VRRP和HSRP在企业网中的应用
随着Internet的日益普及,人们对网络的依赖性也越来越强。这同时对网络的稳定性提出了更高的要求,人们自然想到了基于设备的备份结构,就像在服务器中为提高数据的安全性而采用双硬盘结构一样。路由器是整个网络的核心和心脏,如果路由器发生致命性的故障,将导致本地网络的瘫痪,如果是骨干路由器,影响的范围将更大,所造成的损失也是难以估计的。因此,对路由器采用热备份是提高网络可靠性的必然选择。在一个路由器完全不能工作的情况下,它的全部功能便被系统中的另一个备份路由器完全接管,直至出现问题的路由器恢复正常。这就提出了VRRP和HSRP的概念。
一、概念
VRRP
VRRP(Virtual Router Redundancy Protocol,虚拟路由冗余协议)是一种容错协议。通常,一个网络内的所有主机都设置一条缺省路由,这样,主机发出的目的地址不在本网段的报文将被通过缺省路由发往路由器RouterA,从而实现了主机与外部网络的通信。当路由器RouterA 坏掉时,本网段内所有以RouterA 为缺省路由下一跳的主机将断掉与外部的通信。VRRP 就是为解决上述问题而提出的,它为具有多播或广播能力的局域网(如:以太网)设计。VRRP 将局域网的一组路由器(包括一个Master 即活动路由器和若干个Backup 即备份路由器)组织成一个虚拟路由器,称之为一个备份组。这个虚拟的路由器拥有自己的IP 地址10.100.10.1(这个IP 地址可以和备份组内的某个路由器的接口地址相同),备份组内的路由器也有自己的IP 地址(如Master的IP 地址为10.100.10.2,Backup 的IP 地址为10.100.10.3)。局域网内的主机仅仅知道这个虚拟路由器的IP 地址10.100.10.1,而并不知道具体的Master 路由器的IP 地址10.100.10.2 以及Backup 路由器的IP 地址10.100.10.3,它们将自己的缺省路由下一跳地址设置为该虚拟路由器的IP 地址10.100.10.1。于是,网络内的主机就通过这个虚拟的路由器来与其它网络进行通信。如果备份组内的Master 路由器坏掉,Backup 路由器将会通过选举策略选出一个新的Master 路由器,继续向网络内的主机提供路由服务。从而实现网络内的主机不间断地与外部网络进行通信。
虚拟路由器冗余协议(VRRP)是一种选择协议,它可以把一个虚拟路由器的责任动态分配到局域网上的 VRRP 路由器中的一台。控制虚拟路由器 IP 地址的 VRRP 路由器称为主路由器,它负责转发数据包到这些虚拟 IP 地址。一旦主路由器不可用,这种选择过程就提供了动态的故障转移机制,这就允许虚拟路由器的 IP 地址可以作为终端主机的默认第一跳路由器。使用 VRRP 的好处是有更高的默认路径的可用性而无需在每个终端主机上配置动态路由或路由发现协议。 VRRP 包封装在 IP 包中发送。
工作原理
vrrp只定义了一种报文——vrrp报文,这是一种组播报文,由主三层交换机定时发出来通告他的存在。使用这些报文可以检测虚拟三层交换机各种参数,还可以用于主三层交换机的选举。
VRRP中定义了三种状态模型,初始状态Initialize,活动状态Master和备份状态Backup,其中只有活动状态的交换机可以为到虚拟IP地址的的转发请求提供服务。
