一、实验拓扑图如下

 

如何利用华为交换机配置MSTP+VRRP的实验之一_第1张图片 

二、实验简介

从拓扑可以看到,我是利用两个华为S5700作为主备核心,在其上建立vlan 20和30 作为业务vlan,建立vlan100 作为心跳vlan;利用华为S3700作为接入交换机,直接和PC相连,在S3700上建立Vlan20和Vlan30等业务vlan。

三、具体规划配置如下

在S5700-Master规划如下:

1、创建vlan 10

interface vlanif 10 :192.168.10.1  24

Virtual IP : 192.168.10.254

2、创建vlan 20

interface vlanif 20:192.168.20.1 24

Virtual IP : 192.168.20.254

3、创建vlan 100

interface vlanif 100:100.100.100.1 24

4、创建interface Eth-Trunk 1,并配置为Trunk,只允许vlan100通过,将GE0/0/1和GE0/0/2端口加入到Eth-Trunk1中。

5、配置GE0/0/3和GE0/0/4的端口类型为Trunk端口,为了精确只允许业务Vlan通过

在S5700-Backup规划如下:

1、创建vlan 10

interface vlanif 10 :192.168.10.2  24

Virtual IP : 192.168.10.254

2、创建vlan 20

interface vlanif 20:192.168.20.2 24

Virtual IP : 192.168.20.254

3、创建vlan 100

interface vlanif 100:100.100.100.2 24

4、创建interface Eth-Trunk 1,并配置为Trunk,只允许vlan100通过,将GE0/0/1和GE0/0/2端口加入到Eth-Trunk1中。

5、配置GE0/0/3和GE0/0/4的端口类型为Trunk端口,为了精确,只允许业务Vlan通过。

备注:1、在S5700交换机与S3700交换机相连的端口上开启STP,其模式是MSTP,默认的情况下华为交换机是开启的,如果没有开启,请手动开启;

S3700A配置规划如下:

1、创建vlan 10 20 ;

2、将Ethernet0/0/3和Ethernet0/0/4的端口类型为Trunk,只要允许业务vlan10 和vlan20 通过即可;

S3700B配置规划如下:

1、创建vlan 10 20 ;

2、将Ethernet0/0/3和Ethernet0/0/4的端口类型为Trunk,只要允许业务vlan10 和vlan20 通过即可;

四、具体配置如下

1、S5700_Master的配置

dis cu
#
sysname A
#
undo info-center enable
#
vlan batch 10 20 100
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password simple admin
 local-user admin service-type http
#
interface Vlanif1
#
interface Vlanif10
 ip address 192.168.10.1 255.255.255.0
 vrrp vrid 10 virtual-ip 192.168.10.254
 vrrp vrid 10 priority 120
 vrrp vrid 10 preempt-mode timer delay 5
#
interface Vlanif20
 ip address 192.168.20.1 255.255.255.0
 vrrp vrid 20 virtual-ip 192.168.20.254
 vrrp vrid 20 priority 120
 vrrp vrid 20 preempt-mode timer delay 5
#
interface Vlanif100
 ip address 100.100.100.1 255.255.255.0
#
interface MEth0/0/1
#
interface Eth-Trunk1
 port link-type trunk
 port trunk allow-pass vlan 100
#
interface GigabitEthernet0/0/1
 eth-trunk 1
#
interface GigabitEthernet0/0/2
 eth-trunk 1
#
interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/4
 port link-type trunk
 port trunk allow-pass vlan 10 20
interface NULL0
#
user-interface con 0
user-interface vty 0 4
#
return
2、S5700_Backup的配置
dis cu
#
sysname B
#
undo info-center enable
#
vlan batch 10 20 100
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password simple admin
 local-user admin service-type http
#
interface Vlanif1
#
interface Vlanif10
 ip address 192.168.10.2 255.255.255.0
 vrrp vrid 10 virtual-ip 192.168.10.254
#
interface Vlanif20
 ip address 192.168.20.2 255.255.255.0
 vrrp vrid 20 virtual-ip 192.168.20.254
#
interface Vlanif100
 ip address 100.100.100.2 255.255.255.0
#
interface MEth0/0/1
#
interface Eth-Trunk1
 port link-type trunk
 port trunk allow-pass vlan 100
#
interface GigabitEthernet0/0/1
 eth-trunk 1
#
interface GigabitEthernet0/0/2
 eth-trunk 1
#
interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/4
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
user-interface con 0
user-interface vty 0 4
#
return

