我是靠谱客的博主 雪白中心,最近开发中收集的这篇文章主要介绍VRRP协议(虚拟路由器冗余协议)及实验一. VRRP概述二、 vrrp术语三、vrrp状态机四、vrrp工作过程五、vrrp小实验六、vrrp+静态路由实验七、vrrp+mstp实验,觉得挺不错的,现在分享给大家,希望可以做个参考。
概述
VRRP协议(虚拟路由器冗余协议)
- 一. VRRP概述
- 二、 vrrp术语
- 1.vrrp路由器
- 2. vrrp组
- 3.虚拟路由器
- 4.虚拟ip地址、mac地址
- 三、vrrp状态机
- 初始状态(initialize)
- master(主)
- backup(从)
- 四、vrrp工作过程
- 五、vrrp小实验
- 六、vrrp+静态路由实验
- 七、vrrp+mstp实验
一. VRRP概述
vrrp是针对接口的协议,组播地址224.0.0.18,支持认证,0为不认证,1为认证,2为md5认证
它可以把一个虚拟路由器的责任动态分配到局域网上的 VRRP 路由器中的一台。控制虚拟路由器 IP 地址的 VRRP 路由器称为主路由器,它负责转发数据包到这些虚拟 IP 地址。一旦主路由器不可用,这种选择过程就提供了动态的故障转移机制,这就允许虚拟路由器的 IP 地址可以作为终端主机的默认第一跳路由器。使用 VRRP 的好处是有更高的默认路径的可用性而无需在每个终端主机上配置动态路由或路由发现协议
二、 vrrp术语
1.vrrp路由器
一台vrrp路由器可以参与到多个vrrp组中,不同的组,一台vrrp可以充当不同的角色
2. vrrp组
一个vrrp组由多个vrrp路由器组成,使用相同的VRID进行标识,每个vrrp组只能有一个master
3.虚拟路由器
对每个vrrp组,抽象出一个逻辑路由器来充当网关,对用户来说只需要知道虚拟路由器的ip
4.虚拟ip地址、mac地址
虚拟ip就是虚拟路由器的ip,用户的网关,虚拟mac就是虚拟路由器的mac,格式为00-00-5e-00-01-(VRID)
三、vrrp状态机
初始状态(initialize)
当配置vrrp之后会是初始状态,然后进行选举
master(主)
master路由器的工作
①vrrp组中的设备选出master,master会发送arp报文将虚拟mac地址通知相连的主机,从而转发数据
②会响应主机发送的arp报文
③会给backup周期性的发送vrrp通告报文
backup(从)
backup路由器的工作
①接收master发送的报文,监听master设备是否正常
②对虚拟地址的arp请求不作回应
③丢弃目的ip为虚拟ip地址的ip报文
④如果收到优先级相同或比自己大的报文,会重置定时器,不进一步比较ip地址
⑤如果收到比自己优先级小且优先级为0的报文时定时器设置为偏移时间,如果优先级不是0,丢弃报文并立刻成为master
四、vrrp工作过程
①vrrp组中的设备选出master,master会发送arp报文将虚拟mac地址通知相连的主机,从而转发数据
②会给backup周期性的发送vrrp通告报文
③如果master出现故障,vrrp组中的backup设备会重新选举master
④当master设备切换时,新的master会立刻发送携带虚拟路由器的虚拟mac和虚拟ip的arp报文,刷新MAC地址表,从而将流量引到新的master设备上
⑤原master恢复时,优先级为255则直接转变为master,小于255则先变为backup,再恢复原来的优先级
⑥backup设备优先级高于master设备时,由backup工作方式决定是否重新选举(是否配置了抢占)
五、vrrp小实验
先在sw1,sw2,sw3上将端口状态改变
[sw1]int g0/0/1
[sw1-GigabitEthernet0/0/1]dis th
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
[sw2-GigabitEthernet0/0/1]dis th
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
[sw3-GigabitEthernet0/0/1]dis th
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
[sw3-GigabitEthernet0/0/1]int g0/0/2
[sw3-GigabitEthernet0/0/2]dis th
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
[sw3-GigabitEthernet0/0/2]int g0/0/3
[sw3-GigabitEthernet0/0/3]dis th
#
interface GigabitEthernet0/0/3
port link-type access
port default vlan 10
#
[sw3-GigabitEthernet0/0/3]int g0/0/4
[sw3-GigabitEthernet0/0/4]dis th
#
interface GigabitEthernet0/0/4
port link-type access
port default vlan 20
在sw1上配置vlan10的IP地址和vrrp虚拟地址
[sw1-Vlanif10]dis th
#
interface Vlanif10
ip address 192.168.1.252 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.1.254
vrrp vrid 1 priority 110
#
然后配置vlan20的ip地址和vrrp虚拟地址
[sw1-Vlanif20]dis th
#
interface Vlanif20
ip address 192.168.2.253 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.2.254
同理在sw2上配置vlan10的IP地址和vrrp虚拟地址
[sw2-Vlanif10]dis th
#
interface Vlanif10
ip address 192.168.1.253 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.1.254
#
然后配置vlan20的ip地址和vrrp虚拟地址
[sw2-Vlanif20]dis th
#
interface Vlanif20
ip address 192.168.2.252 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.2.254
vrrp vrid 2 priority 110
此时sw1上的vrrp状态为
[sw1-Vlanif20]dis vrrp br
VRID State Interface Type Virtual IP
----------------------------------------------------------------