vrrp报文是封装在IP报文上的,支持各种上层协议,同时VRRP还支持将真实接口IP地址设置为虚拟IP地址。
那么如何从备份组的多台交换机中选举Master?这项工作由我们在备份组内每台交换机上配置的相同IP地址的虚拟交换机完成。
虚拟交换机根据配置的优先级的大小选择主交换机,优先级最大的作为主交换机,状态为Master,若优先级相同(如果交换机没有配置优先级,就采用默认值100),则比较接口的主IP地址,主IP地址大的就成为主交换机,由它提供实际的路由服务。其他交换机作为备份交换机,随时监测主交换机的状态。当主交换机正常工作时,它会每隔一段时间发送一个VRRP组播报文,以通知组内的备份交换机,主交换机处于正常工作状态。如果组内的备份交换机长时间没有接收到来自主交换机的VRRP组播报文,则将自己状态转换为Master。当组内有多台备份交换机,将有可能产生多个主交换机。这时每一个主交换机就会比较VRRP报文中的优先级和自己本地的优先级,如果本地的优先级小于VRRP中的优先级,则将自己的状态转换为Backup,否则保持自己的状态不变。通过这样一个过程,就会将优先级最大的交换机选成新的主交换机,完成VRRP的备份功能。
HSRP
HSRP:热备份路由器协议(HSRP:Hot Standby Router Protocol),是cisco平台一种特有的技术,是cisco的私有协议。该协议中含有多台路由器,对应一个HSRP组。该组中只有一个路由器承担转发用户流量的职责,这就是活动路由器。当活动路由器失效后,备份路由器将承担该职责,成为新的活动路由器。这就是热备份的原理。
实现HSRP的条件是系统中有多台路由器,它们组成一个“热备份组”,这个组形成一个虚拟路由器。在任一时刻,一个组内只有一个路由器是活动的,并由它来转发数据包,如果活动路由器发生了故障,将选择一个备份路由器来替代活动路由器,但是在本网络内的主机看来,虚拟路由器没有改变。所以主机仍然保持连接,没有受到故障的影响,这样就较好地解决了路由器切换的问题。
为了减少网络的数据流量,在设置完活动路由器和备份路由器之后,只有活动路由器和备份路由器定时发送HSRP报文。如果活动路由器失效,备份路由器将接管成为活动路由器。如果备份路由器失效或者变成了活跃路由器,将由另外的路由器被选为备份路由器。
在实际的一个特定的局域网中,可能有多个热备份组并存或重叠。每个热备份组模仿一个虚拟路由器工作,它有一个Well-known-MAC地址和一个IP地址。该IP地址、组内路由器的接口地址、主机在同一个子网内,但是不能一样。当在一个局域网上有多个热备份组存在时,把主机分布到不同的热备份组,可以使负载得到分担。
负责转发数据包的路由器称之为活动路由器(Active Router)。一旦主动路由器出现故障,HSRP 将激活备份路由器(Standby Routers)取代主动路由器。HSRP 协议提供了一种决定使用主动路由器还是备份路由器的机制,并指定一个虚拟的 IP 地址作为网络系统的缺省网关地址。如果主动路由器出现故障,备份路由器(Standby Routers)承接主动路由器的所有任务,并且不会导致主机连通中断现象。
HSRP 运行在 UDP 上,采用端口号1985。路由器转发协议数据包的源地址使用的是实际 IP 地址,而并非虚拟地址,正是基于这一点,HSRP 路由器间能相互识别.