3、S3700A的配置

dis cu
#
sysname S3700A
#
undo info-center enable
#
vlan batch 10 20
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password simple admin
 local-user admin service-type http
#
interface Vlanif1
#
interface MEth0/0/1
#
interface Ethernet0/0/1
 port link-type access
 port default vlan 10
#
interface Ethernet0/0/2
#
interface Ethernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface Ethernet0/0/4
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
user-interface con 0
user-interface vty 0 4
#
return

4、S3700B的配置如下

dis cu
#
sysname S3700B
#
undo info-center enable
#
vlan batch 10 20
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password simple admin
 local-user admin service-type http
#
interface Vlanif1
#
interface MEth0/0/1
#
interface Ethernet0/0/1
 port link-type access
 port default vlan 20
#
interface Ethernet0/0/2
#
interface Ethernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface Ethernet0/0/4
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
user-interface con 0
user-interface vty 0 4
#
return

五、利用display命令查看VRRP的运行情况
dis vrrp
  Vlanif10 | Virtual Router 10
    State : Backup
    Virtual IP : 192.168.10.254
    Master IP : 192.168.10.1
    PriorityRun : 100
    PriorityConfig : 100
    MasterPriority : 120
    Preempt : YES   Delay Time : 0 s
    TimerRun : 1 s
    TimerConfig : 1 s
    Auth type : NONE
    Virtual MAC : 0000-5e00-010a
    Check TTL : YES
    Config type : normal-vrrp
    Create time : 2012-11-21 17:02:12 UTC-08:00
    Last change time : 2012-11-21 17:05:36 UTC-08:00

  Vlanif20 | Virtual Router 20
    State : Backup
    Virtual IP : 192.168.20.254
    Master IP : 192.168.20.1
    PriorityRun : 100
    PriorityConfig : 100
    MasterPriority : 120
    Preempt : YES   Delay Time : 0 s
    TimerRun : 1 s
    TimerConfig : 1 s
    Auth type : NONE
    Virtual MAC : 0000-5e00-0114
    Check TTL : YES
    Config type : normal-vrrp
    Create time : 2012-11-21 17:02:12 UTC-08:00
    Last change time : 2012-11-21 17:05:36 UTC-08:00


dis vrrp
  Vlanif10 | Virtual Router 10
    State : Master
    Virtual IP : 192.168.10.254
    Master IP : 192.168.10.1
    PriorityRun : 120
    PriorityConfig : 120
    MasterPriority : 120
    Preempt : YES   Delay Time : 5 s
    TimerRun : 1 s
    TimerConfig : 1 s
    Auth type : NONE
    Virtual MAC : 0000-5e00-010a
    Check TTL : YES
    Config type : normal-vrrp
    Create time : 2012-11-21 17:05:18 UTC-08:00
    Last change time : 2012-11-21 17:05:35 UTC-08:00

  Vlanif20 | Virtual Router 20
    State : Master
    Virtual IP : 192.168.20.254
    Master IP : 192.168.20.1
    PriorityRun : 120
    PriorityConfig : 120
    MasterPriority : 120
    Preempt : YES   Delay Time : 5 s
    TimerRun : 1 s
    TimerConfig : 1 s
    Auth type : NONE
    Virtual MAC : 0000-5e00-0114
    Check TTL : YES
    Config type : normal-vrrp
    Create time : 2012-11-21 17:05:18 UTC-08:00
    Last change time : 2012-11-21 17:05:35 UTC-08:00

怎么样,你学会了吗,这个比较简单,可能有不完善的地方,大家看到后可以留言,我必定加以完善。