Cisco HSRP的配置 双机热备经典案例

HSRP一般用于两台,也可以用于多台。必须在每台起HSRP上的路由器上配置。

   When the HSRP is configured on a network segment, it provides a virtual Media Access Control (MAC) address and an IP address that is shared among routers in a groupof routers that is running HSRP. One of these devices is selected by the protocol to be the active router. The active router receives and routes packets destined for the group's MAC address. For n routers running HSRP, there are n + 1 IP and MAC addresses assigned.

   但是aceive只有一台,standby只有一台,其实其他的都在监听状态。所以zyx说的是处在active和standby的状态的只有两台。

   附一个配置实例:

   version 12.0
   service timestamps debug uptime
   service timestamps log uptime
   no service password-encryption
   !
   hostname r1
   !
   enable password cisco
   !
   ip subnet-zero (新版的IOS都支持全0/1子网)
   !
   !
   !
   !
   interface Ethernet0
   ip address 136.147.107.101 255.255.0.0
   no ip redirects
   no ip directed-broadcast
   standby 150 timers 5 15      /* 定义150组5秒交换一次hello信息,15秒没收到    hello信息就开始切换 */
   standby 150 priority 110 /* 定义150组的主路由器权值,值越大,为主路由器希望越大 */
   standby 150 preempt /* enable 150组的hsrp抢占功能 */
   standby 150 authentication cisco     /* 设置150组的router身份验证串 */
   standby 150 ip 136.147.107.100 /* 定义150组的浮动地址,也是这台router
   连接的网络的网关
*/
   standby 150 track Ethernet0 /* 定义监控的端口 */
   !
   interface Serial0
   no ip address
   no ip directed-broadcast
   no ip mroute-cache
   shutdown
   no fair-queue
   !
   ip classless
   !
   !
   line con 0
   transport input none
   line 1 16
   line aux 0
   line vty 0 4
   password cisco
   login
   !
   end


配置基本HSRP例子:

   提问 "当主用路由器当掉以后备份路由器可以接管主用路由器的IP地址和MAC地址

   回答

   Router1:
   Router1#configure terminal
   Enter configuration commands, one per line.    End with CNTL/Z.
   Router1(config)#interface FastEthernet 0/1
   Router1(config-if)#ip address 172.22.1.3 255.255.255.0
   Router1(config-if)#standby 1 ip 172.22.1.1
   Router1(config-if)#standby 1 priority 120
   Router1(config-if)#exit
   Router1(config)#end
   Router1#
   Router2:
   Router2#configure terminal
   Enter configuration commands, one per line.    End with CNTL/Z.
   Router2(config)#interface FastEthernet 1/0
   Router2(config-if)#ip address 172.22.1.2 255.255.255.0
   Router2(config-if)#standby 1 ip 172.22.1.1
   Router2(config-if)#standby 1 priority 110 (默认priority is 100)
   Router2(config-if)#exit
   Router2(config)#end
   Router2#

   注释 由于HSRP虚拟出来的MAC地址跟组相关,所以可能会出现同一交换机收到多个相同的MAC地址的情况,这时候就需要用standby 1 mac-address 0000.0c07.ad01 命令来人工指定一个MAC地址

   提问 强制某个路由器启动后一直在组中处于主用状态

   回答

   Router1#configure terminal
   Enter configuration commands, one per line.    End with CNTL/Z.
   Router1(config)#interface FastEthernet 0/1
   Router1(config-if)#standby 1 ip 172.22.1.1
   Router1(config-if)#standby 1 priority 120
   Router1(config-if)#standby 1 preempt
   Router1(config-if)#exit
   Router1(config)#end
   Router1#
   Router2#configure terminal
   Enter configuration commands, one per line.    End with CNTL/Z.
   Router2(config)#interface FastEthernet 1/0
   Router2(config-if)#standby 1 ip 172.22.1.1
   Router2(config-if)#standby 1 priority 110
   Router2(config-if)#standby 1 preempt       delay 60 (最好有时延)
   Router2(config-if)#exit
   Router2(config)#end
   Router2#

   注释 正常情况下当LAN端口up后就会发生强占,而此时可能网络还没有收敛,所以建议配置强占延迟时间,让路由器启动后过一段时间再发起强占standby 1 preempt delay 60

   22.3.    配置HSRP对接口问题追踪的支持

   提问 当主用路由器的上联端口出现问题后主动切换到备用路由器

   回答

   Router1#configure terminal
   Enter configuration commands, one per line.    End with CNTL/Z.
   Router1(config)#interface FastEthernet0/1
   Router1(config-if)#standby 1 ip 172.22.1.1
   Router1(config-if)#standby 1 priority 120
   Router1(config-if)#standby 1 preempt
   Router1(config-if)#standby 1 track Serial0/0 20
   Router1(config-if)#exit
   Router1(config)#end
   Router1#

