msr3610现在拉着三条外网线 一条千兆 两条百兆的 现在想两条百兆做备份 千兆做主 这样能实现吗 有案例吗 怎么做
msr3610现在拉着三条外网线 一条千兆 两条百兆的 现在想两条百兆做备份 千兆做主 这样能实现吗 有案例吗 怎么做
(0)
最佳答案
静态路由后跟优先级
(0)
是到外网的默认路由 后面加上优先级吗
是到外网的默认路由 后面加上优先级吗
您好,参考
· Router A到达Router C的静态路由下一跳为Router B。
· 在Router A上通过静态路由、Track与NQA联动,对到达Router C的静态路由有效性进行实时判断。
图1-16 NQA联动配置组网图
(1) 配置各接口的IP地址。(配置过程略)
(2) 在Router A上配置静态路由,并与Track项关联。
# 配置到达Router C的静态路由下一跳地址为10.2.1.1,并配置静态路由与Track项1关联。
<RouterA> system-view
[RouterA] ip route-static 10.1.1.2 24 10.2.1.1 track 1
(3) 在Router A上配置NQA测试组
# 创建管理员名为admin、操作标签为test1的NQA测试组。
[RouterA] nqa entry admin test1
# 配置测试类型为ICMP-echo。
[RouterA-nqa-admin-test1] type icmp-echo
# 配置目的地址为10.2.1.1。
[RouterA-nqa-admin-test1-icmp-echo] destination ip 10.2.1.1
# 测试频率为100ms。
[RouterA-nqa-admin-test1-icmp-echo] frequency 100
# 配置联动项1(连续失败5次触发联动)。
[RouterA-nqa-admin-test1-icmp-echo] reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only
[RouterA-nqa-admin-test1-icmp-echo] quit
# 启动ICMP-echo探测操作,并一直进行测试。
[RouterA] nqa schedule admin test1 start-time now lifetime forever
(4) 在Router A上配置Track项
# 配置Track项1,关联NQA测试组(管理员为admin,操作标签为test1)的联动项1。
[RouterA] track 1 nqa entry admin test1 reaction 1
# 显示Router A上Track项的信息。
[RouterA] display track all
Track ID: 1
State: Positive
Duration: 0 days 0 hours 0 minutes 0 seconds
Notification delay: Positive 0, Negative 0 (in seconds)
Tracked object:
NQA entry: admin test1
Reaction: 1
# 显示Router A的路由表。
[RouterA] display ip routing-table
Destinations : 13 Routes : 13
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
10.1.1.0/24 Static 60 0 10.2.1.1 GE1/0/1
10.2.1.0/24 Direct 0 0 10.2.1.2 GE1/0/1
10.2.1.0/32 Direct 0 0 10.2.1.2 GE1/0/1
10.2.1.2/32 Direct 0 0 127.0.0.1 InLoop0
10.2.1.255/32 Direct 0 0 10.2.1.2 GE1/0/1
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0
224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0
255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
以上显示信息表示,NQA测试的结果为下一跳地址10.2.1.1可达(Track项状态为Positive),配置的静态路由生效。
# 在Router B上删除接口GigabitEthernet1/0/1的IP地址。
<RouterB> system-view
[RouterB] interface gigabitethernet 1/0/1
[RouterB-GigabitEthernet1/0/1] undo ip address
# 显示Router A上Track项的信息。
[RouterA] display track all
Track ID: 1
State: Negative
Duration: 0 days 0 hours 0 minutes 0 seconds
Notification delay: Positive 0, Negative 0 (in seconds)
Tracked object:
NQA entry: admin test1
Reaction: 1
# 显示Router A的路由表。
[RouterA] display ip routing-table
Destinations : 12 Routes : 12
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
10.2.1.0/24 Direct 0 0 10.2.1.2 GE1/0/1
