網絡拓撲圖:
需求:通過在核心交換機上部署VRRP + MSTP技術,實現網關冗余,核心SW1作為vlan 10的主網關,SW 2作為vlan 20的網關
一、交換機配置VLNA和Trunk接口:
SW3配置:
<SW3>system-view [SW3]undo info-center enable [SW3]sysname SW3 [SW3]vlan batch 10 20 [SW3]interface gig0/0/3 [SW3-GigabitEthernet0/0/3]port link-type access [SW3-GigabitEthernet0/0/3]port default vlan 10 [SW3-GigabitEthernet0/0/3]inter gig0/0/4 [SW3-GigabitEthernet0/0/4]port link-type access [SW3-GigabitEthernet0/0/4]port default vlan 20 [SW3-GigabitEthernet0/0/4]quit [SW3]port-group group-member gig0/0/1 to gig0/0/2 #加入端口組 [SW3-port-group]port link-type trunk #端口類型為trunk [SW3-port-group]port trunk allow-pass vlan all #允許所有vlan通過
SW1:
<SW1>system-view [SW1]undo info-center enable [SW1]sysname SW1 [SW1]vlan batch 10 20 30 [SW1]port-group group-member gig0/0/1 to gig0/0/2 #加入端口組 [SW1-port-group]port link-type trunk #更改端口類型為trunk [SW1-port-group]port trunk allow-pass vlan all #允許所有vlan通過 [SW1-port-group]quit [SW1]interface GigabitEthernet 0/0/3 #進入G0/0/3接口 [SW1-GigabitEthernet0/0/3]port link-type access #端口類型access [SW1-GigabitEthernet0/0/3]port default vlan 30 #划分至vlan 30 [SW1-GigabitEthernet0/0/3]quit #退出
SW2:
<SW2>system-view [SW2]undo info-center enable [SW2]sysname SW1 [SW2]vlan batch 10 20 30 [SW2]port-group group-member gig0/0/1 to gig0/0/2 #加入端口組 [SW2-port-group]port link-type trunk #更改端口類型為trunk [SW2-port-group]port trunk allow-pass vlan all #允許所有vlan通過 [SW2-port-group]quit [SW2]interface GigabitEthernet 0/0/3 #進入G0/0/3接口 [SW2-GigabitEthernet0/0/3]port link-type access #端口類型access [SW2-GigabitEthernet0/0/3]port default vlan 30 #划分至vlan 30 [SW2-GigabitEthernet0/0/3]quit #退出
二、配置VRRP:
SW1:
[SW1]interface Vlanif 10 #進入vlanif10接口 [SW1-Vlanif10]ip address 192.168.10.254 24 #配置vlan 10接口地址 [SW1-Vlanif10]vrrp vrid 1 virtual-ip 192.168.10.1 #配置vlan 10的網關ip [SW1-Vlanif10]vrrp vrid 1 priority 105 #將vlan 10網關的優先級設置為105,使SW 1成為vlan 10的主網關,優先級默認是100 [SW1-Vlanif10]vrrp vrid 1 track interface GigabitEthernet0/0/1 reduced 80 # #追蹤G0/0/1接口,如果端口發生故障,將VRRP優先級減80 [SW1-Vlanif10]vrrp vrid 1 track interface GigabitEthernet0/0/2 reduced 80 [SW1-Vlanif10]vrrp vrid 1 track interface GigabitEthernet0/0/3 reduced 80 [SW1-Vlanif10]quit [SW1]interface vlanif 20 #進入vlanif 20接口 [SW1-Vlanif20]ip address 192.168.20.254 24 #配置vlan 20接口地址 [SW1-Vlanif20]vrrp vrid 2 virtual-ip 192.168.20.1 #配置vlan 20的網關ip [SW1-Vlanif20]vrrp vrid 2 track interface GigabitEthernet 0/0/1 reduced 90 #追蹤G0/0/1接口,如果端口發生故障,將VRRP優先級減90 [SW1-Vlanif20]vrrp vrid 2 track interface GigabitEthernet 0/0/2 reduced 90 [SW1-Vlanif20]vrrp vrid 2 track interface GigabitEthernet 0/0/3 reduced 90
SW2:
[SW2]interface Vlanif 10 #進入vlanif10接口 [SW2-Vlanif10]ip address 192.168.10.253 24 #配置vlan 10接口地址 [SW2-Vlanif10]vrrp vrid 1 virtual-ip 192.168.10.1 #配置vlan 10的網關ip [SW2-Vlanif10]vrrp vrid 1 track interface GigabitEthernet0/0/1 reduced 80 #追蹤G0/0/1接口,如果發生故障,將VRRP優先級減80 [SW2-Vlanif10]vrrp vrid 1 track interface GigabitEthernet0/0/2 reduced 80 [SW2-Vlanif10]vrrp vrid 1 track interface GigabitEthernet0/0/3 reduced 80 [SW2-Vlanif10]quit [SW2]interface vlanif 20 #進入vlanif 20接口 [SW2-Vlanif20]ip address 192.168.20.253 24 #配置vlan 20接口地址 [SW2-Vlanif20]vrrp vrid 2 virtual-ip 192.168.20.1 #配置vlan 20的網關ip [SW2-Vlanif20]vrrp vrid 2 priority 108 #將vlan 20網關優先級設置為108,使SW 2成為vlan 20的主網關 [SW2-Vlanif20]vrrp vrid 2 track interface GigabitEthernet0/0/1 reduced 90 #追蹤G0/0/1接口,如果發生故障,將VRRP優先級減90 [SW2-Vlanif20]vrrp vrid 2 track interface GigabitEthernet0/0/2 reduced 90 [SW2-Vlanif20]vrrp vrid 2 track interface GigabitEthernet0/0/3 reduced 90 [SW2-Vlanif20]quit #退出
配置完VRRP后,我們再分別使用PC去ping各自的網關地址,如下:
三、配置MSTP:
SW1、SW2、SW3都需配置:
[SW1]stp region-configuration #STP區域設置 [SW1-mst-region]region-name kang #創建區域名kang [SW1-mst-region]instance 1 vlan 10 #創建實例1並綁定vlan 10 [SW1-mst-region]instance 2 vlan 20 #創建實例2並綁定vlan 20 [SW1-mst-region]active region-configuration #激活配置
上面配置完成后,默認所有vlan都在MSTP的實例0中,還需要更改MSTP實例的優先級:
SW1:
[SW1]stp instance 1 root primary #針對實例1將SW 1設置為根橋 [SW1]stp instance 2 root secondary #針對實例2將SW 1設置為備份根橋
針對實例1將堵塞SW3的G0/0/2端口
SW2:
[SW2]stp instance 2 root primary #針對實例2將SW 2設置為根橋 [SW2]stp instance 1 root secondary #針對實例1將SW 2設置為備份根橋
針對實例2將堵塞SW3的G0/0/1端口
