一、前言
-
局域網中的用戶終端通常采用配置一個默認網關的形式訪問外部網絡,如果此時默認網關設備發生故障,將中斷所有用戶終端的網絡訪問,這很可能會給用戶帶來不可預計的損失,所以可以通過部署多個網關的方式來解決單點故障問題,那么如何讓多個網關能夠協同工作但又不會互相沖突就成了最迫切需要解決的問題。
-
於是VRRP應運而生,它既可以實現網關的備份,又能解決多個網關之間互相沖突的問題。那么VRRP的工作原理是如何實現的?在網絡中又該如何配置呢?
二、VRRP基本概述
- VRRP能夠在不改變組網的情況下,將多台路由器虛擬成一個路由器,通過配置虛擬路由器的IP地址為默認網關,實現網關備份。
- 協議版本:VRRv2(常用)和VRRv3;
- VRRv2僅適用於IPv4網絡,VRRv3適用於IPv4網絡和IPv6網絡。
- VRRP協議報文;
- 只有一種報文:Advertisement報文;其目的IP地址是224.0.0.18,目標MAC地址是01-00-5e-00-00-12,協議號是112。
三、VRRP狀態機
四、VRRP的作用
Master報文的發送:當Master正常工作時,它會每隔一段時間(缺省值為1秒)向組內Backup設備發送VRRP通告報文,通告自己工作正常(只有Master發送VRRP報文)
VRRP通告報文被封裝在IP報文里,通過組播地址224.0.0.18發送,TTL為225,協議號為112
五、實例
需求
-
創建兩個虛擬路由,一個以左側交換機為Master,另一個以右側交換機為Master
-
查看VRRP表
-
斷掉LSW1的G0/0/1口后查看VRRP表,查看原備份理由是否稱為Master
-
全網互通
1、配置PC機
2、各個設備的基礎配置
LSW3
<Huawei> <Huawei>sys Enter system view, return user view with Ctrl+Z. [Huawei]vlan bat 10 20 Info: This operation may take a few seconds. Please wait for a moment...done. [Huawei]int e0/0/1 [Huawei-Ethernet0/0/1]port link-type access [Huawei-Ethernet0/0/1]port default vlan 10 [Huawei-Ethernet0/0/1]int e0/0/2 [Huawei-Ethernet0/0/2]port link-type access [Huawei-Ethernet0/0/2]port default vlan 20 [Huawei-Ethernet0/0/2]int g0/0/1 [Huawei-GigabitEthernet0/0/1]port link-type trunk [Huawei-GigabitEthernet0/0/1]port trunk allow-pass vlan all [Huawei-GigabitEthernet0/0/1]int g0/0/2 [Huawei-GigabitEthernet0/0/2]port link-type trunk [Huawei-GigabitEthernet0/0/2]port trunk allow-pass vlan all
LSW1
<Huawei>sys Enter system view, return user view with Ctrl+Z. [Huawei]user-interface console 0 [Huawei]vlan bat 10 20 100 Info: This operation may take a few seconds. Please wait for a moment...done. [Huawei]int vlan 10 [Huawei-Vlanif10]ip add 192.168.10.10 24 [Huawei-Vlanif10]int vlan 20 [Huawei-Vlanif20]ip add 192.168.20.10 24 [Huawei-Vlanif20]int vlan 100 [Huawei-Vlanif100]ip add 11.0.0.2 24 [Huawei-Vlanif100]int g0/0/1 [Huawei-GigabitEthernet0/0/1]port link-type trunk [Huawei-GigabitEthernet0/0/1]port trunk allow-pass vlan all [Huawei-GigabitEthernet0/0/1]int g0/0/2 [Huawei-GigabitEthernet0/0/2]port link-type access [Huawei-GigabitEthernet0/0/2]port default vlan 100
LSW2
<Huawei>sys Enter system view, return user view with Ctrl+Z. [Huawei]vlan bat 10 20 100 Info: This operation may take a few seconds. Please wait for a moment...done. [Huawei]int vlan 10 [Huawei-Vlanif10]ip add 192.168.10.20 24 [Huawei-Vlanif10]int vlan 20 [Huawei-Vlanif20]ip add 192.168.20.20 24 [Huawei-Vlanif20]int vlan 100 [Huawei-Vlanif100]ip add 12.0.0.2 24 [Huawei-Vlanif100]int g0/0/1 [Huawei-GigabitEthernet0/0/1]port link-type trunk [Huawei-GigabitEthernet0/0/1]port trunk allow-pass vlan all [Huawei-GigabitEthernet0/0/1]int g0/0/2 [Huawei-GigabitEthernet0/0/2]port link-type access [Huawei-GigabitEthernet0/0/2]port default vlan 100 [Huawei-GigabitEthernet0/0/2]un sh
R1
<Huawei>sys Enter system view, return user view with Ctrl+Z. [Huawei]int g0/0/0 [Huawei-GigabitEthernet0/0/0]ip add 11.0.0.1 24 [Huawei-GigabitEthernet0/0/0]int g0/0/1 [Huawei-GigabitEthernet0/0/1]ip add 12.0.0.1 24 [Huawei-GigabitEthernet0/0/1]int loop0 [Huawei-LoopBack0]ip add 10.0.0.1 24 [Huawei-LoopBack0]q [Huawei]ip route-s 192.168.10.0 24 11.0.0.2 [Huawei]ip route-s 192.168.10.0 24 12.0.0.2 pre 70 [Huawei]ip route-s 192.168.20.0 24 11.0.0.2 [Huawei]ip route-s 192.168.20.0 24 12.0.0.2 pre 70