工作原理
HSRP协议利用一个优先级方案来决定哪个配置了HSRP协议的路由器成为默认的主动路由器。如果一个路由器的优先级设置的比所有其他路由器的优先级高,则该路由器成为主动路由器。路由器的缺省优先级是100,所以如果只设置一个路由器的优先级高于100,则该路由器将成为主动路由器。
通过在设置了HSRP协议的路由器之间广播HSRP优先级,HSRP协议选出当前的主动路由器。当在预先设定的一段时间内主动路由器不能发送hello消息时,优先级最高的备用路由器变为主动路由器。路由器之间的包传输对网络上的所有主机来说都是透明的。
配置了HSRP协议的路由器交换以下三种多点广播消息:
Hello———hello消息通知其他路由器发送路由器的HSRP优先级和状态信息,HSRP路由器默认为每3秒钟发送一个hello消息;
Coup———当一个备用路由器变为一个主动路由器时发送一个coup消息;
Resign———当主动路由器要宕机或者当有优先级更高的路由器发送hello消息时,主动路由器发送一个resign消息。在任一时刻,配置了HSRP协议的路由器都将处于以下五种状态之一:
Initial———HSRP启动时的状态,HSRP还没有运行,一般是在改变配置或端口刚刚启动时进入该状态。
Listen———路由器已经得到了虚拟IP地址,但是它既不是活动路由器也不是等待路由器。它一直监听从活动路由器和等待路由器发来的HELLO报文。
Speak———在该状态下,路由器定期发送HELLO报文,并且积极参加活动路由器或等待路由器的竞选。
Standby———当主动路由器失效时路由器准备接管包传输功能。
Active———路由器执行包传输功能。
VRRP协议的工作机理与CISCO公司的HSRP(Hot Standby Routing Protocol)有许多相似之处。但二者主要的区别是在CISCO的HSRP中,需要单独配置一个IP地址作为虚拟路由器对外体现的地址,这个地址不能是组中任何一个成员的接口地址。 使用VRRP协议和HSRP协议,不用改造目前的网络结构,最大限度保护了当前投资,只需最少的管理费用,却大大提升了网络性能,具有重大的应用价值。
案例1:VRRP的应用 (基于H3C设备)
描述:R1在vlan 10区域担任主路由器。
R2在vlan 20区域担任主路由器。
拓扑图
R1
E0.10 192.168.10.1 /24
E0.20 192.168.20.1 /24
R2
E0.10 192.168.10.2 /24
E0.20 192.168.20.2 /24
VRRP 10 虚拟 ip 为192.168.10.254
VRRP 20 虚拟 ip 为192.168.20.254
vlan 10 PC10主机地址为192.168.10.100
vlan 20 PC20主机地址为192.168.20.100
配置: R1
[R1]dis cu
Now create configuration...
Current configuration
!
version 1.74
local-user user1 service-type administrator password simple 123
sysname R1
firewall enable
aaa-enable
aaa accounting-scheme optional
!
interface Aux0
async mode flow
link-protocol ppp
!
interface Ethernet0
!
interface Ethernet0.10
vlan-type dot1q vid 10
ip address 192.168.10.1 255.255.255.0
vrrp vrid 10 virtual-ip 192.168.10.254
vrrp vrid 10 priority 120
!
interface Ethernet0.20
vlan-type dot1q vid 20
ip address 192.168.20.1 255.255.255.0
vrrp vrid 20 virtual-ip 192.168.20.254
!
interface Ethernet1
!
interface Serial0
link-protocol ppp
!
interface Serial1
link-protocol ppp
!
interface Async0
R2
[R2]dis cu
Now create configuration...
Current configuration
!
version 1.74
local-user user1 service-type administrator password simple 123
sysname R2
firewall enable
aaa-enable
aaa accounting-scheme optional
!
interface Aux0
async mode flow
link-protocol ppp
!
interface Ethernet0
!
interface Ethernet0.10
vlan-type dot1q vid 10
ip address 192.168.10.2 255.255.255.0
vrrp vrid 10 virtual-ip 192.168.10.254
!
interface Ethernet0.20
vlan-type dot1q vid 20
ip address 192.168.20.2 255.255.255.0
vrrp vrid 20 virtual-ip 192.168.20.254
vrrp vrid 20 priority 120
!
interface Ethernet1
!
interface Serial0
link-protocol ppp
!
interface Serial1
link-protocol ppp
!
