IP SLA(Internet Protocol Service-Level Agreement)互联网服务等级协议,本实验里通过发送测试报文,测试下一跳是否可达,结合Track实现冗余静态路由的切换。
实验环境:
模拟器:GNS3-1.5.2
路由器IOS 版本:C2691-ADVENTERPRISEK9-M)
交换机IOS版本:(C3640-IK9S-M), Version 12.4(10)
终端:VPCS
------------------------------网络接口配置---------------------------------------------
R1:
R1#sho ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/1 172.16.20.1 YES NVRAM up up
FastEthernet1/0 192.168.1.2 YES NVRAM up up
Tunnel0 172.18.1.2 YES NVRAM up up
R1(config)#interface Tunnel0
ip address 172.18.1.2 255.255.255.0
keepalive 10 3
tunnel source FastEthernet0/1
tunnel destination 10.1.1.4
R2:
R2#sho ip inter bri
Interface IP-Address OK? Method Status Protocol
FastEthernet0/1 192.168.1.3 YES NVRAM up up
FastEthernet1/0 172.16.50.1 YES NVRAM up up
Tunnel0 172.18.2.2 YES NVRAM up up
R2(config)#interface Tunnel0
ip address 172.18.2.2 255.255.255.0
tunnel source FastEthernet1/0
tunnel destination 10.1.1.4
R3:
R3#sh ip int bri
Interface IP-Address OK? Method Status Protocol
FastEthernet0/1 172.16.20.2 YES NVRAM up up
FastEthernet1/0 10.1.1.2 YES NVRAM up up
R4:
R4#show ip int br
Interface IP-Address OK? Method Status Protocol
FastEthernet1/0 172.16.50.2 YES NVRAM up up
FastEthernet1/1 10.1.1.3 YES NVRAM up up
R5:
R5#sh ip int br
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES unset up up
FastEthernet0/1 unassigned YES unset up up
FastEthernet0/10 10.248.0.1 YES NVRAM up up
Vlan10 10.1.1.4 YES NVRAM up up
Tunnel0 172.18.1.1 YES NVRAM up up
Tunnel1 172.18.2.1 YES NVRAM up up
R5(config)#interface Tunnel0
ip address 172.18.1.1 255.255.255.0
tunnel source Vlan10
tunnel destination 172.16.20.1
exit
interface Tunnel1
ip address 172.18.2.1 255.255.255.0
tunnel source Vlan10
tunnel destination 172.16.50.1
Sw1:
sw1#sh ip int br
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES unset up up
FastEthernet0/1 unassigned YES unset up up
FastEthernet0/10 20.1.1.1 YES NVRAM up up
Vlan10 192.168.1.4 YES NVRAM up up
VPCS:
PC1> ip 20.1.1.2/24 20.1.1.1
PC2> ip 10.248.0.2/24 10.248.0.1
--------------------------------------------------IP SLA与静态路由配置命令---------------------------------------------------------------
R1:
R1#conf t
R1(config)#ip sla monitor 10
R1(config-sla-monitor)#type echo protocol ipIcmpEcho 10.1.1.4 source-interface f0/1
R1(config-sla-monitor-echo)#timeout 500
R1(config-sla-monitor-echo)#frequency 2
R1(config-sla-monitor-echo)#exit
R1(config)#ip sla monitor schedule 10 life forever start-time now
R1(config)#track 10 rtr 10 reachability
R1(config-track)#exit
R1(config)#ip route 10.1.1.0 255.255.255.0 172.16.20.2
R1(config)#ip route 10.248.0.0 255.255.255.0 Tunnel0
R1(config)#ip route 20.1.1.0 255.255.255.0 192.168.1.4
R2:
R2#conf t
R2(config)#ip sla monitor 10
R2(config-sla-monitor)#type echo protocol ipIcmpEcho 10.1.1.4 source-interface f1/0
R2(config-sla-monitor-echo)#timeout 500
R2(config-sla-monitor-echo)#frequency 2
R2(config-sla-monitor-echo)#exit
R2(config)#ip sla monitor schedule 10 life forever start-time now
R2(config)#track 10 rtr 10 reachability
R2(config-track)#exit
R2(config)#ip route 10.1.1.0 255.255.255.0 172.16.50.2
R2(config)#ip route 10.248.0.0 255.255.255.0 Tunnel0
R2(config)#ip route 20.1.1.0 255.255.255.0 192.168.1.4
R3:
R3(config)#ip route 10.248.0.0 255.255.255.0 10.1.1.4
R3(config)#ip route 20.1.1.0 255.255.255.0 172.16.20.1
R3(config)#ip route 172.17.1.0 255.255.255.0 172.16.20.1
R3(config)#ip route 192.168.1.0 255.255.255.0 172.16.20.1
R4:
R4(config)#ip route 10.248.0.0 255.255.255.0 10.1.1.4
R4(config)#ip route 20.1.1.0 255.255.255.0 172.16.50.1
R4(config)#ip route 172.17.2.0 255.255.255.0 172.16.50.1
R4(config)#ip route 192.168.1.0 255.255.255.0 172.16.50.1
R5:
R5#conf t
R5(config)#ip sla monitor 10
R5(config(config-sla-monitor)#type echo protocol ipIcmpEcho 172.16.20.1 source-interface Vlan10 //从vlan10 去ping 172.16.20.1
R5 (config-sla-monitor-echo)#timeout 5000 //5秒没有响应,认为掉线
R5 (config-sla-monitor-echo)#frequency 3 //每3秒PING 一次
R5(config)#ip sla monitor schedule 10 life forever start-time now
R5(config)#track 10 rtr 10 reachability
R5(config-track)#exit
R5(config)#ip route 20.1.1.0 255.255.255.0 Tunnel0 track 10
R5(config)#ip route 20.1.1.0 255.255.255.0 Tunnel1 10
R5(config)#ip route 172.16.20.0 255.255.255.0 Vlan10
R5(config)#ip route 172.16.50.0 255.255.255.0 Vlan10
-----------------------------------------------------VRRP配置---------------------------------------------------------------------
R1:
R1(config)#interface FastEthernet1/0
ip address 192.168.1.2 255.255.255.0
vrrp 10 ip 192.168.1.1
vrrp 10 priority 250
standby 1 preempt
vrrp 10 track 10 decrement 100 //当出现SLA出现中断时,把自己的优先级降低100.
R1:
R2(config)#interface FastEthernet0/1
ip address 192.168.1.3 255.255.255.0
vrrp 10 ip 192.168.1.1
vrrp 10 priority 200
-----------------------------------------------------测试---------------------------------------------------------------------
中断master任意节点,切线路自动切换.
在双方设备条件允许情况下,可以使用 BFD检测机制,提供毫秒级检测。大多数情况下,由于网络设备厂商不同、设备新旧程度不同,可能不支持BFD协议,所以IP SLA作为备选方案提供秒级的检测。华为的NQA技术和cisco IP SLA类似。