技术来解决问题。
§ 什么是VRRP?
? VRRP(Virtual Router Redundancy Protocol):虚拟路由冗余协议是用于实现路由器冗余的协议,最新协议在RFC3768中定义。
§ VRRP的定义
? 在该协议中,对共享多存取访问介质(如以太网)上终端IP设备的默认网关(Default Gateway)进行冗余备份,从而在其中一台路由设备宕机时,备份路由设备及时接管转发工作,向用户提供透明的切换,提高了网络服务质量。
§ VRRP路由器
? 是指运行VRRP的路由器,是物理实体。
§ 虚拟路由器
? 是指VRRP协议创建的,是逻辑概念。
§ 主控路由器和备份路由器
? 一个VRRP组中有且只有一台处于主控角色的路由器,可以有一个或者多个处于备份角色的路由器。
? VRRP协议使用选择策略从路由器组中选出一台作为主控,负责ARP响应和转发IP数据包,组中的其它路由器作为备份的角色处于待命状态。
§ VRRP术语
§ 组成虚拟路由器的路由器会有三种状态
? Initialize
系统启动后进入此状态,当收到接口startup的消息,将转入Backup (优先级不为255时)或Master状态(优先级为255时)。在此状态时,路由器不会对VRRP报文做任何处理。
? Master
1.定期发送VRRP组播报文,发送免费(gratuitous)ARP报文
2.响应对虚拟IP地址的ARP请求,并且响应的是虚拟MAC地址,而不是接口的真实MAC地址。转发目的MAC地址为虚拟MAC地址的IP报文
3.在Master状态中只有接收到比自己的优先级大的VRRP报文时,才会转为Backup。只有当接收到接口的Shutdown事件时才会转为Initialize。
? Backup
1.接收Master发送的VRRP组播报文 从中了解Master的状态
2.对虚拟IP地址的ARP请求 不做响应
3.丢弃目的MAC地址为虚拟MAC地址的IP报文
4.丢弃目的IP地址为虚拟IP地址的IP报文
§ VRRP选举
VRRP的路由器都会发送和接收VRRP通告消息
? VRRP优先级
? 接口的IP地址
理论部分小编就说到这里了,然后就是具体实现了,小编这里使用的是华为的设备
小编列出一些常用的配置VRRP的命令
设置虚拟地址是否能被PING通
添加/删除虚拟IP
设置备份组的优先级
设置和取消监控端口
显示VRRP的状态信息
以下是小编的实验拓扑规划,小编这里使用了多网关冗余备份,同时加入了MSTP技术,这样网络的高可用性就大大的提升了
实验详情:
【SW1】
[Huawei-Vlanif40]
[Huawei-Vlanif40]dis cu
#
sysname Huawei
#
vlan batch 10 20 30 40
#
stp instance 10 root primary
stp instance 20 root secondary
#
cluster enable
stp region-configuration
region-name A
revision-level 1
instance 10 vlan 10 20
instance 20 vlan 30 40
active region-configuration
#
interface Vlanif1
#
interface Vlanif10
ip address 192.168.10.1 255.255.255.0
vrrp vrid 10 virtual-ip 192.168.10.254
vrrp vrid 10 priority 120
vrrp vrid 20 virtual-ip 192.168.10.253
#
interface Vlanif20
ip address 192.168.20.1 255.255.255.0
vrrp vrid 21 virtual-ip 192.168.20.254
vrrp vrid 22 virtual-ip 192.168.20.253
vrrp vrid 22 priority 120
#
interface Vlanif30
ip address 192.168.30.1 255.255.255.0
vrrp vrid 31 virtual-ip 192.168.30.254
vrrp vrid 31 priority 120
vrrp vrid 32 virtual-ip 192.168.30.253
#
interface Vlanif40
ip address 192.168.40.1 255.255.255.0
vrrp vrid 41 virtual-ip 192.168.40.254
vrrp vrid 42 virtual-ip 192.168.40.253
vrrp vrid 42 priority 120
#
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
【SW1】
[Huawei]dis vrrp brief
VRID State Interface Type Virtual IP
----------------------------------------------------------------
10 Backup Vlanif10 Normal 192.168.10.253
20 Master Vlanif10 Normal 192.168.10.254
21 Master Vlanif20 Normal 192.168.20.253
22 Backup Vlanif20 Normal 192.168.20.254
31 Backup Vlanif30 Normal 192.168.30.253
32 Master Vlanif30 Normal 192.168.30.254
41 Master Vlanif40 Normal 192.168.40.253
42 Backup Vlanif40 Normal 192.168.40.254
----------------------------------------------------------------
Total:8 Master:4 Backup:4 Non-active:0
【SW2】
[Huawei]dis cu
#
sysname Huawei
#
vlan batch 10 20 30 40
#
stp instance 10 root secondary
stp instance 20 root primary
#
drop illegal-mac alarm
#
diffserv domain default
#
stp region-configuration
region-name A
revision-level 1
instance 10 vlan 10 20
instance 20 vlan 30 40
active region-configuration
interface Vlanif1
#
interface Vlanif10
ip address 192.168.10.2 255.255.255.0
vrrp vrid 10 virtual-ip 192.168.10.254
vrrp vrid 20 virtual-ip 192.168.10.253
vrrp vrid 20 priority 120
#
interface Vlanif20
ip address 192.168.20.2 255.255.255.0
vrrp vrid 21 virtual-ip 192.168.20.254
vrrp vrid 21 priority 120
vrrp vrid 22 virtual-ip 192.168.20.253
#
interface Vlanif30
ip address 192.168.30.2 255.255.255.0
vrrp vrid 31 virtual-ip 192.168.30.254
vrrp vrid 32 virtual-ip 192.168.30.253
vrrp vrid 32 priority 120
#
interface Vlanif40
ip address 192.168.40.2 255.255.255.0
vrrp vrid 41 virtual-ip 192.168.40.254
vrrp vrid 41 priority 120
vrrp vrid 42 virtual-ip 192.168.40.253
#
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/21
