這篇博客小編想來說說有關網絡高可用性的問題,如果讀者接觸過園區網的規劃,就會發現園區網的規劃都少不了一種國際標準VRRP(虛擬路由器冗餘協議)技術或者思科的HSRP,多了這兩種技術的好處就是讓園區網的可用性大大的提高了,由於網絡設備都是硬件,不知道什麼時候會出現問題,爲了不影響用戶的正常辦公,人們便選擇使用冗餘技術來解決問題。
§ 什麼是VRRP?
? VRRP(Virtual Router Redundancy Protocol):虛擬路由冗餘協議是用於實現路由器冗餘的協議,最新協議在RFC3768中定義。
§ VRRP的定義
? 在該協議中,對共享多存取訪問介質(如以太網)上終端IP設備的默認網關(Default Gateway)進行冗餘備份,從而在其中一臺路由設備宕機時,備份路由設備及時接管轉發工作,向用戶提供透明的切換,提高了網絡服務質量。
§ VRRP路由器
? 是指運行VRRP的路由器,是物理實體。
§ 虛擬路由器
? 是指VRRP協議創建的,是邏輯概念。
§ 主控路由器和備份路由器
? 一個VRRP組中有且只有一臺處於主控角色的路由器,可以有一個或者多個處於備份角色的路由器。
? VRRP協議使用選擇策略從路由器組中選出一臺作爲主控,負責ARP響應和轉發IP數據包,組中的其它路由器作爲備份的角色處於待命狀態。
§ VRRP術語
§ 組成虛擬路由器的路由器會有三種狀態
? Initialize
系統啓動後進入此狀態,當收到接口startup的消息,將轉入Backup (優先級不爲255時)或Master狀態(優先級爲255時)。在此狀態時,路由器不會對VRRP報文做任何處理。
? Master
1.定期發送VRRP組播報文,發送免費(gratuitous)ARP報文
2.響應對虛擬IP地址的ARP請求,並且響應的是虛擬MAC地址,而不是接口的真實MAC地址。轉發目的MAC地址爲虛擬MAC地址的IP報文
3.在Master狀態中只有接收到比自己的優先級大的VRRP報文時,纔會轉爲Backup。只有當接收到接口的Shutdown事件時纔會轉爲Initialize。
? Backup
1.接收Master發送的VRRP組播報文 從中瞭解Master的狀態
2.對虛擬IP地址的ARP請求 不做響應
3.丟棄目的MAC地址爲虛擬MAC地址的IP報文
4.丟棄目的IP地址爲虛擬IP地址的IP報文
§ VRRP選舉
VRRP的路由器都會發送和接收VRRP通告消息
? VRRP優先級
? 接口的IP地址
理論部分小編就說到這裏了,然後就是具體實現了,小編這裏使用的是華爲的設備
小編列出一些常用的配置VRRP的命令
設置虛擬地址是否能被PING通
添加/刪除虛擬IP
設置備份組的優先級
設置和取消監控端口
顯示VRRP的狀態信息
以下是小編的實驗拓撲規劃,小編這裏使用了多網關冗餘備份,同時加入了MSTP技術,這樣網絡的高可用性就大大的提升了
實驗詳情:
【SW1】
[Huawei-Vlanif40]
[Huawei-Vlanif40]dis cu
#
sysname Huawei
#
vlan batch 10 20 30 40
#
stp instance 10 root primary
stp instance 20 root secondary
#
cluster enable
stp region-configuration
region-name A
revision-level 1
instance 10 vlan 10 20
instance 20 vlan 30 40
active region-configuration
#
interface Vlanif1
#
interface Vlanif10
ip address 192.168.10.1 255.255.255.0
vrrp vrid 10 virtual-ip 192.168.10.254
vrrp vrid 10 priority 120
vrrp vrid 20 virtual-ip 192.168.10.253
#
interface Vlanif20
ip address 192.168.20.1 255.255.255.0
vrrp vrid 21 virtual-ip 192.168.20.254
vrrp vrid 22 virtual-ip 192.168.20.253
vrrp vrid 22 priority 120
#
interface Vlanif30
ip address 192.168.30.1 255.255.255.0
vrrp vrid 31 virtual-ip 192.168.30.254
vrrp vrid 31 priority 120
vrrp vrid 32 virtual-ip 192.168.30.253
#
interface Vlanif40
ip address 192.168.40.1 255.255.255.0
vrrp vrid 41 virtual-ip 192.168.40.254
vrrp vrid 42 virtual-ip 192.168.40.253
vrrp vrid 42 priority 120
#
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
【SW1】
[Huawei]dis vrrp brief
VRID State Interface Type Virtual IP
----------------------------------------------------------------
10 Backup Vlanif10 Normal 192.168.10.253
20 Master Vlanif10 Normal 192.168.10.254
21 Master Vlanif20 Normal 192.168.20.253
22 Backup Vlanif20 Normal 192.168.20.254
31 Backup Vlanif30 Normal 192.168.30.253
32 Master Vlanif30 Normal 192.168.30.254
41 Master Vlanif40 Normal 192.168.40.253
42 Backup Vlanif40 Normal 192.168.40.254
----------------------------------------------------------------
Total:8 Master:4 Backup:4 Non-active:0
【SW2】
[Huawei]dis cu
#
sysname Huawei
#
vlan batch 10 20 30 40
#
stp instance 10 root secondary
stp instance 20 root primary
#
drop illegal-mac alarm
#
diffserv domain default
#
stp region-configuration
region-name A
revision-level 1
instance 10 vlan 10 20
instance 20 vlan 30 40
active region-configuration
interface Vlanif1
#
interface Vlanif10
ip address 192.168.10.2 255.255.255.0
vrrp vrid 10 virtual-ip 192.168.10.254
vrrp vrid 20 virtual-ip 192.168.10.253
vrrp vrid 20 priority 120
#
interface Vlanif20
ip address 192.168.20.2 255.255.255.0
vrrp vrid 21 virtual-ip 192.168.20.254
vrrp vrid 21 priority 120
vrrp vrid 22 virtual-ip 192.168.20.253
#
interface Vlanif30
ip address 192.168.30.2 255.255.255.0
vrrp vrid 31 virtual-ip 192.168.30.254
vrrp vrid 32 virtual-ip 192.168.30.253
vrrp vrid 32 priority 120
#
interface Vlanif40
ip address 192.168.40.2 255.255.255.0
vrrp vrid 41 virtual-ip 192.168.40.254
vrrp vrid 41 priority 120
vrrp vrid 42 virtual-ip 192.168.40.253
