目前新的网络设备基本使用网络虚拟化,但在中小企业考虑成本问题没有升级的网络设备还是采用VRRP+MSTP组网。
VRRP是一种容错协议,当主机的下一跳路由器出现故障时,由另一台路由器来代替出现故障的路由器进行工作,从而保持网络通信的连续性和可靠性。
MSTP:多生成树协议,通过生成多个生成树,来解决以太网环路问题,以及交换机负载
拓扑如下:
上图所示vrrp+mstp组网做主备并流量负载均衡,PC1/2走CE1,ce1作为vlan10 20的主路由且为根桥,作为vlan30 40 的备路由,PC3/4走CE2,ce2作为vlan30 40 主路由且为根桥,作为vlan10 20备路由,各交换机之间配置trunk
配置如下:
一、配置CE1
1、批量创建
vlan batch 10 20 30 40
2、配置vrrp
interface Vlanif10
ip address 192.168.1.253 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.1.254(vrrp虚拟ip,vrid要和另外一台一致)
vrrp vrid 1 priority 120(优先级)
vrrp vrid 1 track interface GE1/0/0 reduce 30(跟踪上行接口,当上行口故障降低优先级成为备份设备)
#
interface Vlanif20
ip address 192.168.2.253 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.2.254
vrrp vrid 2 priority 120
vrrp vrid 2 track interface GE1/0/0 reduce 30
#
interface Vlanif30
ip address 192.168.3.253 255.255.255.0
vrrp vrid 3 virtual-ip 192.168.3.254
#
interface Vlanif40
ip address 192.168.4.253 255.255.255.0
vrrp vrid 4 virtual-ip 192.168.4.254
3、配置mstp
stp en(启用stp)
stp mode mstp(模式mstp)
stp region-configuration(域配置)
region-name vrrp(域名,其他设备域名一致)
instance 1 vlan 10 20(实例1关联vlan10 20)
instance 2 vlan 30 40
qu(退出域配置)
stp instance 1 root primary(全局模式下,ce1为实例1的主根桥)
stp instance 2 root secondary(e1为实例2的次根桥)
4、各相关端口配置
interface GE1/0/1
port link-type trunk
port trunk allow-pass vlan all
#
interface GE1/0/2
port link-type trunk
port trunk allow-pass vlan all
#
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan all
#
interface GE1/0/3
eth-trunk 1
#
interface GE1/0/4
eth-trunk 1
#
二、配置CE2
1、批量创建
vlan batch 10 20 30 40
2、配置vrrp
interface Vlanif10
ip address 192.168.1.252 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.1.254(vrrp虚拟ip,vrid要和ce1一致)
vrrp vrid 1 priority 100(默认100,这条可以省)
#
interface Vlanif20
ip address 192.168.2.252 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.2.254
#
interface Vlanif30
ip address 192.168.3.252 255.255.255.0
vrrp vrid 3 virtual-ip 192.168.3.254
vrrp vrid 3 priority 120
vrrp vrid 3 track interface GE1/0/0 reduce 30
#
interface Vlanif40
ip address 192.168.4.252 255.255.255.0
vrrp vrid 4 virtual-ip 192.168.4.254
vrrp vrid 4 priority 120
vrrp vrid 4 track interface GE1/0/0 reduce 30
3、配置mstp
stp en(启用stp)
stp mode mstp(模式mstp)
stp region-configuration(域配置)
region-name vrrp(域名,其他设备域名一致)
instance 1 vlan 10 20(实例1关联vlan10 20)
instance 2 vlan 30 40
stp instance 1 root secondary(ce2为实例1次根桥)
stp instance 2 root primary(ce2为实例2的主根桥)
4、各相关端口配置
interface GE1/0/1
port link-type trunk
port trunk allow-pass vlan all
#
interface GE1/0/2
port link-type trunk
port trunk allow-pass vlan all
#
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan all
#
interface GE1/0/3
eth-trunk 1
#
interface GE1/0/4
eth-trunk 1
#
三、配置sw1
批量创建vlan:
vlan batch 10 20 30 40
配置mstp:
stp en
stp mode mstp
stp region-configuration
region-name vrrp
instance 1 vlan 10 20
instance 2 vlan 30 40
active region-configuration
各端口配置:
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/3
port link-type access
port default vlan 10
#
interface Ethernet0/0/4
port link-type access
port default vlan 20
#
四、配置sw2
批量创建vlan:
vlan batch 10 20 30 40
配置mstp:
stp en
stp mode mstp
stp region-configuration
region-name vrrp
instance 1 vlan 10 20
instance 2 vlan 30 40
active region-configuration
各端口配置:
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/3
port link-type access
port default vlan 30
#
interface Ethernet0/0/4
port link-type access
port default vlan40
#
五、测试
查看 ce1 vrrp:dis vrrp
可以看到ce1做为vlan10 20 的master,vlan30 40 的backup
PC1长ping PC4,任意断开sw1与ce1的链路,ce1与ce2的链路,ce1与sw2的链路,都可以ping通pc4
