VRRP又叫虚拟路由器冗余协议,是一种选择协议,它可以把一个虚拟路由器的责任动态分配到局域网上的 VRRP 路由器中的一台。控制虚拟路由器 IP 地址的 VRRP 路由器称为主路由器,它负责转发数据包到这些虚拟 IP 地址。一旦主路由器不可用,这种选择过程就提供了动态的故障转移机制,这就允许虚拟路由器的 IP 地址可以作为终端主机的默认第一跳路由器。使用 VRRP 的好处是有更高的默认路径的可用性而无需在每个终端主机上配置动态路由或路由发现协议。 VRRP 包封装在 IP 包中发送。
HSRP又叫热备份路由器
协议(Hot Standby Router Protocol),是cisco平台一种特有的技术,热备份路由器
协议(HSRP)的设计目标是支持特定情况下 IP 流量失败转移不会引起混乱、并允许主机使用单路由器,以及即使在实际第一跳路由器使用失败的情形下仍能维护路由器间的连通性。换句话说,当源主机不能动态知道第一跳路由器的 IP 地址时,HSRP 协议能够保护第一跳路由器不出故障。
HSRP是cisco私有协议,VRRP是IETF标准.VRRP协议的工作机理与CISCO公司的HSRP有许多相似之处。但二者主要的区别是在CISCO的HSRP中,需要单独配置一个IP地址作为虚拟路由器对外体现的地址,这个地址不能是组中任何一个成员的接口地址。使用VRRP协议,不用改造目前的网络结构,最大限度保护了当前投资,只需最少的管理费用,却大大提升了网络性能,具有重大的应用价值。
Vrrp应用:
1.拓扑图
2.案例要求:
按照拓扑图搭建网络,实现vlan间通信,跟踪路由信息
3.配置步骤:
R1配置
拆分子端口 封装协议
[r1]int e1.10
[r1-Ethernet1.10]vlan-type dot1q vid 10
[r1-Ethernet1.10]ip add 192.168.10.1 24
[r1-Ethernet1.10]int e1.20
[r1-Ethernet1.20]vlan-ty dot vid 20
[r1-Ethernet1.20]ip add 192.168.20.1 24
创建vrrp组和虚拟路由器ip,设置vrrp组的优先级,确省为100
[r1]vrrp ping-en
[r1]int e1.10
[r1-Ethernet1.10]vrrp vrid 10 virtual-ip 192.168.10.254
[r1-Ethernet1.10]vrrp vrid 10 prio 120
[r1-Ethernet1.10]int e1.20
[r1-Ethernet1.20]vrrp vrid 20 virtual-ip 192.168.20.254
[r1-Ethernet1.20]vrrp vrid 20 prio 100
[r1]dis cu
Now create configuration...
Current configuration
!
version 1.74
local-user user1 service-type administrator password simple 123
sysname r1
undo pos-server addr-switch
firewall enable
aaa-enable
aaa accounting-scheme optional
vrrp ping-enable
!
controller e1 0
!
interface Aux0
async mode flow
link-protocol ppp
!
interface Ethernet0
ip address 192.168.101.14 255.255.255.0
!
interface Ethernet1
!
interface Ethernet1.10
vlan-type dot1q vid 10
ip address 192.168.10.1 255.255.255.0
vrrp vrid 10 virtual-ip 192.168.10.254
vrrp vrid 10 priority 120
!
interface Ethernet1.20
vlan-type dot1q vid 20
ip address 192.168.20.1 255.255.255.0
vrrp vrid 20 virtual-ip 192.168.20.254
!
interface Serial0
link-protocol ppp
!
[r1]dis vrrp
Ethernet1.20 | Virtual Router 20
state : Initialize
Virtual IP : 192.168.20.254
Priority : 100
Preempt : YES Delay Time : 0
Timer : 1
Auth Type : NO
Ethernet1.10 | Virtual Router 10
state : Initialize
Virtual IP : 192.168.10.254
Priority : 120
Preempt : YES Delay Time : 0
Timer : 1
Auth Type : NO
Sw1配置
<s38>system-view
[s38]sysname switch-1
[switch-1]int Ethernet 0/24
[switch-1-Ethernet0/24]port link-type trunk
//设置trunk接口
[switch-1-Ethernet0/24]port trunk permit vlan all
//永许所有vlan通过
Please wait... Done.
[switch-1-Ethernet0/24]int e0/23
[switch-1-Ethernet0/23]port link-type trunk
[switch-1-Ethernet0/23]port trunk permit vlan all
Please wait... Done.
[switch-1-Ethernet0/23]vlan 10
[switch-1-vlan10]po
[switch-1-vlan10]port e
[switch-1-vlan10]port Ethernet 0/5 t
[switch-1-vlan10]port Ethernet 0/5 to 0/10
//加入端口
[switch-1-vlan10]vlan 20
[switch-1-vlan20]po
[switch-1-vlan20]port e
[switch-1-vlan20]port Ethernet 0/11 t
[switch-1-vlan20]port Ethernet 0/11 to e
[switch-1-vlan20]port Ethernet 0/11 to Ethernet 0/15
R2配置同R1
[R2]int eth1.10
[R2-Ethernet1.10]ip add 192.168.10.2 255.255.255.0
[R2-Ethernet1.10]
%01:42:44: Line protocol ip on the interface Ethernet1.10 is UP
[R2-Ethernet1.10]int eth1.20
[r14-Ethernet1.10]ip add 192.168.20.2 255.255.255.0
[r14-Ethernet1.10]vlan-t ?
dot1q Define the VLAN encapsulation format as IEEE 802.1Q
[r14-Ethernet1.10]vlan-t do ?
vid VLAN id
[r14-Ethernet1.10]vlan-t do v ?
