一、前言
-
局域网中的用户终端通常采用配置一个默认网关的形式访问外部网络,如果此时默认网关设备发生故障,将中断所有用户终端的网络访问,这很可能会给用户带来不可预计的损失,所以可以通过部署多个网关的方式来解决单点故障问题,那么如何让多个网关能够协同工作但又不会互相冲突就成了最迫切需要解决的问题。
-
于是VRRP应运而生,它既可以实现网关的备份,又能解决多个网关之间互相冲突的问题。那么VRRP的工作原理是如何实现的?在网络中又该如何配置呢?
二、VRRP基本概述
- VRRP能够在不改变组网的情况下,将多台路由器虚拟成一个路由器,通过配置虚拟路由器的IP地址为默认网关,实现网关备份。
- 协议版本:VRRv2(常用)和VRRv3;
- VRRv2仅适用于IPv4网络,VRRv3适用于IPv4网络和IPv6网络。
- VRRP协议报文;
- 只有一种报文:Advertisement报文;其目的IP地址是224.0.0.18,目标MAC地址是01-00-5e-00-00-12,协议号是112。
三、VRRP状态机
四、VRRP的作用
Master报文的发送:当Master正常工作时,它会每隔一段时间(缺省值为1秒)向组内Backup设备发送VRRP通告报文,通告自己工作正常(只有Master发送VRRP报文)
VRRP通告报文被封装在IP报文里,通过组播地址224.0.0.18发送,TTL为225,协议号为112
五、实例
需求
-
创建两个虚拟路由,一个以左侧交换机为Master,另一个以右侧交换机为Master
-
查看VRRP表
-
断掉LSW1的G0/0/1口后查看VRRP表,查看原备份理由是否称为Master
-
全网互通
1、配置PC机
2、各个设备的基础配置
LSW3
<Huawei> <Huawei>sys Enter system view, return user view with Ctrl+Z. [Huawei]vlan bat 10 20 Info: This operation may take a few seconds. Please wait for a moment...done. [Huawei]int e0/0/1 [Huawei-Ethernet0/0/1]port link-type access [Huawei-Ethernet0/0/1]port default vlan 10 [Huawei-Ethernet0/0/1]int e0/0/2 [Huawei-Ethernet0/0/2]port link-type access [Huawei-Ethernet0/0/2]port default vlan 20 [Huawei-Ethernet0/0/2]int g0/0/1 [Huawei-GigabitEthernet0/0/1]port link-type trunk [Huawei-GigabitEthernet0/0/1]port trunk allow-pass vlan all [Huawei-GigabitEthernet0/0/1]int g0/0/2 [Huawei-GigabitEthernet0/0/2]port link-type trunk [Huawei-GigabitEthernet0/0/2]port trunk allow-pass vlan all
LSW1
<Huawei>sys Enter system view, return user view with Ctrl+Z. [Huawei]user-interface console 0 [Huawei]vlan bat 10 20 100 Info: This operation may take a few seconds. Please wait for a moment...done. [Huawei]int vlan 10 [Huawei-Vlanif10]ip add 192.168.10.10 24 [Huawei-Vlanif10]int vlan 20 [Huawei-Vlanif20]ip add 192.168.20.10 24 [Huawei-Vlanif20]int vlan 100 [Huawei-Vlanif100]ip add 11.0.0.2 24 [Huawei-Vlanif100]int g0/0/1 [Huawei-GigabitEthernet0/0/1]port link-type trunk [Huawei-GigabitEthernet0/0/1]port trunk allow-pass vlan all [Huawei-GigabitEthernet0/0/1]int g0/0/2 [Huawei-GigabitEthernet0/0/2]port link-type access [Huawei-GigabitEthernet0/0/2]port default vlan 100
LSW2
<Huawei>sys Enter system view, return user view with Ctrl+Z. [Huawei]vlan bat 10 20 100 Info: This operation may take a few seconds. Please wait for a moment...done. [Huawei]int vlan 10 [Huawei-Vlanif10]ip add 192.168.10.20 24 [Huawei-Vlanif10]int vlan 20 [Huawei-Vlanif20]ip add 192.168.20.20 24 [Huawei-Vlanif20]int vlan 100 [Huawei-Vlanif100]ip add 12.0.0.2 24 [Huawei-Vlanif100]int g0/0/1 [Huawei-GigabitEthernet0/0/1]port link-type trunk [Huawei-GigabitEthernet0/0/1]port trunk allow-pass vlan all [Huawei-GigabitEthernet0/0/1]int g0/0/2 [Huawei-GigabitEthernet0/0/2]port link-type access [Huawei-GigabitEthernet0/0/2]port default vlan 100 [Huawei-GigabitEthernet0/0/2]un sh
R1
<Huawei>sys Enter system view, return user view with Ctrl+Z. [Huawei]int g0/0/0 [Huawei-GigabitEthernet0/0/0]ip add 11.0.0.1 24 [Huawei-GigabitEthernet0/0/0]int g0/0/1 [Huawei-GigabitEthernet0/0/1]ip add 12.0.0.1 24 [Huawei-GigabitEthernet0/0/1]int loop0 [Huawei-LoopBack0]ip add 10.0.0.1 24 [Huawei-LoopBack0]q [Huawei]ip route-s 192.168.10.0 24 11.0.0.2 [Huawei]ip route-s 192.168.10.0 24 12.0.0.2 pre 70 [Huawei]ip route-s 192.168.20.0 24 11.0.0.2 [Huawei]ip route-s 192.168.20.0 24 12.0.0.2 pre 70