1 Master Vlanif10 Normal 192.168.1.254
2 Backup Vlanif20 Normal 192.168.2.254
----------------------------------------------------------------
Total:2 Master:1 Backup:1 Non-active:0
[sw1-Vlanif20]
sw2上的vrrp状态为
[sw2-Vlanif20]dis vrrp br
VRID State Interface Type Virtual IP
----------------------------------------------------------------
1 Backup Vlanif10 Normal 192.168.1.254
2 Master Vlanif20 Normal 192.168.2.254
----------------------------------------------------------------
Total:2 Master:1 Backup:1 Non-active:0
[sw2-Vlanif20]
此时pc3,pc4能ping通网关
当断开sw1的g0/0/1时
pc3,pc4同样能ping通网关
六、vrrp+静态路由实验
在R1,R2,R3上配置IP地址,并配置vrrp
[R1-GigabitEthernet0/0/0.1]dis th
[V200R003C00]
#
interface GigabitEthernet0/0/0.1
dot1q termination vid 10
ip address 192.168.1.252 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.1.254
vrrp vrid 1 priority 110
arp broadcast enable
[R1-GigabitEthernet0/0/0.2]dis th
[V200R003C00]
#
interface GigabitEthernet0/0/0.2
dot1q termination vid 20
ip address 192.168.2.253 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.2.254
arp broadcast enable
#
[R2-GigabitEthernet0/0/1.1]dis th
[V200R003C00]
#
interface GigabitEthernet0/0/1.1
dot1q termination vid 10
ip address 192.168.1.253 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.1.254
arp broadcast enable
[R2-GigabitEthernet0/0/1.2]dis th
[V200R003C00]
#
interface GigabitEthernet0/0/1.2
dot1q termination vid 20
ip address 192.168.2.252 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.2.254
vrrp vrid 2 priority 110
arp broadcast enable
[R3-GigabitEthernet0/0/0]dis th
[V200R003C00]
#
interface GigabitEthernet0/0/0
ip address 192.168.10.1 255.255.255.0
#
[R3-GigabitEthernet0/0/1]dis th
[V200R003C00]
#
interface GigabitEthernet0/0/1
ip address 192.168.20.1 255.255.255.0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
在交换机上配置接口状态
interface Ethernet0/0/1
port link-type access
port default vlan 10
#
interface Ethernet0/0/2
port link-type access
port default vlan 20
#
interface Ethernet0/0/3
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/4
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
可以看到R1上在组1是主,组2是从
[R1]dis vrrp br
Total:2 Master:1 Backup:1 Non-active:0
VRID State Interface Type Virtual IP
----------------------------------------------------------------
1 Master GE0/0/0.1 Normal 192.168.1.254
2 Backup GE0/0/0.2 Normal 192.168.2.254
[R1]
可以看到R2上在组2是主,组1是从
[R2]dis vrrp br
Total:2 Master:1 Backup:1 Non-active:0
VRID State Interface Type Virtual IP
----------------------------------------------------------------
1 Backup GE0/0/1.1 Normal 192.168.1.254
2 Master GE0/0/1.2 Normal 192.168.2.254
[R2]
在R1,R2,R3上写静态路由使得pc1,pc2能ping通3.3.3.3
#
ip route-static 0.0.0.0 0.0.0.0 192.168.10.1
#
[R1] dis ip ro
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 15 Routes : 15
Destination/Mask Proto Pre Cost Flags NextHop Interface
0.0.0.0/0 Static 60 0 RD 192.168.10.1 GigabitEthernet
0/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
192.168.1.0/24 Direct 0 0 D 192.168.1.252 GigabitEthernet
0/0/0.1
