如何利用華爲交換機配置MSTP+VRRP的實驗之一

一、實驗拓撲圖如下

 

 

二、實驗簡介

從拓撲可以看到，我是利用兩個華爲S5700作爲主備核心，在其上建立vlan 20和30 作爲業務vlan，建立vlan100 作爲心跳vlan；利用華爲S3700作爲接入交換機，直接和PC相連，在S3700上建立Vlan20和Vlan30等業務vlan。

三、具體規劃配置如下

在S5700-Master規劃如下：

1、創建vlan 10

interface vlanif 10 ：192.168.10.1  24

Virtual IP : 192.168.10.254

2、創建vlan 20

interface vlanif 20：192.168.20.1 24

Virtual IP : 192.168.20.254

3、創建vlan 100

interface vlanif 100：100.100.100.1 24

4、創建interface Eth-Trunk 1，並配置爲Trunk，只允許vlan100通過，將GE0/0/1和GE0/0/2端口加入到Eth-Trunk1中。

5、配置GE0/0/3和GE0/0/4的端口類型爲Trunk端口，爲了精確只允許業務Vlan通過

在S5700-Backup規劃如下：

1、創建vlan 10

interface vlanif 10 ：192.168.10.2  24

Virtual IP : 192.168.10.254

2、創建vlan 20

interface vlanif 20：192.168.20.2 24

Virtual IP : 192.168.20.254

3、創建vlan 100

interface vlanif 100：100.100.100.2 24

4、創建interface Eth-Trunk 1，並配置爲Trunk，只允許vlan100通過，將GE0/0/1和GE0/0/2端口加入到Eth-Trunk1中。

5、配置GE0/0/3和GE0/0/4的端口類型爲Trunk端口，爲了精確，只允許業務Vlan通過。

備註：1、在S5700交換機與S3700交換機相連的端口上開啓STP，其模式是MSTP，默認的情況下華爲交換機是開啓的，如果沒有開啓，請手動開啓；

S3700A配置規劃如下：

1、創建vlan 10 20 ；

2、將Ethernet0/0/3和Ethernet0/0/4的端口類型爲Trunk，只要允許業務vlan10 和vlan20 通過即可；

S3700B配置規劃如下：

1、創建vlan 10 20 ；

2、將Ethernet0/0/3和Ethernet0/0/4的端口類型爲Trunk，只要允許業務vlan10 和vlan20 通過即可；

四、具體配置如下

1、S5700_Master的配置

<A>dis cu
#
sysname A
#
undo info-center enable
#
vlan batch 10 20 100
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password simple admin
 local-user admin service-type http
#
interface Vlanif1
#
interface Vlanif10
 ip address 192.168.10.1 255.255.255.0
 vrrp vrid 10 virtual-ip 192.168.10.254
 vrrp vrid 10 priority 120
 vrrp vrid 10 preempt-mode timer delay 5
#
interface Vlanif20
 ip address 192.168.20.1 255.255.255.0
 vrrp vrid 20 virtual-ip 192.168.20.254
 vrrp vrid 20 priority 120
 vrrp vrid 20 preempt-mode timer delay 5
#
interface Vlanif100
 ip address 100.100.100.1 255.255.255.0
#
interface MEth0/0/1
#
interface Eth-Trunk1
 port link-type trunk
 port trunk allow-pass vlan 100
#
interface GigabitEthernet0/0/1
 eth-trunk 1
#
interface GigabitEthernet0/0/2
 eth-trunk 1
#
interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/4
 port link-type trunk
 port trunk allow-pass vlan 10 20
interface NULL0
#
user-interface con 0
user-interface vty 0 4
#
return
<A>
2、S5700_Backup的配置
<B>dis cu
#
sysname B
#
undo info-center enable
#
vlan batch 10 20 100
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password simple admin
 local-user admin service-type http
#
interface Vlanif1
#
interface Vlanif10
 ip address 192.168.10.2 255.255.255.0
 vrrp vrid 10 virtual-ip 192.168.10.254
#
interface Vlanif20
 ip address 192.168.20.2 255.255.255.0
 vrrp vrid 20 virtual-ip 192.168.20.254
#
interface Vlanif100
 ip address 100.100.100.2 255.255.255.0
#
interface MEth0/0/1
#
interface Eth-Trunk1
 port link-type trunk
 port trunk allow-pass vlan 100
#
interface GigabitEthernet0/0/1
 eth-trunk 1
#
interface GigabitEthernet0/0/2
 eth-trunk 1
#
interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/4
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
user-interface con 0
user-interface vty 0 4
#
return
<B>
3、S3700A的配置