3、VRRP的配置
LSW1 [Huawei-GigabitEthernet0/0/2]int vlan 10 [Huawei-Vlanif10]vrrp vrid 1 virtual-ip 192.168.10.1 [Huawei-Vlanif10]vrrp vrid 1 priority 120 [Huawei-Vlanif10] vrrp vrid 1 track interface GigabitEthernet0/0/1 [Huawei-Vlanif10] vrrp vrid 1 track interface GigabitEthernet0/0/2 [Huawei-Vlanif10]int vlan 20 [Huawei-Vlanif20]vrrp vrid 2 virtual-ip 192.168.20.1 [Huawei-Vlanif20]vrrp vrid 2 priority 115 [Huawei-Vlanif20]q
LSW2
[Huawei-GigabitEthernet0/0/2]int vlan 20 [Huawei-Vlanif20]vrrp vrid 2 virtual-ip 192.168.20.1 [Huawei-Vlanif20]vrrp vrid 2 priority 120 [Huawei-Vlanif20] vrrp vrid 2 track interface GigabitEthernet0/0/1 [Huawei-Vlanif20] vrrp vrid 2 track interface GigabitEthernet0/0/2 [Huawei-Vlanif20]int vlan 10 [Huawei-Vlanif10]vrrp vrid 1 virtual-ip 192.168.10.1 [Huawei-Vlanif10]vrrp vrid 1 priority 115 [Huawei-Vlanif10]q
在R1上配置浮动路由
[Huawei] ip route-static 192.168.10.0 255.255.255.0 11.0.0.2 [Huawei] ip route-static 192.168.10.0 255.255.255.0 12.0.0.2 preference 70 [Huawei] ip route-static 192.168.20.0 255.255.255.0 12.0.0.2 [Huawei] ip route-static 192.168.20.0 255.255.255.0 11.0.0.2 preference 70
4、测试连通性
PC>ping 12.0.0.1Ping 12.0.0.1: 32 data bytes, Press Ctrl_C to break
From 12.0.0.1: bytes=32 seq=1 ttl=254 time=47 ms
From 12.0.0.1: bytes=32 seq=2 ttl=254 time=63 ms
From 12.0.0.1: bytes=32 seq=3 ttl=254 time=78 ms
From 12.0.0.1: bytes=32 seq=4 ttl=254 time=47 ms
From 12.0.0.1: bytes=32 seq=5 ttl=254 time=62 ms--- 12.0.0.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 47/59/78 msPC>ping 11.0.0.1
Ping 11.0.0.1: 32 data bytes, Press Ctrl_C to break
From 11.0.0.1: bytes=32 seq=1 ttl=254 time=62 ms
From 11.0.0.1: bytes=32 seq=2 ttl=254 time=63 ms
From 11.0.0.1: bytes=32 seq=3 ttl=254 time=47 ms
From 11.0.0.1: bytes=32 seq=4 ttl=254 time=47 ms
From 11.0.0.1: bytes=32 seq=5 ttl=254 time=63 ms--- 11.0.0.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 47/56/63 msPC>ping 192.168.20.10
Ping 192.168.20.10: 32 data bytes, Press Ctrl_C to break
From 192.168.20.10: bytes=32 seq=1 ttl=255 time=31 ms
From 192.168.20.10: bytes=32 seq=2 ttl=255 time=31 ms
From 192.168.20.10: bytes=32 seq=3 ttl=255 time=31 ms
From 192.168.20.10: bytes=32 seq=4 ttl=255 time=47 ms
From 192.168.20.10: bytes=32 seq=5 ttl=255 time=32 ms--- 192.168.20.10 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 31/34/47 ms
5、三层交换机的VRRP配置情况
LSW1
[Huawei]dis vrrp
Vlanif10 | Virtual Router 1
State : Master
Virtual IP : 192.168.10.1
Master IP : 192.168.10.10
PriorityRun : 120
PriorityConfig : 120
MasterPriority : 120
Preempt : YES Delay Time : 0 s
TimerRun : 1 s
TimerConfig : 1 s
Auth type : NONE
Virtual MAC : 0000-5e00-0101
Check TTL : YES
Config type : normal-vrrp
Track IF : GigabitEthernet0/0/1 Priority reduced : 10
IF state : UP
Track IF : GigabitEthernet0/0/2 Priority reduced : 10
IF state : UP
Create time : 2021-05-28 09:36:40 UTC-08:00
Last change time : 2021-05-28 09:37:40 UTC-08:00
Vlanif20 | Virtual Router 2
State : Backup
Virtual IP : 192.168.20.1
Master IP : 192.168.20.20
PriorityRun : 115
PriorityConfig : 115
MasterPriority : 120
Preempt : YES Delay Time : 0 s
TimerRun : 1 s
TimerConfig : 1 s
Auth type : NONE
Virtual MAC : 0000-5e00-0102
Check TTL : YES
Config type : normal-vrrp