#
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/21
port link-type trunk
port trunk allow-pass vlan 2 to 4094
【SW2】
[Huawei]dis vrrp brief
VRID State Interface Type Virtual IP
----------------------------------------------------------------
10 Backup Vlanif10 Normal 192.168.10.254
20 Master Vlanif10 Normal 192.168.10.253
21 Master Vlanif20 Normal 192.168.20.254
22 Backup Vlanif20 Normal 192.168.20.253
31 Backup Vlanif30 Normal 192.168.30.254
32 Master Vlanif30 Normal 192.168.30.253
41 Master Vlanif40 Normal 192.168.40.254
42 Backup Vlanif40 Normal 192.168.40.253
----------------------------------------------------------------
Total:8 Master:4 Backup:4 Non-active:0
【SW2】
Instance 10
[Huawei]dis stp ins
[Huawei]dis stp instance 10
-------[MSTI 10 Global Info]-------
MSTI Bridge ID :4096.4c1f-ccb1-8c98
MSTI RegRoot/IRPC :0.4c1f-cc38-a98d / 1
MSTI RootPortId :128.21
MSTI Root Type :Secondary root
Master Bridge :32768.4c1f-cc17-56ed
Cost to Master :1
TC received :4
TC count per hello :0
Time since last TC :0 days 0h:0m:25s
Number of TC :6
Last TC occurred :Ethernet0/0/21
----[Port1(Ethernet0/0/1)][LEARNING]----
Port Role :Designated Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=1
Designated Bridge/Port :4096.4c1f-ccb1-8c98 / 128.1
Port Times :RemHops 19
TC or TCN send :5
TC or TCN received :0
----[Port2(Ethernet0/0/2)][LEARNING]----
Port Role :Designated Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=1
Designated Bridge/Port :4096.4c1f-ccb1-8c98 / 128.2
Port Times :RemHops 19
TC or TCN send :5
TC or TCN received :2
----[Port21(Ethernet0/0/21)][FORWARDING]----
Port Role :Root Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=1
Designated Bridge/Port :0.4c1f-cc38-a98d / 128.21
Port Times :RemHops 20
TC or TCN send :2
TC or TCN received :2
----[Port22(Ethernet0/0/22)][DISCARDING]----
Port Role :Alternate Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=1
Designated Bridge/Port :0.4c1f-cc38-a98d / 128.22
Port Times :RemHops 20
TC or TCN send :0
TC or TCN received :0
Instance 20
[Huawei]dis stp instance 20
-------[MSTI 20 Global Info]-------
MSTI Bridge ID :0.4c1f-ccb1-8c98
MSTI RegRoot/IRPC :0.4c1f-ccb1-8c98 / 0
MSTI RootPortId :0.0
MSTI Root Type :Primary root
Master Bridge :32768.4c1f-cc17-56ed
Cost to Master :1
TC received :7
TC count per hello :0
Time since last TC :0 days 0h:0m:59s
Number of TC :6
Last TC occurred :Ethernet0/0/22
----[Port1(Ethernet0/0/1)][FORWARDING]----
Port Role :Designated Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=1
Designated Bridge/Port :0.4c1f-ccb1-8c98 / 128.1
Port Times :RemHops 20
TC or TCN send :8
TC or TCN received :0
----[Port2(Ethernet0/0/2)][FORWARDING]----
Port Role :Designated Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=1
Designated Bridge/Port :0.4c1f-ccb1-8c98 / 128.2
Port Times :RemHops 20
TC or TCN send :9
TC or TCN received :3
----[Port21(Ethernet0/0/21)][FORWARDING]----
Port Role :Designated Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=1
Designated Bridge/Port :0.4c1f-ccb1-8c98 / 128.21
Port Times :RemHops 20
TC or TCN send :3
TC or TCN received :4
----[Port22(Ethernet0/0/22)][FORWARDING]----
Port Role :Designated Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=1
Designated Bridge/Port :0.4c1f-ccb1-8c98 / 128.22
Port Times :RemHops 20
TC or TCN send :2
TC or TCN received :0
【SW3】
[Huawei]dis cu
#
sysname Huawei
#
vlan batch 10 20 30 40
#
stp region-configuration
region-name A
revision-level 1
instance 10 vlan 10 20
instance 20 vlan 30 40
active region-configuration
interface Vlanif1
#
interface MEth0/0/1
#
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
return
【SW4】
<Huawei>dis cu
#
sysname Huawei
#
vlan batch 10 20 30 40
#
interface Vlanif1
#
interface MEth0/0/1
#
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#