192.168.1.252/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0.1
192.168.1.254/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0.1
192.168.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0.1
192.168.2.0/24 Direct 0 0 D 192.168.2.253 GigabitEthernet
0/0/0.2
192.168.2.253/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0.2
192.168.2.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0.2
192.168.10.0/24 Direct 0 0 D 192.168.10.2 GigabitEthernet
0/0/1
192.168.10.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
192.168.10.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
[R1]
#
ip route-static 0.0.0.0 0.0.0.0 192.168.20.1
#
[R2]dis ip ro
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 15 Routes : 15
Destination/Mask Proto Pre Cost Flags NextHop Interface
0.0.0.0/0 Static 60 0 RD 192.168.20.1 GigabitEthernet
0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
192.168.1.0/24 Direct 0 0 D 192.168.1.253 GigabitEthernet
0/0/1.1
192.168.1.253/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1.1
192.168.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1.1
192.168.2.0/24 Direct 0 0 D 192.168.2.252 GigabitEthernet
0/0/1.2
192.168.2.252/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1.2
192.168.2.254/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1.2
192.168.2.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1.2
192.168.20.0/24 Direct 0 0 D 192.168.20.2 GigabitEthernet
0/0/0
192.168.20.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
192.168.20.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
[R2]
#
ip route-static 192.168.1.0 255.255.255.0 192.168.10.2
ip route-static 192.168.1.0 255.255.255.0 192.168.20.2
ip route-static 192.168.2.0 255.255.255.0 192.168.10.2
ip route-static 192.168.2.0 255.255.255.0 192.168.20.2
#
<R3>dis ip ro
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 13 Routes : 15
Destination/Mask Proto Pre Cost Flags NextHop Interface
3.3.3.3/32 Direct 0 0 D 127.0.0.1 LoopBack0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
192.168.1.0/24 Static 60 0 RD 192.168.10.2 GigabitEthernet
0/0/0
Static 60 0 RD 192.168.20.2 GigabitEthernet
0/0/1
192.168.2.0/24 Static 60 0 RD 192.168.10.2 GigabitEthernet
0/0/0
Static 60 0 RD 192.168.20.2 GigabitEthernet
0/0/1
192.168.10.0/24 Direct 0 0 D 192.168.10.1 GigabitEthernet
0/0/0
192.168.10.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
192.168.10.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
192.168.20.0/24 Direct 0 0 D 192.168.20.1 GigabitEthernet
0/0/1
192.168.20.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
192.168.20.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
当断开R1和sw1链路后测试,pc1,pc2同样能通信
七、vrrp+mstp实验
首先sw1,sw2,sw3上将接口状态改一下
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
[sw3-GigabitEthernet0/0/1]dis th
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 10
#
[sw3-GigabitEthernet0/0/2]dis th
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
[sw3-GigabitEthernet0/0/3]dis th
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
[sw3-GigabitEthernet0/0/4]dis th