3、VRRP的配置
LSW1 [Huawei-GigabitEthernet0/0/2]int vlan 10 [Huawei-Vlanif10]vrrp vrid 1 virtual-ip 192.168.10.1 [Huawei-Vlanif10]vrrp vrid 1 priority 120 [Huawei-Vlanif10] vrrp vrid 1 track interface GigabitEthernet0/0/1 [Huawei-Vlanif10] vrrp vrid 1 track interface GigabitEthernet0/0/2 [Huawei-Vlanif10]int vlan 20 [Huawei-Vlanif20]vrrp vrid 2 virtual-ip 192.168.20.1 [Huawei-Vlanif20]vrrp vrid 2 priority 115 [Huawei-Vlanif20]q
LSW2
[Huawei-GigabitEthernet0/0/2]int vlan 20 [Huawei-Vlanif20]vrrp vrid 2 virtual-ip 192.168.20.1 [Huawei-Vlanif20]vrrp vrid 2 priority 120 [Huawei-Vlanif20] vrrp vrid 2 track interface GigabitEthernet0/0/1 [Huawei-Vlanif20] vrrp vrid 2 track interface GigabitEthernet0/0/2 [Huawei-Vlanif20]int vlan 10 [Huawei-Vlanif10]vrrp vrid 1 virtual-ip 192.168.10.1 [Huawei-Vlanif10]vrrp vrid 1 priority 115 [Huawei-Vlanif10]q
在R1上配置浮動路由
[Huawei] ip route-static 192.168.10.0 255.255.255.0 11.0.0.2 [Huawei] ip route-static 192.168.10.0 255.255.255.0 12.0.0.2 preference 70 [Huawei] ip route-static 192.168.20.0 255.255.255.0 12.0.0.2 [Huawei] ip route-static 192.168.20.0 255.255.255.0 11.0.0.2 preference 70
4、測試連通性
PC>ping 12.0.0.1
Ping 12.0.0.1: 32 data bytes, Press Ctrl_C to break
From 12.0.0.1: bytes=32 seq=1 ttl=254 time=47 ms
From 12.0.0.1: bytes=32 seq=2 ttl=254 time=63 ms
From 12.0.0.1: bytes=32 seq=3 ttl=254 time=78 ms
From 12.0.0.1: bytes=32 seq=4 ttl=254 time=47 ms
From 12.0.0.1: bytes=32 seq=5 ttl=254 time=62 ms
--- 12.0.0.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 47/59/78 ms
PC>ping 11.0.0.1
Ping 11.0.0.1: 32 data bytes, Press Ctrl_C to break
From 11.0.0.1: bytes=32 seq=1 ttl=254 time=62 ms
From 11.0.0.1: bytes=32 seq=2 ttl=254 time=63 ms
From 11.0.0.1: bytes=32 seq=3 ttl=254 time=47 ms
From 11.0.0.1: bytes=32 seq=4 ttl=254 time=47 ms
From 11.0.0.1: bytes=32 seq=5 ttl=254 time=63 ms
--- 11.0.0.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 47/56/63 ms
PC>ping 192.168.20.10
Ping 192.168.20.10: 32 data bytes, Press Ctrl_C to break
From 192.168.20.10: bytes=32 seq=1 ttl=255 time=31 ms
From 192.168.20.10: bytes=32 seq=2 ttl=255 time=31 ms
From 192.168.20.10: bytes=32 seq=3 ttl=255 time=31 ms
From 192.168.20.10: bytes=32 seq=4 ttl=255 time=47 ms
From 192.168.20.10: bytes=32 seq=5 ttl=255 time=32 ms
--- 192.168.20.10 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 31/34/47 ms
5、三層交換機的VRRP配置情況
LSW1
[Huawei]dis vrrp
Vlanif10 | Virtual Router 1
State : Master
Virtual IP : 192.168.10.1
Master IP : 192.168.10.10
PriorityRun : 120
PriorityConfig : 120
MasterPriority : 120
Preempt : YES Delay Time : 0 s
TimerRun : 1 s
TimerConfig : 1 s
Auth type : NONE
Virtual MAC : 0000-5e00-0101
Check TTL : YES
Config type : normal-vrrp
Track IF : GigabitEthernet0/0/1 Priority reduced : 10
IF state : UP
Track IF : GigabitEthernet0/0/2 Priority reduced : 10
IF state : UP
Create time : 2021-05-28 09:36:40 UTC-08:00
Last change time : 2021-05-28 09:37:40 UTC-08:00
Vlanif20 | Virtual Router 2
State : Backup
Virtual IP : 192.168.20.1
Master IP : 192.168.20.20
PriorityRun : 115
PriorityConfig : 115
MasterPriority : 120