   从12.2(15)T后引入更多可追踪实例

   Router1#configure terminal
   Enter configuration commands, one per line.    End with CNTL/Z.
   Router1(config)#track 11 interface Serial1/1 ip routing
   Router1(config-track)#exit
   Router1(config)#interface FastEthernet0/0
   Router1(config-if)#standby 1 ip 172.22.1.1
   Router1(config-if)#standby 1 priority 120
   Router1(config-if)#standby 1 preempt
   Router1(config-if)#standby 1 track 11 decrement 50
   Router1(config-if)#end
   Router1#

   注释 Router1#show track

   Track 11
    Interface Serial1/1 ip routing
    IP routing is Down (hw admin-down, ip disabled)
     1 change, last change 00:12:48
    Tracked by:
      HSRP FastEthernet0/0 1
   22.4.    HSRP负载均衡

   提问 在两台或者多台HSRP路由器上实现流量的负载均衡

   回答

   Router1#configure terminal
   Enter configuration commands, one per line.    End with CNTL/Z.
   Router1(config)#interface FastEthernet0/1
   Router1(config-if)#ip address 172.22.1.3 255.255.255.0
   Router1(config-if)#standby 1 ip 172.22.1.1
   Router1(config-if)#standby 1 priority 120
   Router1(config-if)#standby 1 preempt
   Router1(config-if)#standby 2 ip 172.22.1.2
   Router1(config-if)#standby 2 priority 110
   Router1(config-if)#standby 2 preempt
   Router1(config-if)#exit
   Router1(config)#end
   Router1#
   Router2#configure terminal
   Enter configuration commands, one per line.    End with CNTL/Z.
   Router2(config)#interface FastEthernet1/0
   Router2(config-if)#ip address 172.22.1.4 255.255.255.0
   Router2(config-if)#standby 1 ip 172.22.1.1
   Router2(config-if)#standby 1 priority 110
   Router2(config-if)#standby 1 preempt
   Router2(config-if)#standby 2 ip 172.22.1.2
   Router2(config-if)#standby 2 priority 120
   Router2(config-if)#standby 2 preempt
   Router2(config-if)#exit
   Router2(config)#end
   Router2#

   注释 由于出现两个网关,所以需要在终端设备上分开配置各自的缺省网关。

   22.5.    HSRP中ICMP重定向

   提问 在HSRP中启用ICMP重定向

   回答

   Router2#configure terminal
   Enter configuration commands, one per line.    End with CNTL/Z.
   Router2(config)#interface FastEthernet 1/0
   Router2(config-if)#no ip redirects
   Router2(config-if)#standby redirects disable
   Router2(config-if)#exit
   Router2(config)#end
   Router2#

   注释

   22.6.    调整HSRP定时器

   提问 调整备份路由器接管主用路由器所需时长

   回答

   Router1#configure terminal
   Enter configuration commands, one per line.    End with CNTL/Z.
   Router1(config)#interface FastEthernet0/1
   Router1(config-if)#standby 1 ip 172.22.1.1
   Router1(config-if)#standby 1 priority 120
   Router1(config-if)#standby 1 preempt
   Router1(config-if)#standby 1 timers 1 3
   Router1(config-if)#exit
   Router1(config)#end
   Router1#

   注释 缺省Hello包时长为3秒,10秒后会接管,如果主用路由器调整时长,整个组内的路由器都要调整为相同的时长。最短可以到达毫秒Router1(config-if)#standby 1 timers msec 100 msec 300

   22.7.    在令牌环网络中使用HSRP

   提问 在令牌环网络中配置HSRP

   回答

   如果只用IP协议配置同前面例子,如果还有其他协议,特别是使用了source-route bridging就用下面的配置方法

   Router1#configure terminal
   Enter configuration commands, one per line.    End with CNTL/Z.
   Router1(config)#interface Tokenring0
   Router1(config-if)#ip address 172.22.1.3
   Router1(config-if)#standby ip 172.22.1.1
   Router1(config-if)#standby use-bia
   Router1(config-if)#standby priority 120
   Router1(config-if)#standby preempt
   Router1(config-if)#exit
   Router1(config)#end
   Router1#
   Router2#configure terminal
   Enter configuration commands, one per line.    End with CNTL/Z.
   Router2(config)#interface Tokenring0
   Router2(config-if)#ip address 172.22.1.2
   Router2(config-if)#standby ip 172.22.1.1
   Router2(config-if)#standby use-bia
   Router2(config-if)#standby priority 110
   Router2(config-if)#standby preempt
   Router2(config-if)#exit
   Router2(config)#end
   Router2#

   注释 由于令牌环网络会用到设备的MAC地址信息,所以如果HSRP用到虚拟MAC就会出问题,因此在配置中使用了burned-in address (BIA)来代替MAC来避免出现问题


你可能感兴趣的:(Cisco,HSRP,双机热备经典案例)