return
S1
[S1]dis cu
#
sysname S1
#
radius scheme system
server-type huawei
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
domain system
radius-scheme system
access-limit disable
state active
vlan-assignment-mode integer
idle-cut disable
self-service-url disable
messenger time disable
domain default enable system
#
local-server nas-ip 127.0.0.1 key huawei
local-user user1
password simple 123
service-type telnet level 3
#
stp enable
#
queue-scheduler wrr 1 2 4 8
#
web set-package force flash:/wnm2.2.2-0001.zip
#
vlan 1
#
vlan 10
#
vlan 20
#
interface Aux0/0
#
interface Ethernet0/1
port link-type trunk
port trunk permit vlan all
#
interface Ethernet0/2
port access vlan 10
#
interface Ethernet0/3
port access vlan 10
#
interface Ethernet0/4
port access vlan 10
#
interface Ethernet0/5
port access vlan 10
#
interface Ethernet0/6
port access vlan 10
#
interface Ethernet0/7
port access vlan 10
#
interface Ethernet0/8
port access vlan 10
#
interface Ethernet0/9
port access vlan 10
#
interface Ethernet0/10
port access vlan 10
#
interface Ethernet0/11
port access vlan 20
#
interface Ethernet0/12
port access vlan 20
#
interface Ethernet0/13
port access vlan 20
#
interface Ethernet0/14
port access vlan 20
#
interface Ethernet0/15
port access vlan 20
#
interface Ethernet0/16
port access vlan 20
#
interface Ethernet0/17
port access vlan 20
#
interface Ethernet0/18
port access vlan 20
#
interface Ethernet0/19
port access vlan 20
#
interface Ethernet0/20
port access vlan 20
#
interface Ethernet0/21
#
interface Ethernet0/22
#
interface Ethernet0/23
port link-type trunk
port trunk permit vlan all
#
interface Ethernet0/24
#
interface Ethernet0/25
#
interface NULL0
#
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
S2
<S2>dis cu
#
sysname S2
#
radius scheme system
server-type huawei
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
domain system
radius-scheme system
access-limit disable
state active
idle-cut disable
self-service-url disable
messenger time disable
domain default enable system
#
local-server nas-ip 127.0.0.1 key huawei
local-user user1
password simple 123
service-type telnet level 3
#
stp enable
#
vlan 1
#
vlan 10
#
vlan 20
# #
interface Vlan-interface2
#
interface Aux0/0
#
interface Ethernet0/1
port link-type trunk
port trunk permit vlan all
#
interface Ethernet0/2
port access vlan 10
#
interface Ethernet0/3
port access vlan 10
#
interface Ethernet0/4
port access vlan 10
#
interface Ethernet0/5
port access vlan 10
#
interface Ethernet0/6
port access vlan 10
#
interface Ethernet0/7
port access vlan 10
#
interface Ethernet0/8
port access vlan 10
#
interface Ethernet0/9
port access vlan 10
#
interface Ethernet0/10
port access vlan 10
#
interface Ethernet0/11
port access vlan 20
#
interface Ethernet0/12
port access vlan 20
#
interface Ethernet0/13
port access vlan 20
#
interface Ethernet0/14
port access vlan 20
#
interface Ethernet0/15
port access vlan 20
#
interface Ethernet0/16
port access vlan 20
#
interface Ethernet0/17
port access vlan 20
#
interface Ethernet0/18
port access vlan 20
#
interface Ethernet0/19
port access vlan 20
#
interface Ethernet0/20
port access vlan 20
#
interface Ethernet0/21
#
interface Ethernet0/22
#
interface Ethernet0/23
port link-type trunk
port trunk permit vlan all
#
interface Ethernet0/24
#
interface NULL0
#
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
测试: R1
[R1]dis vrrp
Ethernet0.10 | Virtual Router 10
state : Master
Virtual IP : 192.168.10.254
Priority : 120
Preempt : YES Delay Time : 0
Timer : 1
Auth Type : NO
Ethernet0.20 | Virtual Router 20
state : Backup
Virtual IP : 192.168.20.254
Priority : 100
Preempt : YES Delay Time : 0
Timer : 1
Auth Type : NO
R2
R2]dis vrrp
Ethernet0.10 | Virtual Router 10
state : Backup
Virtual IP : 192.168.10.254
Priority : 100
Preempt : YES Delay Time : 0
Timer : 1
Auth Type : NO
Ethernet0.20 | Virtual Router 20
state : Master
Virtual IP : 192.168.20.254
Priority : 120
Preempt : YES Delay Time : 0
Timer : 1
Auth Type : NO
PC 10
PC 20
描述: 案例2 :HSRP和MSTP的综合应用 (思科设备)
描述:vlan10在Instance 1中。其中S1担任根交换机。R1在vlan 10区域担任主路由器。
vlan 20在Instance 2中。其中S2担任根交换机。R2在vlan 20区域担任主路由器
拓扑图
R1
F0/0.10 192.168.10.3 /24
F0/0.20 192.168.20.3 /24
R2
F0/0.10 192.168.10.2 /24
F0/0.20 192.168.20.2 /24
HSRP 10 虚拟 ip 为192.168.10.1
HSRP 20 虚拟 ip 为192.168.20.1
vlan 10 PC10主机地址为192.168.10.100
vlan 20 PC20主机地址为192.168.20.100
配置: R1
R1#show run
Building configuration...