INTEGER<1-4094>
IEEE 802.1Q VLAN ID
[r14-Ethernet1.10]vlan-t do v 10 ?
<cr>
[r14-Ethernet1.10]vlan-t do v 10
[r14]int eth 1.20
[r14-Ethernet1.10]vrrp vrid 10 vi 192.168.10.254
[r14-Ethernet1.10]vrrp vrid 10 prio 100
[r14]int eth 1.20
[r14-Ethernet1.20]vrrp vrid 20 virtual-ip 192.168.20.254
[r14-Ethernet1.20]vrrp vrid 20 priority 120
Sw2配置同Sw1
[Quidway]sysname R2
[R2]
[R2]
[R2]vlan 10
[R2-vlan10]por
[R2-vlan10]port eth1/0/5 ?
Ethernet Ethernet interface
to
Range of interfaces
<cr>
[R2-vlan10]port eth1/0/5 to eth1/0/10
[R2-vlan10]qui
[R2]vlan 20
[R2-vlan20]port eth1/0/11 to eth1/0/15
[R2-Ethernet1/0/24]port link-type trunk
[R2-Ethernet1/0/24]port trunk permit vlan all
Please wait........................................... Done.
[R2]int eth1/0/23
[R2-Ethernet1/0/23]port link-type trunk
[R2-Ethernet1/0/23]port trunk permit vlan all
测试结果
Pc1 ping pc2结果
跟踪路由信息
当r1路由器断开时 仍能ping通,跟踪路由信息如下
Hsrp应用:
仍用以上拓扑图,在cisco上实现配置步骤如下
R1配置
Router(config)#hostname r1
r1(config)#lin
r1(config)#line con
r1(config)#line console 0
r1(config-line)#logg
r1(config-line)#logging sy
r1(config-line)#logging synchronous
r1(config-line)#no ex
r1(config-line)#no exec-t
r1(config-line)#no exec-timeout
r1(config)#int f0/0
r1(config-if)#no shu
r1(config-if)#int f0/0.10
r1(config-subif)#encapsulation dot1Q 10 192.168.10.1 255.255.255.0
^
% Invalid input detected at '^' marker.
r1(config-subif)#encapsulation dot1Q 10
r1(config-subif)#ip add 192.168.10.1 255.255.0
% Incomplete command.
r1(config-subif)#ip add 192.168.10.1 255.255.255.0
r1(config-subif)#int f0/0.20
r1(config-subif)#encapsulation dot1Q 20
r1(config-subif)#ip add 192.168.20.1 255.255.255.0
r1(config)#int f0/0.10
r1(config-subif)#standby
r1(config-subif)#standby 10 ip 192.168.10.254
r1(config-subif)#standby 10 pri
r1(config-subif)#standby 10 priority 120
r1(config-subif)#standby 10 ip 192.168.10.254
r1(config-subif)#int f0/0.20
r1(config-subif)#st
r1(config-subif)#standby 20 ip 192.168.20.254
r1(config-subif)#st
r1(config-subif)#standby 20 pri
r1(config-subif)#standby 20 priority 100
R2配置
Router(config)#hostname r2
r2(config)#lin
r2(config)#line co
r2(config)#line console 0
r2(config-line)#logg
r2(config-line)#logging sy
r2(config-line)#logging synchronous
r2(config-line)#no ex
r2(config-line)#no exec-t
r2(config-line)#no exec-timeout
r2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
r2(config)#int f0/0.10
r2(config-subif)#st
r2(config-subif)#standby 10 ip 192.168.10.254
r2(config-subif)#standby 10 priority 100
r2(config-subif)#int f0/0.20
r2(config-subif)#standby 20 ip 192.168.20.254
r2(config-subif)#standby 20 priority 120
Sw1配置
Router(config)#hostname sw1
sw1(config)#no ip rou
sw1(config)#no ip routing
sw1(config)#lin
sw1(config)#line con
sw1(config)#line console 0
sw1(config-line)#logg
sw1(config-line)#logging sy
sw1(config-line)#logging synchronous
sw1(config-line)#no ex
sw1(config-line)#no exec-t
sw1(config-line)#no exec-timeout
sw1(config)#int f0/0
sw1(config-if)#swi
sw1(config-if)#switchport mo
sw1(config-if)#switchport mode tr
sw1(config-if)#switchport mode trunk
sw1(config-if)#int f0/1
sw1(config-if)#sw
sw1(config-if)#switchport mo
sw1(config-if)#switchport mode tr
sw1(config-if)#switchport mode trunk
sw1#vlan database
sw1(vlan)#vlan 10
VLAN 10 added:
Name: VLAN0010
sw1(vlan)#vlan 20
VLAN 20 added:
Name: VLAN0020
sw1(vlan)#exit
sw1(config)#int range f0/3 - f0/10
sw1(config-if-range)#switchport access vlan 10
sw1(config-if-range)#interface range f0/11 - 15
sw1(config-if-range)#switchport access vlan 20
Sw2配置同Sw1 这里就不再展出
pc2ip是20.70 pc1 10.70
测试结果:pc2 ping pc1