天天看點
傳回

基于三層交換機的VRRP技術--MSTP、VRRP的綜合運用

MSTP (多生成樹) 每個VLAN或者幾個VLAN擁有一顆生成樹,基于執行個體的生成樹。instance 1、instance 2 每個執行個體擁有一顆生成樹。MSTP可以實作多VLAN 的負載分擔,可以實作多廠商對接。

VRRP虛拟路由備援協定(Virtual Router Redundancy Protocol)是由IETF提出的解決區域網路中配置靜态網關出現單點失效現象的路由協定。

注意:當MSTP 和VRRP共同存在時,我們必須要做MSTP的區域設定以及執行個體優先級,網絡中二層MSTP的Vlan主根和三層VRRP的master網關要放在同一台裝置上。在下面的圖中,我們把Vlan10的instance 1的根橋設定為LSW1,Vlan10的網關裝置也設定為LSW1。Vlan20的instance 2的根橋設定為LSW2,Vlan20的網關裝置也為LSW2。

基于三層交換機的VRRP技術--MSTP、VRRP的綜合運用

如圖,PC1、PC2是企業内網的主機,分别屬于VLAN10和VLAN20,LSW1和LSW2之間的g0/0/2口和g0/0/3口之間形成鍊路聚合。AR1是企業邊界路由器,用于和外網通信。AR1、LSW1和LSW2之間運作ospf協定。LSW1、LSW2和LSW3之間運作MSTP協定。要讓PC1、PC2出去和回來的流量方向一緻,且形成第一跳網關備援,且負載均衡。如下是配置

PC1 

PC>ipconfig

IPv4 address......................: 192.168.10.10
Subnet mask.......................: 255.255.255.0
Gateway...........................: 192.168.10.254
Physical address..................: 54-89-98-55-50-74
VLAN..............................: 10

PC2 

PC>ipconfig

IPv4 address......................: 192.168.20.10
Subnet mask.......................: 255.255.255.0
Gateway...........................: 192.168.20.254
Physical address..................: 54-89-98-85-59-50
Vlan..............................: 20

LSW1 

[LSW1]display current-configuration 
#
vlan batch 10 20 100
#
stp instance 1 priority 4096
stp instance 2 priority 8192
#
stp region-configuration
 region-name MSTP
 instance 1 vlan 10
 instance 2 vlan 20
 active region-configuration
#
interface Vlanif10
 ip address 192.168.10.1 255.255.255.0
 vrrp vrid 10 virtual-ip 192.168.10.254
 vrrp vrid 10 priority 150
 vrrp vrid 10 preempt-mode timer delay 10
 vrrp vrid 10 track interface GigabitEthernet0/0/4 reduced 60
 vrrp vrid 10 authentication-mode md5 GX2lR,}C+Ky~t+Byca8YR#(#
#
interface Vlanif20
 ip address 192.168.20.1 255.255.255.0
 vrrp vrid 20 virtual-ip 192.168.20.254
 vrrp vrid 20 authentication-mode md5 L>YK#S.jKJu:|l#3M^#3"$f#
#
interface Vlanif100
 ip address 192.168.30.1 255.255.255.0
#
interface Eth-Trunk1
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/2
 eth-trunk 1
#
interface GigabitEthernet0/0/3
 eth-trunk 1
#
interface GigabitEthernet0/0/4
 port link-type access
 port default vlan 100
#
ospf 100 router-id 192.168.30.1
 import-route direct route-policy POLICY
 area 0.0.0.0
  network 192.168.30.1 0.0.0.0
#
route-policy POLICY permit node 10
 if-match ip-prefix F
 apply cost 10
#
route-policy POLICY permit node 20
 if-match ip-prefix F2
 apply cost 20
#
ip ip-prefix F index 10 permit 192.168.10.0 24
ip ip-prefix F2 index 10 permit 192.168.20.0 24
#

LSW2 

[LSW2]display current-configuration 
#
vlan batch 10 20 100
#
stp instance 1 priority 8192
stp instance 2 priority 4096
#
stp region-configuration
 region-name MSTP
 instance 1 vlan 10
 instance 2 vlan 20
 active region-configuration
#
interface Vlanif10
 ip address 192.168.10.2 255.255.255.0
 vrrp vrid 10 virtual-ip 192.168.10.254
 vrrp vrid 10 authentication-mode md5 CN7EFU,9+,'eKRQqbl+O/%;#
#
interface Vlanif20
 ip address 192.168.20.2 255.255.255.0
 vrrp vrid 20 virtual-ip 192.168.20.254
 vrrp vrid 20 priority 150
 vrrp vrid 20 preempt-mode timer delay 60
 vrrp vrid 20 track interface GigabitEthernet0/0/4 reduced 60
 vrrp vrid 20 authentication-mode md5 :||$@<`|wYu:|l#3M^#36%L#
#
interface Vlanif100
 ip address 192.168.40.2 255.255.255.0
#
interface Eth-Trunk1
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/2
 eth-trunk 1
#
interface GigabitEthernet0/0/3
 eth-trunk 1
#
interface GigabitEthernet0/0/4
 port link-type access
 port default vlan 100
#
ospf 100 router-id 192.168.40.2
 import-route direct route-policy POLICY
 area 0.0.0.0
  network 192.168.40.2 0.0.0.0
#
route-policy POLICY permit node 10
 if-match ip-prefix F
 apply cost 20
#
route-policy POLICY permit node 20
 if-match ip-prefix F2
 apply cost 10
#
ip ip-prefix F index 10 permit 192.168.10.0 24
ip ip-prefix F2 index 10 permit 192.168.20.0 24
#

LSW3 

[LSW3]display current-configuration 
#
vlan batch 10 20
#
stp region-configuration
 region-name MSTP
 instance 1 vlan 10
 instance 2 vlan 20
 active region-configuration
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/3
 port link-type access
 port default vlan 10
 stp edged-port enable
#
interface GigabitEthernet0/0/4
 port link-type trunk
 port trunk allow-pass vlan 20
 stp edged-port enable
#

AR1 

[AR1]display current-configuration
#
interface GigabitEthernet0/0/0
 ip address 192.168.30.2 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ip address 192.168.40.1 255.255.255.0 
#
ospf 100 router-id 111.1.1.1 
 area 0.0.0.0 
  network 192.168.30.2 0.0.0.0 
  network 192.168.40.1 0.0.0.0 
#

基于路由器的VRRP---------->基于路由器的VRRP技術---VRRP的應用

基于防火牆的VRRP --------->基于防火牆的VRRP技術--華為防火牆雙機熱備--VGMP

生成樹 區域設定 外網
上一篇: android 麥克風 動畫,錄音麥克風動畫效果
下一篇: 51nod 1109 01組成的N的倍數 【dfs+剪枝+vector】

繼續閱讀