Current configuration : 854 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.10.3 255.255.255.0
standby 10 ip 192.168.10.1
standby 10 priority 120 //调高优先级
standby 10 preempt //启动抢占模式
!
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 192.168.20.3 255.255.255.0
standby 20 ip 192.168.20.1
!
ip http server
no ip http secure-server
control-plane
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
!
end
R1#
R2
R2#show run
Building configuration...
Current configuration : 854 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.10.2 255.255.255.0
standby 10 ip 192.168.10.1
!
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 192.168.20.2 255.255.255.0
standby 20 ip 192.168.20.1
standby 20 priority 120
standby 20 preempt
!
ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
!
end
R2#
SW1
SW1#show run
Building configuration...
Current configuration : 1198 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SW1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
!
!
spanning-tree vlan 10 priority 4096 //在vlan10中的优先级为4096
!
!
interface Port-channel1
switchport mode trunk
interface FastEthernet0/0
switchport mode trunk
!
interface FastEthernet0/1
switchport mode trunk
channel-group 1 mode on
!
interface FastEthernet0/2
switchport mode trunk
channel-group 1 mode on
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
switchport mode trunk
!
interface FastEthernet0/15
switchport mode trunk
!
interface Vlan1
no ip address
!
ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
!
end
SW1#
SW2
SW2#show run
Building configuration...
Current configuration : 1198 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SW2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
!
spanning-tree vlan 20 priority 4096 //在vlan20中的优先级为4096
interface Port-channel1
switchport mode trunk
!
interface FastEthernet0/0
switchport mode trunk
!
interface FastEthernet0/1
switchport mode trunk
channel-group 1 mode on
!
interface FastEthernet0/2
switchport mode trunk
channel-group 1 mode on
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
switchport mode trunk
!
interface FastEthernet0/15
switchport mode trunk
!
interface Vlan1
no ip address
!
ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
!
end
SW2#
SW3
SW3#show run
Building configuration...
Current configuration : 1384 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SW3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
!
interface FastEthernet0/0
!
interface FastEthernet0/1
switchport access vlan 10
!
interface FastEthernet0/2
switchport access vlan 10
!
interface FastEthernet0/3
switchport access vlan 10
!
interface FastEthernet0/4
switchport access vlan 10
!
interface FastEthernet0/5
switchport access vlan 10
!
interface FastEthernet0/6
switchport access vlan 20
!
interface FastEthernet0/7
switchport access vlan 20
!
interface FastEthernet0/8
switchport access vlan 20
!
interface FastEthernet0/9
switchport access vlan 20
!
interface FastEthernet0/10
switchport access vlan 20
!
interface FastEthernet0/11
switchport access vlan 20
!
interface FastEthernet0/12
switchport access vlan 20
!
interface FastEthernet0/13
!
interface FastEthernet0/14
switchport mode trunk
!
interface FastEthernet0/15
switchport mode trunk
!
interface Vlan1
no ip address
!
interface Vlan10
no ip address
!
interface Vlan20
no ip address
!
ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
!
end
SW3#
SW4
SW4#show run
Building configuration...
Current configuration : 1384 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SW4
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
interface FastEthernet0/0
!
interface FastEthernet0/1
switchport access vlan 10
!
interface FastEthernet0/2
switchport access vlan 10
!
interface FastEthernet0/3
switchport access vlan 10
!
interface FastEthernet0/4
switchport access vlan 10
!
interface FastEthernet0/5
switchport access vlan 10
!
interface FastEthernet0/6
switchport access vlan 20
!
interface FastEthernet0/7
switchport access vlan 20
!
interface FastEthernet0/8
switchport access vlan 20
!
interface FastEthernet0/9
switchport access vlan 20
!
interface FastEthernet0/10
switchport access vlan 20
!
interface FastEthernet0/11
switchport access vlan 20
!
interface FastEthernet0/12
switchport access vlan 20
!
interface FastEthernet0/13
!
interface FastEthernet0/14
switchport mode trunk
!
interface FastEthernet0/15
switchport mode trunk
!
interface Vlan1
no ip address
!
interface Vlan10
no ip address
!
interface Vlan20
no ip address
!
ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
!
end
SW4#
PC10
设置ip地址为192.168.10.100 网关为192.168.10.1
PC20
设置ip地址为192.168.20.100 网关为192.168.20.1
测试: R1
R1#show standby
FastEthernet0/0.10 - Group 10
State is Active
2 state changes, last state change 00:18:34
Virtual IP address is 192.168.10.1
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.732 secs
Preemption enabled
Active router is local
Standby router is 192.168.10.2, priority 100 (expires in 8.452 sec)
Priority 120 (configured 120)
IP redundancy name is "hsrp-Fa0/0.10-10" (default)
FastEthernet0/0.20 - Group 20
State is Standby
4 state changes, last state change 00:02:23
Virtual IP address is 192.168.20.1
Active virtual MAC address is 0000.0c07.ac14
Local virtual MAC address is 0000.0c07.ac14 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.740 secs
Preemption disabled
Active router is 192.168.20.2, priority 120 (expires in 9.720 sec)
Standby router is local
Priority 100 (default 100)
IP redundancy name is "hsrp-Fa0/0.20-20" (default)
R2
R2#show standby
FastEthernet0/0.10 - Group 10
State is Standby
1 state change, last state change 00:18:15
Virtual IP address is 192.168.10.1
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.212 secs
Preemption disabled
Active router is 192.168.10.3, priority 120 (expires in 7.516 sec)
Standby router is local
Priority 100 (default 100)
IP redundancy name is "hsrp-Fa0/0.10-10" (default)
FastEthernet0/0.20 - Group 20
State is Active
2 state changes, last state change 00:04:23
Virtual IP address is 192.168.20.1
Active virtual MAC address is 0000.0c07.ac14
Local virtual MAC address is 0000.0c07.ac14 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.500 secs
Preemption enabled
Active router is local
Standby router is 192.168.20.3, priority 100 (expires in 7.404 sec)
Priority 120 (configured 120)
IP redundancy name is "hsrp-Fa0/0.20-20" (default)
SW1
VLAN10 is executing the ieee compatible Spanning Tree protocol
Bridge Identifier has priority 4096, address cc00.1090.0001
Configured hello time 2, max age 20, forward delay 15
We are the root of the spanning tree
Topology change flag not set, detected flag not set
Number of topology changes 5 last change occurred 00:33:05 ago
from Port-channel1
Times: hold 1, topology change 35, notification 2
hello 2, max age 20, forward delay 15
Timers: hello 0, topology change 0, notification 0, aging 300
VLAN20 is executing the ieee compatible Spanning Tree protocol
Bridge Identifier has priority 32768, address cc00.1090.0002
Configured hello time 2, max age 20, forward delay 15
Current root has priority 4096, address cc00.10c4.0002
