虚拟路由冗余协议(Virtual Router Redundancy Protocol,简称VRRP),是一个公有协议族,协议号为112。在VRRP里面,设备有两种角色Master,Backup,其中Master是主,Backup是备份,当Master挂掉之后,Backup自动抢占为Master,然后所有的数据转发随之切换 。
VRRP的作用和HSRP非常相似,用来做网关冗余,可以和MSTP(多实例生成树)结合使用,使内网设备达到负载冗余的效果。
拓扑说明:
RT作为出口路由器,配置loo 0 模拟互联网
SW1SW2核心层交换,SW1作为VL10主根 VL20的次根,SW2作为VL20主根 VL10的次根
配置VRRP,SW1作为VL10的默认网关VL20 的备份网关,SW2作为VL20的默认网关VL10 的备份网关。
核心设备一旦故障,自动倒换到对侧。
PC1 192.168.10.1/24
PC2 192.168.20.1/24
配置方法:
RT配置
hostname RT
interface Loopback0
ip address 1.1.1.1 255.255.255.255
interface GigabitEthernet0/1
ip address 10.0.0.2 255.255.255.0
interface GigabitEthernet0/2
ip address 20.0.0.2 255.255.255.0
//配置接口IP地址
ip route 0.0.0.0 0.0.0.0 Loopback0
//配置默认路由
router ospf 110
router-id 1.1.1.1
network 10.0.0.2 0.0.0.0 area 0
network 20.0.0.2 0.0.0.0 area 0
default-information originate
//配置OSPF,下发默认路由
SW1配置
hostname SW1
vlan 10
vlan 20
vlan 100
spanning-tree mode mst
spanning-tree mst configuration
name cisco
revision 12
instance 10 vlan 10
instance 20 vlan 20
exit
spanning-tree mst 10 root primary
spanning-tree mst 20 root secondary
//配置MSTP,建立两个实例对应VL10 VL20
interface GigabitEthernet0/0
switchport access vlan 100
switchport mode access
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
interface GigabitEthernet0/2
switchport trunk encapsulation dot1q
switchport mode trunk
interface GigabitEthernet0/3
switchport trunk encapsulation dot1q
switchport mode trunk
//接口放行所有VLAN
interface Vlan10
ip address 192.168.10.252 255.255.255.0
vrrp 1 ip 192.168.10.254
vrrp 1 priority 120
//配置VL10地址,VRRP虚拟网关地址,优先级120为主(默认100),默认抢占开启
interface Vlan20
ip address 192.168.20.252 255.255.255.0
vrrp 2 ip 192.168.20.254
//配置VL20地址,VRRP虚拟网关地址
interface Vlan100
ip address 10.0.0.1 255.255.255.0
//配置出口互联地址
router ospf 110
router-id 10.0.0.1
passive-interface Vlan10
passive-interface Vlan20
network 10.0.0.1 0.0.0.0 area 0
network 192.168.10.252 0.0.0.0 area 0
network 192.168.20.252 0.0.0.0 area 0
//配置OSPF宣告各网段,内网VLAN被动模式,减少LSA泛洪
SW2 配置
hostname SW2
vlan 10
vlan 20
vlan 100
spanning-tree mode mst
spanning-tree mst configuration
name cisco
revision 12
instance 10 vlan 10
instance 20 vlan 20
exit
spanning-tree mst 10 root secondary
spanning-tree mst 20 root primary
interface GigabitEthernet0/0
switchport access vlan 200
switchport mode access
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
interface GigabitEthernet0/2
switchport trunk encapsulation dot1q
switchport mode trunk
interface GigabitEthernet0/3
switchport trunk encapsulation dot1q
switchport mode trunk
interface Vlan10
ip address 192.168.10.253 255.255.255.0
vrrp 1 ip 192.168.10.254
interface Vlan20
ip address 192.168.20.253 255.255.255.0
vrrp 2 ip 192.168.20.254
vrrp 2 preempt delay minimum 1
vrrp 2 priority 120
interface Vlan200
ip address 20.0.0.1 255.255.255.0
router ospf 110
router-id 20.0.0.1
passive-interface Vlan10
passive-interface Vlan20
network 20.0.0.1 0.0.0.0 area 0
network 192.168.10.253 0.0.0.0 area 0
network 192.168.20.253 0.0.0.0 area 0
SW3 SW4配置
hostname SW3
vlan 10
vlan 20
spanning-tree mode mst
spanning-tree mst configuration
name cisco
revision 12
instance 10 vlan 10
instance 20 vlan 20
exit
interface GigabitEthernet0/0
switchport access vlan 10
// SW4此处配置为switchport access vlan 20
switchport mode access
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
interface GigabitEthernet0/2
switchport trunk encapsulation dot1q
switchport mode trunk
配置完成后检查
SW1#show spanning-tree
SW1#show vrrp
SW2#show spanning-tree
SW2#show vrrp
PC1 PC2 分别走两侧访问外网
将SW1关闭,在SW2观察状态,MSTP 实例10 VRRP 1 状态随之切换
SW2#show spanning-tree
SW2#show vrrp
PC1访问外网随之切换到对侧
将SW2设备关闭,VL20 VRRP2 倒换现象与此一致。
本文暂时没有评论,来添加一个吧(●'◡'●)