port link-type trunk
port trunk allow-pass vlan 2 to 4094
【SW2】
[Huawei]dis vrrp brief
VRID State Interface Type Virtual IP
----------------------------------------------------------------
10 Backup Vlanif10 Normal 192.168.10.254
20 Master Vlanif10 Normal 192.168.10.253
21 Master Vlanif20 Normal 192.168.20.254
22 Backup Vlanif20 Normal 192.168.20.253
31 Backup Vlanif30 Normal 192.168.30.254
32 Master Vlanif30 Normal 192.168.30.253
41 Master Vlanif40 Normal 192.168.40.254
42 Backup Vlanif40 Normal 192.168.40.253
----------------------------------------------------------------
Total:8 Master:4 Backup:4 Non-active:0
【SW2】
Instance 10
[Huawei]dis stp ins
[Huawei]dis stp instance 10
-------[MSTI 10 Global Info]-------
MSTI Bridge ID :4096.4c1f-ccb1-8c98
MSTI RegRoot/IRPC :0.4c1f-cc38-a98d / 1
MSTI RootPortId :128.21
MSTI Root Type :Secondary root
Master Bridge :32768.4c1f-cc17-56ed
Cost to Master :1
TC received :4
TC count per hello :0
Time since last TC :0 days 0h:0m:25s
Number of TC :6
Last TC occurred :Ethernet0/0/21
----[Port1(Ethernet0/0/1)][LEARNING]----
Port Role :Designated Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=1
Designated Bridge/Port :4096.4c1f-ccb1-8c98 / 128.1
Port Times :RemHops 19
TC or TCN send :5
TC or TCN received :0
----[Port2(Ethernet0/0/2)][LEARNING]----
Port Role :Designated Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=1
Designated Bridge/Port :4096.4c1f-ccb1-8c98 / 128.2
Port Times :RemHops 19
TC or TCN send :5
TC or TCN received :2
----[Port21(Ethernet0/0/21)][FORWARDING]----
Port Role :Root Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=1
Designated Bridge/Port :0.4c1f-cc38-a98d / 128.21
Port Times :RemHops 20
TC or TCN send :2
TC or TCN received :2
----[Port22(Ethernet0/0/22)][DISCARDING]----
Port Role :Alternate Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=1
Designated Bridge/Port :0.4c1f-cc38-a98d / 128.22
Port Times :RemHops 20
TC or TCN send :0
TC or TCN received :0
Instance 20
[Huawei]dis stp instance 20
-------[MSTI 20 Global Info]-------
MSTI Bridge ID :0.4c1f-ccb1-8c98
MSTI RegRoot/IRPC :0.4c1f-ccb1-8c98 / 0
MSTI RootPortId :0.0
MSTI Root Type :Primary root
Master Bridge :32768.4c1f-cc17-56ed
Cost to Master :1
TC received :7
TC count per hello :0
Time since last TC :0 days 0h:0m:59s
Number of TC :6
Last TC occurred :Ethernet0/0/22
----[Port1(Ethernet0/0/1)][FORWARDING]----
Port Role :Designated Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=1
Designated Bridge/Port :0.4c1f-ccb1-8c98 / 128.1
Port Times :RemHops 20
TC or TCN send :8
TC or TCN received :0
----[Port2(Ethernet0/0/2)][FORWARDING]----
Port Role :Designated Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=1
Designated Bridge/Port :0.4c1f-ccb1-8c98 / 128.2
Port Times :RemHops 20
TC or TCN send :9
TC or TCN received :3
----[Port21(Ethernet0/0/21)][FORWARDING]----
Port Role :Designated Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=1
Designated Bridge/Port :0.4c1f-ccb1-8c98 / 128.21
Port Times :RemHops 20
TC or TCN send :3
TC or TCN received :4
----[Port22(Ethernet0/0/22)][FORWARDING]----
Port Role :Designated Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=1
Designated Bridge/Port :0.4c1f-ccb1-8c98 / 128.22
Port Times :RemHops 20
TC or TCN send :2
TC or TCN received :0
【SW3】
[Huawei]dis cu
#
sysname Huawei
#
vlan batch 10 20 30 40
#
stp region-configuration
region-name A
revision-level 1
instance 10 vlan 10 20
instance 20 vlan 30 40
active region-configuration
interface Vlanif1
#
interface MEth0/0/1
#
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
return
【SW4】
<Huawei>dis cu
#
sysname Huawei
#
vlan batch 10 20 30 40
#
interface Vlanif1
#
interface MEth0/0/1
#
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#