Root port is 321 (Port-channel1), cost of root path is 12
Topology change flag not set, detected flag not set
Number of topology changes 5 last change occurred 00:32:09 ago
from FastEthernet0/14
Times: hold 1, topology change 35, notification 2
hello 2, max age 20, forward delay 15
Timers: hello 0, topology change 0, notification 0, aging 300
SW2
VLAN10 is executing the ieee compatible Spanning Tree protocol
Bridge Identifier has priority 32768, address cc00.10c4.0001
Configured hello time 2, max age 20, forward delay 15
Current root has priority 4096, address cc00.1090.0001
Root port is 321 (Port-channel1), cost of root path is 12
Topology change flag not set, detected flag not set
Number of topology changes 9 last change occurred 00:36:02 ago
from FastEthernet0/15
Times: hold 1, topology change 35, notification 2
hello 2, max age 20, forward delay 15
Timers: hello 0, topology change 0, notification 0, aging 300
VLAN20 is executing the ieee compatible Spanning Tree protocol
Bridge Identifier has priority 4096, address cc00.10c4.0002
Configured hello time 2, max age 20, forward delay 15
We are the root of the spanning tree
Topology change flag not set, detected flag not set
Number of topology changes 4 last change occurred 00:36:36 ago
from FastEthernet0/15
Times: hold 1, topology change 35, notification 2
hello 2, max age 20, forward delay 15
Timers: hello 1, topology change 0, notification 0, aging 300
SW3
VLAN10 is executing the ieee compatible Spanning Tree protocol
Bridge Identifier has priority 32768, address cc00.0e6c.0001
Configured hello time 2, max age 20, forward delay 15
Current root has priority 4096, address cc00.1090.0001
Root port is 16 (FastEthernet0/15), cost of root path is 19
Topology change flag not set, detected flag not set
Number of topology changes 10 last change occurred 00:38:44 ago
from FastEthernet0/14
Times: hold 1, topology change 35, notification 2
hello 2, max age 20, forward delay 15
Timers: hello 0, topology change 0, notification 0, aging 300
Port 2 (FastEthernet0/1) of VLAN10 is forwarding
Port path cost 19, Port priority 128, Port Identifier 128.2.
Designated root has priority 4096, address cc00.1090.0001
Designated bridge has priority 32768, address cc00.0e6c.0001
Designated port id is 128.2, designated path cost 19
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 3421, received 0
Port 15 (FastEthernet0/14) of VLAN10 is blocking
Port path cost 19, Port priority 128, Port Identifier 128.15.
Designated root has priority 4096, address cc00.1090.0001
Designated bridge has priority 32768, address cc00.10c4.0001
Designated port id is 128.15, designated path cost 12
Timers: message age 3, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 13, received 1184
Port 16 (FastEthernet0/15) of VLAN10 is forwarding
Port path cost 19, Port priority 128, Port Identifier 128.16.
Designated root has priority 4096, address cc00.1090.0001
Designated bridge has priority 4096, address cc00.1090.0001
Designated port id is 128.16, designated path cost 0
Timers: message age 1, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 34, received 1164
VLAN20 is executing the ieee compatible Spanning Tree protocol
Bridge Identifier has priority 32768, address cc00.0e6c.0002
Configured hello time 2, max age 20, forward delay 15
Current root has priority 4096, address cc00.10c4.0002
Root port is 15 (FastEthernet0/14), cost of root path is 19
Topology change flag not set, detected flag not set
Number of topology changes 2 last change occurred 00:38:55 ago
from FastEthernet0/15
Times: hold 1, topology change 35, notification 2
hello 2, max age 20, forward delay 15
Timers: hello 0, topology change 0, notification 0, aging 300
Port 15 (FastEthernet0/14) of VLAN20 is forwarding
Port path cost 19, Port priority 128, Port Identifier 128.15.