<S3700A>dis cu
#
sysname S3700A
#
undo info-center enable
#
vlan batch 10 20
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password simple admin
 local-user admin service-type http
#
interface Vlanif1
#
interface MEth0/0/1
#
interface Ethernet0/0/1
 port link-type access
 port default vlan 10
#
interface Ethernet0/0/2
#
interface Ethernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface Ethernet0/0/4
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
user-interface con 0
user-interface vty 0 4
#
return
<S3700A>

4、S3700B的配置如下

<S3700B>dis cu
#
sysname S3700B
#
undo info-center enable
#
vlan batch 10 20
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password simple admin
 local-user admin service-type http
#
interface Vlanif1
#
interface MEth0/0/1
#
interface Ethernet0/0/1
 port link-type access
 port default vlan 20
#
interface Ethernet0/0/2
#
interface Ethernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface Ethernet0/0/4
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
user-interface con 0
user-interface vty 0 4
#
return
<S3700B>
五、利用display命令查看VRRP的運行情況
<B>dis vrrp
  Vlanif10 | Virtual Router 10
    State : Backup
    Virtual IP : 192.168.10.254
    Master IP : 192.168.10.1
    PriorityRun : 100
    PriorityConfig : 100
    MasterPriority : 120
    Preempt : YES   Delay Time : 0 s
    TimerRun : 1 s
    TimerConfig : 1 s
    Auth type : NONE
    Virtual MAC : 0000-5e00-010a
    Check TTL : YES
    Config type : normal-vrrp
    Create time : 2012-11-21 17:02:12 UTC-08:00
    Last change time : 2012-11-21 17:05:36 UTC-08:00

  Vlanif20 | Virtual Router 20
    State : Backup
    Virtual IP : 192.168.20.254
    Master IP : 192.168.20.1
    PriorityRun : 100
    PriorityConfig : 100
    MasterPriority : 120
    Preempt : YES   Delay Time : 0 s
    TimerRun : 1 s
    TimerConfig : 1 s
    Auth type : NONE
    Virtual MAC : 0000-5e00-0114
    Check TTL : YES
    Config type : normal-vrrp
    Create time : 2012-11-21 17:02:12 UTC-08:00
    Last change time : 2012-11-21 17:05:36 UTC-08:00

<B>
<A>dis vrrp
  Vlanif10 | Virtual Router 10
    State : Master
    Virtual IP : 192.168.10.254
    Master IP : 192.168.10.1
    PriorityRun : 120
    PriorityConfig : 120
    MasterPriority : 120
    Preempt : YES   Delay Time : 5 s
    TimerRun : 1 s
    TimerConfig : 1 s
    Auth type : NONE
    Virtual MAC : 0000-5e00-010a
    Check TTL : YES
    Config type : normal-vrrp
    Create time : 2012-11-21 17:05:18 UTC-08:00
    Last change time : 2012-11-21 17:05:35 UTC-08:00

  Vlanif20 | Virtual Router 20
    State : Master
    Virtual IP : 192.168.20.254
    Master IP : 192.168.20.1
    PriorityRun : 120
    PriorityConfig : 120
    MasterPriority : 120
    Preempt : YES   Delay Time : 5 s
    TimerRun : 1 s
    TimerConfig : 1 s
    Auth type : NONE
    Virtual MAC : 0000-5e00-0114
    Check TTL : YES
    Config type : normal-vrrp
    Create time : 2012-11-21 17:05:18 UTC-08:00
    Last change time : 2012-11-21 17:05:35 UTC-08:00

<A>

怎麼樣，你學會了嗎，這個比較簡單，可能有不完善的地方，大家看到後可以留言，我必定加以完善。