#
interface GigabitEthernet0/0/4
port link-type access
port default vlan 20
#
在sw1,sw2,sw3上配置mstp
[sw1-Vlanif10]dis cu
#
sysname sw1
#
undo info-center enable
#
vlan batch 10 20
#
stp instance 1 root primary
stp instance 2 root secondary
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
stp region-configuration
region-name 1
instance 1 vlan 10
instance 2 vlan 20
active region-configuration
[sw2-Vlanif20]dis cu
#
sysname sw2
#
undo info-center enable
#
vlan batch 10 20
#
stp instance 1 root secondary
stp instance 2 root primary
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
stp region-configuration
region-name 1
instance 1 vlan 10
instance 2 vlan 20
active region-configuration
#
[sw3-GigabitEthernet0/0/4]di cu
#
sysname sw3
#
undo info-center enable
#
vlan batch 10 20
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
stp region-configuration
region-name 1
instance 1 vlan 10
instance 2 vlan 20
active region-configuration
#
在sw3上阻塞端口
[sw3-GigabitEthernet0/0/4] dis stp br
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/1 DESI FORWARDING NONE
0 GigabitEthernet0/0/2 ROOT FORWARDING NONE
0 GigabitEthernet0/0/3 ALTE DISCARDING NONE
0 GigabitEthernet0/0/4 DESI FORWARDING NONE
1 GigabitEthernet0/0/1 DESI FORWARDING NONE
1 GigabitEthernet0/0/2 ALTE DISCARDING NONE
1 GigabitEthernet0/0/3 ROOT FORWARDING NONE
2 GigabitEthernet0/0/2 ROOT FORWARDING NONE
2 GigabitEthernet0/0/3 ALTE DISCARDING NONE
2 GigabitEthernet0/0/4 DESI FORWARDING NONE
在sw1,sw2上配置vrrp
[sw1-Vlanif10] dis th
#
interface Vlanif10
ip address 192.168.1.252 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.1.254
vrrp vrid 1 priority 110
#
[sw1-Vlanif20]dis th
#
interface Vlanif20
ip address 192.168.2.253 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.2.254
#
[sw2-Vlanif10]dis th
#
interface Vlanif10
ip address 192.168.1.253 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.1.254
#
[sw2-Vlanif20]dis th
#
interface Vlanif20
ip address 192.168.2.252 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.2.254
vrrp vrid 2 priority 110
#
可以看到sw1,sw2上的主备设备
[sw1-Vlanif20]dis vrrp br
VRID State Interface Type Virtual IP
----------------------------------------------------------------
1 Master Vlanif10 Normal 192.168.1.254
2 Backup Vlanif20 Normal 192.168.2.254
----------------------------------------------------------------
Total:2 Master:1 Backup:1 Non-active:0
[sw1-Vlanif20]
[sw2-Vlanif20]dis vrrp br
VRID State Interface Type Virtual IP
----------------------------------------------------------------
1 Backup Vlanif10 Normal 192.168.1.254
2 Master Vlanif20 Normal 192.168.2.254
----------------------------------------------------------------
Total:2 Master:1 Backup:1 Non-active:0
[sw2-Vlanif20]
此时pc1能够ping通pc2
最后
以上就是雪白中心为你收集整理的VRRP协议(虚拟路由器冗余协议)及实验一. VRRP概述二、 vrrp术语三、vrrp状态机四、vrrp工作过程五、vrrp小实验六、vrrp+静态路由实验七、vrrp+mstp实验的全部内容,希望文章能够帮你解决VRRP协议(虚拟路由器冗余协议)及实验一. VRRP概述二、 vrrp术语三、vrrp状态机四、vrrp工作过程五、vrrp小实验六、vrrp+静态路由实验七、vrrp+mstp实验所遇到的程序开发问题。
如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。
本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
发表评论 取消回复