Create time : 2021-05-28 09:36:40 UTC-08:00
Last change time : 2021-05-28 09:47:10 UTC-08:00
LSW2
[Huawei]dis vrrp
Vlanif10 | Virtual Router 1
State : Backup
Virtual IP : 192.168.10.1
Master IP : 192.168.10.10
PriorityRun : 115
PriorityConfig : 115
MasterPriority : 120
Preempt : YES Delay Time : 0 s
TimerRun : 1 s
TimerConfig : 1 s
Auth type : NONE
Virtual MAC : 0000-5e00-0101
Check TTL : YES
Config type : normal-vrrp
Track IF : GigabitEthernet0/0/1 Priority reduced : 10
IF state : UP
Track IF : GigabitEthernet0/0/2 Priority reduced : 10
IF state : UP
Create time : 2021-05-28 09:46:59 UTC-08:00
Last change time : 2021-05-28 09:47:10 UTC-08:00
Vlanif20 | Virtual Router 2
State : Master
Virtual IP : 192.168.20.1
Master IP : 192.168.20.20
PriorityRun : 120
PriorityConfig : 120
MasterPriority : 120
Preempt : YES Delay Time : 0 s
TimerRun : 1 s
TimerConfig : 1 s
Auth type : NONE
Virtual MAC : 0000-5e00-0102
Check TTL : YES
Config type : normal-vrrp
Track IF : GigabitEthernet0/0/1 Priority reduced : 10
IF state : UP
Track IF : GigabitEthernet0/0/2 Priority reduced : 10
IF state : UP
Create time : 2021-05-28 09:46:59 UTC-08:00
Last change time : 2021-05-28 09:47:10 UTC-08:00
6、断开LSW1的G0/0/1后VRRP配置情况
LSW1
[Huawei]dis vrrp
Vlanif10 | Virtual Router 1
State : Backup
Virtual IP : 192.168.10.1
Master IP : 192.168.10.20
PriorityRun : 110
PriorityConfig : 120
MasterPriority : 115
Preempt : YES Delay Time : 0 s
TimerRun : 1 s
TimerConfig : 1 s
Auth type : NONE
Virtual MAC : 0000-5e00-0101
Check TTL : YES
Config type : normal-vrrp
Track IF : GigabitEthernet0/0/1 Priority reduced : 10
IF state : DOWN
Track IF : GigabitEthernet0/0/2 Priority reduced : 10
IF state : UP
Create time : 2021-05-28 09:36:40 UTC-08:00
Last change time : 2021-05-28 10:16:32 UTC-08:00
Vlanif20 | Virtual Router 2
State : Backup
Virtual IP : 192.168.20.1
Master IP : 192.168.20.20
PriorityRun : 115
PriorityConfig : 115
MasterPriority : 120
Preempt : YES Delay Time : 0 s
TimerRun : 1 s
TimerConfig : 1 s
Auth type : NONE
Virtual MAC : 0000-5e00-0102
Check TTL : YES
Config type : normal-vrrp
Create time : 2021-05-28 09:36:40 UTC-08:00
Last change time : 2021-05-28 09:47:10 UTC-08:00
LSW2
[Huawei]dis vrrp
Vlanif10 | Virtual Router 1
State : Master
Virtual IP : 192.168.10.1
Master IP : 192.168.10.20
PriorityRun : 115
PriorityConfig : 115
MasterPriority : 115
Preempt : YES Delay Time : 0 s
TimerRun : 1 s
TimerConfig : 1 s
Auth type : NONE
Virtual MAC : 0000-5e00-0101
Check TTL : YES
Config type : normal-vrrp
Track IF : GigabitEthernet0/0/1 Priority reduced : 10
IF state : UP
Track IF : GigabitEthernet0/0/2 Priority reduced : 10
IF state : UP
Create time : 2021-05-28 09:46:59 UTC-08:00
Last change time : 2021-05-28 10:16:32 UTC-08:00
Vlanif20 | Virtual Router 2
State : Master
Virtual IP : 192.168.20.1
Master IP : 192.168.20.20
PriorityRun : 120
PriorityConfig : 120
MasterPriority : 120
Preempt : YES Delay Time : 0 s
TimerRun : 1 s
TimerConfig : 1 s
Auth type : NONE
Virtual MAC : 0000-5e00-0102
Check TTL : YES
Config type : normal-vrrp
Track IF : GigabitEthernet0/0/1 Priority reduced : 10
IF state : UP
Track IF : GigabitEthernet0/0/2 Priority reduced : 10
IF state : UP
Create time : 2021-05-28 09:46:59 UTC-08:00
Last change time : 2021-05-28 09:47:10 UTC-08:00