Designated root has priority 4096, address cc00.10c4.0002
Designated bridge has priority 4096, address cc00.10c4.0002
Designated port id is 128.15, designated path cost 0
Timers: message age 2, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 12, received 1188
Port 16 (FastEthernet0/15) of VLAN20 is blocking
Port path cost 19, Port priority 128, Port Identifier 128.16.
Designated root has priority 4096, address cc00.10c4.0002
Designated bridge has priority 32768, address cc00.1090.0002
Designated port id is 128.16, designated path cost 12
Timers: message age 3, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 31, received 1170
SW4
VLAN10 is executing the ieee compatible Spanning Tree protocol
Bridge Identifier has priority 32768, address cc00.1784.0002
Configured hello time 2, max age 20, forward delay 15
Current root has priority 4096, address cc00.1090.0001
Root port is 15 (FastEthernet0/14), cost of root path is 19
Topology change flag not set, detected flag not set
Number of topology changes 2 last change occurred 00:41:26 ago
from FastEthernet0/15
Times: hold 1, topology change 35, notification 2
hello 2, max age 20, forward delay 15
Timers: hello 0, topology change 0, notification 0, aging 300
Port 15 (FastEthernet0/14) of VLAN10 is forwarding
Port path cost 19, Port priority 128, Port Identifier 128.15.
Designated root has priority 4096, address cc00.1090.0001
Designated bridge has priority 4096, address cc00.1090.0001
Designated port id is 128.15, designated path cost 0
Timers: message age 1, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 50, received 1245
Port 16 (FastEthernet0/15) of VLAN10 is blocking
Port path cost 19, Port priority 128, Port Identifier 128.16.
Designated root has priority 4096, address cc00.1090.0001
Designated bridge has priority 32768, address cc00.10c4.0001
Designated port id is 128.16, designated path cost 12
Timers: message age 2, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 27, received 1263
VLAN20 is executing the ieee compatible Spanning Tree protocol
Bridge Identifier has priority 32768, address cc00.1784.0001
Configured hello time 2, max age 20, forward delay 15
Current root has priority 4096, address cc00.10c4.0002
Root port is 16 (FastEthernet0/15), cost of root path is 19
Topology change flag not set, detected flag not set
Number of topology changes 5 last change occurred 00:41:28 ago
from FastEthernet0/14
Times: hold 1, topology change 35, notification 2
hello 2, max age 20, forward delay 15
Timers: hello 0, topology change 0, notification 0, aging 300
Port 12 (FastEthernet0/11) of VLAN20 is forwarding
Port path cost 19, Port priority 128, Port Identifier 128.12.
Designated root has priority 4096, address cc00.10c4.0002
Designated bridge has priority 32768, address cc00.1784.0001
Designated port id is 128.12, designated path cost 19
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 3346, received 0
Port 15 (FastEthernet0/14) of VLAN20 is blocking
Port path cost 19, Port priority 128, Port Identifier 128.15.
Designated root has priority 4096, address cc00.10c4.0002
Designated bridge has priority 32768, address cc00.1090.0002
Designated port id is 128.15, designated path cost 12
Timers: message age 2, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 47, received 1244
Port 16 (FastEthernet0/15) of VLAN20 is forwarding
Port path cost 19, Port priority 128, Port Identifier 128.16.
Designated root has priority 4096, address cc00.10c4.0002
Designated bridge has priority 4096, address cc00.10c4.0002
Designated port id is 128.16, designated path cost 0
Timers: message age 1, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 28, received 1263
PC10
PC10#ping 192.168.20.100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.20.100, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/92/140 ms
PC10#traceroute 192.168.20.100
Type escape sequence to abort.
Tracing the route to 192.168.20.100
1 192.168.10.3 80 msec 64 msec 44 msec
2 192.168.20.100 56 msec * 124 msec
PC20
PC20#ping 192.168.10.100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.10.100, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/52/84 ms
PC20#traceroute 192.168.10.100
Type escape sequence to abort.
Tracing the route to 192.168.10.100
1 192.168.20.2 72 msec 80 msec 40 msec
2 192.168.10.100 164 msec * 100 msec