10.2.1.0/32 Direct 0 0 10.2.1.2 GE1/0/1
10.2.1.2/32 Direct 0 0 127.0.0.1 InLoop0
10.2.1.255/32 Direct 0 0 10.2.1.2 GE1/0/1
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0
224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0
255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
以上显示信息表示,NQA测试的结果为下一跳地址10.2.1.1不可达(Track项状态为Negative),配置的静态路由无效。
(0)
可以使用NQA来实现,以下是配置举例:
NQA实验
通过NQA的检测,检测上行网络是否正常,当上行网络出现故障时,能告知VRRP、MSTP进行主备的切换。
SW1为接入交换机,负责VLAN 10 、VLAN 20的接入
SW2为核心交换机,负责提供VLAN 10、VLAN20的网关,根据负载均衡的需求,在SW2交换机中,VLAN 10为MSTP主根,VLAN 20为备根。SW2交换机在网络正常的情况下主要走VLAN10的流量。在SW2中配置NQA检测,监控上行端口当发生故障时VLAN 10可快速切换到SW3交换机。
SW3为核心交换机,负责提供VLAN 10、VLAN20的网关,根据负载均衡的需求,在SW3交换机中,VLAN 20为MSTP主根,VLAN10为备根。SW3交换机在网络正常的情况下主要走VLAN10的流量。在SW3中配置NQA检测,监控上行端口当发生故障时VLAN 20可快速切换到SW2交换机。
R1为核心路由器,负责将业务路由高速转发到下一个网络中。
心得体会:
1、在拥有负载均衡和设备冗余的网络环境中,NQA的可选参数配置建议保持一致,特别是frequency检测的频率。
2、建议开启NQA历史记录功能,这样可以更好的确认NQA是否已经开始运行并监控。
3、在拥有路由冗余、设备冗余、VRRP的环境中,一定要开启route-option bypass-route,这样当路由发生故障时,也可以更好的触发TRACK
4、在NQA配置指向目的地址时一定要正确区分description和destination这两个单词,由于这两个单词在配置时会优先出现description,可能会导致没有配置目的地址而启动NQA失败
5、当主链路DOWN时,从主设备切换到备设备需要丢包13-14个才可恢复业务。
6、当主链路恢复时,业务可以从备用设备切换回到主设备(VRRP也可切换)且不丢包。
配置过程:
SW1:
[H3C]sysname SW1
[SW1]vlan 10
[SW1-vlan10]qu
[SW1]vlan 20
[SW1-vlan20]qu
[SW1]int ran gi 1/0/1 to gi 1/0/2
[SW1-if-range]po li tr
[SW1-if-range]undo po tr pe vlan 1
[SW1-if-range]po tr pe vlan 10 20
[SW1-if-range]quit
[SW1]int gi 1/0/3
[SW1-GigabitEthernet1/0/3]po li acc
[SW1-GigabitEthernet1/0/3]po acc vl 10
[SW1-GigabitEthernet1/0/3]quit
[SW1]
SW2:
[H3C]sysname SW2
[SW2]vlan 10
[SW2-vlan10]quit
[SW2]vlan 20
[SW2-vlan20]quit
[SW2]int ran gi 1/0/2 to gi 1/0/3
[SW2-if-range]po li tr
[SW2-if-range]undo po tr pe vlan 1
[SW2-if-range]po tr pe vlan 10 20
[SW2-if-range]quit
[SW2]int gi 1/0/1
[SW2-GigabitEthernet1/0/1]port link-mode route
[SW2-GigabitEthernet1/0/1]ip address 10.0.0.1 30
[SW2-GigabitEthernet1/0/1]undo shutdown
[SW2-GigabitEthernet1/0/1]quit
#NQA配置
[SW2]nqa agent enable
[SW2]nqa entry weijianing ninglihua
[SW2-nqa-weijianing-ninglihua]type icmp-echo
[SW2-nqa-weijianing-ninglihua-icmp-echo]source int GigabitEthernet 1/0/1
[SW2-nqa-weijianing-ninglihua-icmp-echo]destination ip 10.0.0.2
[SW2-nqa-weijianing-ninglihua-icmp-echo]frequency 100000
[SW2-nqa-weijianing-ninglihua-icmp-echo]probe timeout 30
[SW2-nqa-weijianing-ninglihua-icmp-echo]next-hop 10.0.0.2
[SW2-nqa-weijianing-ninglihua-icmp-echo] history-record enable
[SW2-nqa-weijianing-ninglihua-icmp-echo]history-record number 50
[SW2-nqa-weijianing-ninglihua-icmp-echo]probe count 10