Preempt : YES Delay Time : 0 s
TimerRun : 1 s
TimerConfig : 1 s
Auth type : NONE
Virtual MAC : 0000-5e00-0102
Check TTL : YES
Config type : normal-vrrp
Create time : 2021-05-28 09:36:40 UTC-08:00
Last change time : 2021-05-28 09:47:10 UTC-08:00
LSW2
[Huawei]dis vrrp Vlanif10 | Virtual Router 1 State : Backup Virtual IP : 192.168.10.1 Master IP : 192.168.10.10 PriorityRun : 115 PriorityConfig : 115 MasterPriority : 120 Preempt : YES Delay Time : 0 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Track IF : GigabitEthernet0/0/1 Priority reduced : 10 IF state : UP Track IF : GigabitEthernet0/0/2 Priority reduced : 10 IF state : UP Create time : 2021-05-28 09:46:59 UTC-08:00 Last change time : 2021-05-28 09:47:10 UTC-08:00Vlanif20 | Virtual Router 2
State : Master
Virtual IP : 192.168.20.1
Master IP : 192.168.20.20
PriorityRun : 120
PriorityConfig : 120
MasterPriority : 120
Preempt : YES Delay Time : 0 s
TimerRun : 1 s
TimerConfig : 1 s
Auth type : NONE
Virtual MAC : 0000-5e00-0102
Check TTL : YES
Config type : normal-vrrp
Track IF : GigabitEthernet0/0/1 Priority reduced : 10
IF state : UP
Track IF : GigabitEthernet0/0/2 Priority reduced : 10
IF state : UP
Create time : 2021-05-28 09:46:59 UTC-08:00
Last change time : 2021-05-28 09:47:10 UTC-08:00
6、斷開LSW1的G0/0/1后VRRP配置情況
LSW1
[Huawei]dis vrrp Vlanif10 | Virtual Router 1 State : Backup Virtual IP : 192.168.10.1 Master IP : 192.168.10.20 PriorityRun : 110 PriorityConfig : 120 MasterPriority : 115 Preempt : YES Delay Time : 0 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Track IF : GigabitEthernet0/0/1 Priority reduced : 10 IF state : DOWN Track IF : GigabitEthernet0/0/2 Priority reduced : 10 IF state : UP Create time : 2021-05-28 09:36:40 UTC-08:00 Last change time : 2021-05-28 10:16:32 UTC-08:00Vlanif20 | Virtual Router 2
State : Backup
Virtual IP : 192.168.20.1
Master IP : 192.168.20.20
PriorityRun : 115
PriorityConfig : 115
MasterPriority : 120
Preempt : YES Delay Time : 0 s
TimerRun : 1 s
TimerConfig : 1 s
Auth type : NONE
Virtual MAC : 0000-5e00-0102
Check TTL : YES
Config type : normal-vrrp
Create time : 2021-05-28 09:36:40 UTC-08:00
Last change time : 2021-05-28 09:47:10 UTC-08:00
LSW2
[Huawei]dis vrrp Vlanif10 | Virtual Router 1 State : Master Virtual IP : 192.168.10.1 Master IP : 192.168.10.20 PriorityRun : 115 PriorityConfig : 115 MasterPriority : 115 Preempt : YES Delay Time : 0 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Track IF : GigabitEthernet0/0/1 Priority reduced : 10 IF state : UP Track IF : GigabitEthernet0/0/2 Priority reduced : 10 IF state : UP Create time : 2021-05-28 09:46:59 UTC-08:00 Last change time : 2021-05-28 10:16:32 UTC-08:00Vlanif20 | Virtual Router 2
State : Master
Virtual IP : 192.168.20.1
Master IP : 192.168.20.20
PriorityRun : 120
PriorityConfig : 120
MasterPriority : 120
Preempt : YES Delay Time : 0 s
TimerRun : 1 s
TimerConfig : 1 s
Auth type : NONE
Virtual MAC : 0000-5e00-0102
Check TTL : YES
Config type : normal-vrrp
Track IF : GigabitEthernet0/0/1 Priority reduced : 10
IF state : UP
Track IF : GigabitEthernet0/0/2 Priority reduced : 10
IF state : UP
Create time : 2021-05-28 09:46:59 UTC-08:00
Last change time : 2021-05-28 09:47:10 UTC-08:00