VRRP配置 - 技术栈

网络拓扑图

配置要求

配置步骤

网络拓扑图

配置要求

按照图示配置 IP 地址和网关
在 SW1，SW2，SW3 上创建 Vlan10 和 Vlan20，对应 IP 网段如图，交换机之间链路允许所有 VLAN 通过
在 SW1 和 SW2 上配置 VRRP，要求 SW1 成为 Vlan10 的主网关，SW2 成为 Vlan20 的主网关；SW1 和 SW2 互为备份
SW1 和 SW2 对上行接口进行监视，如上行接口故障，会触发 VRRP 角色切换

配置步骤

1.配置图示所示IP地址和网关（略）

2.按照要求创建SW1,SW2,SW3交换机上的vlan10和vlan20，并配置对应的三层IP地址。

3.配置路由让SW1，SW2能够访问互联网

4.配置VRRP，让PC能够通过网关访问互联网

根据题目要求，SW1为vlan10的主网关，SW2为vlan10的备网关

vbnet 复制代码

[sw1-Vlan-interface10]vrrp vrid 10 virtual-ip 192.168.1.254
[sw1-Vlan-interface10]vrrp vrid 10 priority 120

[sw2-Vlan-interface10]vrrp vrid 10 virtual-ip 192.168.1.254

根据题目要求，SW2为vlan20的主网关，SW1为vlan20的备网关

vbnet 复制代码

[sw2-Vlan-interface20]vrrp vrid 20 virtual-ip 192.168.2.254
[sw2-Vlan-interface20]vrrp vrid 20 priority 120

[sw1-Vlan-interface20]vrrp vrid 20 virtual-ip 192.168.2.254

查看SW1上的VRRP

vbnet 复制代码

[sw1]display vrrp 
IPv4 virtual router information:  
 Running mode : Standard
 Total number of virtual routers : 2
 Interface          VRID  State       Running Adver     Auth     Virtual
                                      pri     timer(cs) type     IP
 ---------------------------------------------------------------------
 Vlan10             10    Master      120     100       None     192.168.1.254   
 Vlan20             20    Backup      100     100       None     192.168.2.254   
[sw1]

查看SW2上的VRRP

vbnet 复制代码

<sw2>display vrrp
IPv4 virtual router information:  
 Running mode : Standard
 Total number of virtual routers : 2
 Interface          VRID  State       Running Adver     Auth     Virtual
                                      pri     timer(cs) type     IP
 ---------------------------------------------------------------------
 Vlan10             10    Backup      100     100       None     192.168.1.254   
 Vlan20             20    Master      120     100       None     192.168.2.254   
<sw2>

在R4这个通往互联网的路由器上配置nat地址转换，让PC能够访问

vbnet 复制代码

[INTERNET]acl number 2000
[INTERNET-acl-ipv4-basic-2000]rule permit source 192.168.1.1 0 
[INTERNET-acl-ipv4-basic-2000]rule permit source 192.168.2.1 0
[INTERNET]nat address-group 1
[INTERNET-address-group-1]address 100.2.2.4 100.2.2.4
[INTERNET-GigabitEthernet0/0]nat outbound 2000 address-group 1

当SW1设备故障之后，备份组会重新选举SW1的master网关

SW2选举成为vlan10的主网关

vbnet 复制代码

<sw2>display vrrp 
IPv4 virtual router information:  
 Running mode : Standard
 Total number of virtual routers : 2
 Interface          VRID  State       Running Adver     Auth     Virtual
                                      pri     timer(cs) type     IP
 ---------------------------------------------------------------------
 Vlan10             10    Master      100     100       None     192.168.1.254   
 Vlan20             20    Master      120     100       None     192.168.2.254   
<sw2>

PC5仍然可以通过SW2访问互联网

vbnet 复制代码

<H3C>ping 100.2.2.7
Ping 100.2.2.7 (100.2.2.7): 56 data bytes, press CTRL_C to break
56 bytes from 100.2.2.7: icmp_seq=0 ttl=253 time=5.000 ms
56 bytes from 100.2.2.7: icmp_seq=1 ttl=253 time=4.000 ms
56 bytes from 100.2.2.7: icmp_seq=2 ttl=253 time=3.000 ms
56 bytes from 100.2.2.7: icmp_seq=3 ttl=253 time=3.000 ms
56 bytes from 100.2.2.7: icmp_seq=4 ttl=253 time=4.000 ms

--- Ping statistics for 100.2.2.7 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 3.000/3.800/5.000/0.748 ms
<H3C>.%Feb  7 14:50:24:310 2024 H3C PING/6/PING_STATISTICS: Ping statistics for 100.2.2.7: 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss, round-trip min/avg/max/std-dev = 3.000/3.800/5.000/0.748 ms.

SW2同理。

当故障设备恢复之后，会将master网关又重新抢占回去

vbnet 复制代码

<sw1>display vrrp 
IPv4 virtual router information:  
 Running mode : Standard
 Total number of virtual routers : 2
 Interface          VRID  State       Running Adver     Auth     Virtual
                                      pri     timer(cs) type     IP
 ---------------------------------------------------------------------
 Vlan10             10    Master      120     100       None     192.168.1.254   
 Vlan20             20    Backup      100     100       None     192.168.2.254   
<sw1>

5.对SW1和SW2的上行接口进行监视，如果上行接口故障，触发VRRP进行角色切换

vbnet 复制代码

[sw1]track 1 interface GigabitEthernet 1/0/1
[sw1-track-1]qu
[sw1]interface Vlan-interface 10
[sw1-Vlan-interface10]vrrp vrid 10 track 1 priority reduced 30
[sw1-Vlan-interface10]
[sw1-Vlan-interface10]

vbnet 复制代码

[sw2]track 1 interface GigabitEthernet 1/0/2
[sw2-track-1]qu
[sw2]interface vlan 20
[sw2-Vlan-interface20]vrrp  vrid 20 track 1 priority reduced 30
[sw2-Vlan-interface20]
[sw2-Vlan-interface20]

测试：将SW1的上行接口shutdown

SW1在vlan10这个备份组中优先级减少了30，触发角色切换条件成功变为了备设备

vbnet 复制代码

[sw1]display vrrp 
IPv4 virtual router information:  
 Running mode : Standard
 Total number of virtual routers : 2
 Interface          VRID  State       Running Adver     Auth     Virtual
                                      pri     timer(cs) type     IP
 ---------------------------------------------------------------------
 Vlan10             10    Backup      90      100       None     192.168.1.254   
 Vlan20             20    Backup      100     100       None     192.168.2.254   
[sw1]

当上行链路恢复正常后，成功抢占回角色

vbnet 复制代码

[sw1]display vrrp 
IPv4 virtual router information:  
 Running mode : Standard
 Total number of virtual routers : 2
 Interface          VRID  State       Running Adver     Auth     Virtual
                                      pri     timer(cs) type     IP
 ---------------------------------------------------------------------
 Vlan10             10    Master      120     100       None     192.168.1.254   
 Vlan20             20    Backup      100     100       None     192.168.2.254   
[sw1]