[SW2-nqa-weijianing-ninglihua-icmp-echo]probe timeout 30
[SW2-nqa-weijianing-ninglihua-icmp-echo]reaction 1 checked-element probe-fail threshold-type consecutive 1 action-type trigger-only
[SW2-nqa-weijianing-ninglihua-icmp-echo]route-option bypass-route
[SW2]track 1 nqa entry weijianing ninglihua reaction 1
[SW2]nqa schedule weijianing ninglihua start-time now lifetime forever
#
[SW2]int vlan 10
[SW2-Vlan-interface10]ip address 192.168.10.252 24
[SW2-Vlan-interface10]vrrp vrid 1 vi
[SW2-Vlan-interface10]vrrp vrid 1 virtual-ip 192.168.10.254
[SW2-Vlan-interface10]vrrp vrid 1 priority 120
[SW2-Vlan-interface10]vrrp vrid 1 preempt-mode
[SW2-Vlan-interface10]vrrp vrid 1 track 1 priority reduced 30
[SW2]int vlan 20
[SW2-Vlan-interface20]ip address 192.168.20.252 24
[SW2-Vlan-interface20]vrrp vrid 2 virtual-ip 192.168.20.254
#MSTP配置
[SW2]stp glo enable
[SW2]stp mode mstp
[SW2]stp region-configuration
[SW2-mst-region]region-name ***.***
[SW2-mst-region]instance 1 vlan 10
[SW2-mst-region]instance 2 vlan 20
[SW2-mst-region]active region-configuration
[SW2]stp instance 1 root primary
[SW2]stp instance 2 root secondary
#
[SW2] int lo 0
[SW2-LoopBack0]ip add 1.1.1.1 32
[SW2-LoopBack0]undo shutdown
[SW2-LoopBack0]quit
[SW2]router id 1.1.1.1
[SW2]
[SW2]ospf 1
[SW2-ospf-1]silent-interface Vlan-interface 10
[SW2-ospf-1]silent-interface Vlan-interface 20
[SW2-ospf-1]area 0.0.0.0
[SW2-ospf-1-area-0.0.0.0]network 10.0.0.1 0.0.0.0
[SW2-ospf-1-area-0.0.0.0]net[SW2-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
[SW2-ospf-1-area-0.0.0.0]network 192.168.10.0 0.0.0.255
[SW2-ospf-1-area-0.0.0.0]network 192.168.20.0 0.0.0.255
[SW2-ospf-1-area-0.0.0.0]quit
[SW2-ospf-1]quit
[SW2]
SW3:
[SW3]vlan 10
[SW3-vlan10]quit
[SW3]vlan 20
[SW3-vlan20]quit
[SW3]int ran gi 1/0/2 to gi 1/0/3
[SW3-if-range]po li tr
[SW3-if-range]undo po tr pe vlan 1
[SW3-if-range]po tr pe vlan 10 20
[SW3-if-range]quit
[SW3]
[SW3]int gi 1/0/1
[SW3-GigabitEthernet1/0/1]port link-mode route
[SW3-GigabitEthernet1/0/1]ip address 10.0.0.5 30
[SW3-GigabitEthernet1/0/1]undo shutdown
[SW3-GigabitEthernet1/0/1]quit
[SW3]
#NQS配置:
[SW3]nqa agent enable
[SW3]nqa entry weijianing ninglihua
[SW3-nqa-weijianing-ninglihua]type icmp-echo
[SW3-nqa-weijianing-ninglihua-icmp-echo]source int gi 1/0/1
[SW3-nqa-weijianing-ninglihua-icmp-echo]destination ip 10.0.0.6
[SW3-nqa-weijianing-ninglihua-icmp-echo]next-hop 10.0.0.6
[SW3-nqa-weijianing-ninglihua-icmp-echo]frequency 100000
[SW3-nqa-weijianing-ninglihua-icmp-echo] history-record enable
[SW3-nqa-weijianing-ninglihua-icmp-echo]history-record number 50
[SW3-nqa-weijianing-ninglihua-icmp-echo]probe count 10
[SW3-nqa-weijianing-ninglihua-icmp-echo]probe timeout 30
[SW3-nqa-weijianing-ninglihua-icmp-echo]reaction 1 checked-element probe-fail threshold-type consecutive 1 action-type trigger-only
[SW3-nqa-weijianing-ninglihua-icmp-echo]route-option bypass-route
[SW3]track 1 nqa entry weijianing ninglihua reaction 1
#
[SW3]int vlan 10
[SW3-Vlan-interface10]ip address 192.168.10.253 24
[SW3-Vlan-interface10]vrrp vrid 1 virtual-ip 192.168.10.254
[SW3-Vlan-interface10]quit
[SW3]
[SW3]int vlan 20
[SW3-Vlan-interface20]ip address 192.168.20.253 24
[SW3-Vlan-interface20]vrrp vrid 2 vi
[SW3-Vlan-interface20]vrrp vrid 2 virtual-ip 192.168.20.254
[SW3-Vlan-interface20]vrrp vrid 2 priority 120
[SW3-Vlan-interface20]vrrp vrid 2 preempt-mode
[SW3-Vlan-interface20]vrrp vrid 2 track 1 priority reduced 30
[SW3-Vlan-interface20]quit
[SW3]
[SW3]stp region-configuration
[SW3-mst-region]region-name ***.***
[SW3-mst-region]instance 1 vlan 10
[SW3-mst-region]instance 2 vlan 20
[SW3-mst-region]active region-configuration
[SW3-mst-region]quit
[SW3]stp instance 1 root secondary
[SW3]stp instance 2 root primary
[SW3]int LoopBack 0
[SW3-LoopBack0]ip add 2.2.2.2 32
[SW3-LoopBack0]undo shut
[SW3-LoopBack0]quit
[SW3]router id 2.2.2.2
[SW3]
[SW3]ospf 1
[SW3-ospf-1]silent-interface Vlan-interface 10
[SW3-ospf-1]silent-interface Vlan-interface 20
[SW3-ospf-1]area 0.0.0.0
[SW3-ospf-1-area-0.0.0.0]network 10.0.0.5 0.0.0.0
[SW3-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[SW3-ospf-1-area-0.0.0.0]network 192.168.10.0 0.0.0.255
[SW3-ospf-1-area-0.0.0.0]network 192.168.20.0 0.0.0.255
[SW3-ospf-1-area-0.0.0.0]quit
[SW3-ospf-1]quit
[SW3]
[SW3]nqa schedule weijianing ninglihua start-time now lifetime forever
R1:
[H3C]sysname R1
[R1]int lo 0
[R1-LoopBack0]ip add 3.3.3.3 32
[R1-LoopBack0]undo shut
[R1-LoopBack0]quit
[R1]router id 3.3.3.3
[R1]int gi 0/0
[R1-GigabitEthernet0/0]ip add 10.0.0.2 30
[R1-GigabitEthernet0/0]undo shut
[R1-GigabitEthernet0/0]quit
[R1]int gi 0/1
[R1-GigabitEthernet0/1]ip add 10.0.0.6 30
[R1-GigabitEthernet0/1]undo shutdown
[R1-GigabitEthernet0/1]quit
[R1]
[R1]ospf 1
[R1-ospf-1]ar
[R1-ospf-1]area 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.0.0.2 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.0.0.6 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[R1-ospf-1-area-0.0.0.0]quit
(0)
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
抄袭了我的内容
×
原文链接或出处
诽谤我
×
对根叔社区有害的内容
×
不规范转载
×
举报说明