vrrp+mstp+路由策略综合实验
组网需求:
1. Server1及Server2是两种不同业务的服务器,分别处于两个VLAN:10及20。PC1要求能够访问到Server1及Server2;
2. 当网络正常时,PC1访问Server1的流量走Router>SW1>SW3>Server1这条路径,并且往返路径一致,而PC1访问Server2的流量则走Router>SW2>SW3>Server2这条路径并且也要求来回路径一致;
3. 当SW1发生故障或者SW1连接Router的链路DOWN掉时,要求PC访问Server1的流量能够自动切换到SW2;同样的当SW2发生故障时,PC访问Server2的流量要能够自动切换到SW1;
4. SW1、SW2、SW3三台交换机构成一个二层环路,运行MSTP防止环路;
5. SW1及SW2为汇聚交换机,Server1和Server2的网关在这两台设备上;
6. SW1 、 SW2 及 Router 运 行 OSPF ; SW1 及 SW2 的 RouterID 分 别 为 192.168.255.11 及192.168.255.12,Router的RouterID为192.168.255.1。
具体实验配置步骤:
①在sw3、sw1、sw2上分别完成基础配置
[SW3] vlan batch 10 20
[SW3] interface GigabitEthernet0/0/1
[SW3-GigabitEthernet0/0/1] port link-type access
[SW3-GigabitEthernet0/0/1] port default vlan 10
[SW3] interface GigabitEthernet0/0/2
[SW3-GigabitEthernet0/0/2] port link-type access
[SW3-GigabitEthernet0/0/2] port default vlan 20
[SW3] interface GigabitEthernet0/0/23
[SW3-GigabitEthernet0/0/23] port link-type trunk
[SW3-GigabitEthernet0/0/23] port trunk allow-pass vlan 10 20
[SW3] interface GigabitEthernet0/0/24
[SW3-GigabitEthernet0/0/24] port link-type trunk
[SW3-GigabitEthernet0/0/24] port trunk allow-pass vlan 10 20
[SW1] vlan batch 10 20 201 203
[SW1] interface GigabitEthernet0/0/23
[SW1-GigabitEthernet0/0/23] port link-type trunk
[SW1-GigabitEthernet0/0/23] port trunk allow-pass vlan 10 20
[SW1] interface GigabitEthernet0/0/20
[SW1-GigabitEthernet0/0/20] port link-type trunk
[SW1-GigabitEthernet0/0/20]port trunk allow-pass vlan 10 20 203
[SW1] interface GigabitEthernet0/0/21
[SW1-GigabitEthernet0/0/21] port link-type access
[SW1-GigabitEthernet0/0/21] port default vlan 201
[SW1] interface vlanif 10
[SW1-vlanif10] ip adderss 192.168.10.253 24
[SW1] interface vlanif 20
[SW1-vlanif20] ip adderss 192.168.20.252 24
[SW1] interface vlanif 201
[SW1-vlanif201] ip adderss 192.168.201.1 24
[SW1] interface vlanif 203
[SW1-vlanif203] ip adderss 192.168.203.1 24
[SW2] vlan batch 10 20 202 203
[SW2] interface GigabitEthernet0/0/24
[SW2-GigabitEthernet0/0/24] port link-type trunk
[SW2-GigabitEthernet0/0/24] port trunk allow-pass vlan 10 20
[SW2] interface GigabitEthernet0/0/20
[SW2-GigabitEthernet0/0/20] port link-type trunk
[SW2-GigabitEthernet0/0/20]port trunk allow-pass vlan 10 20 203
[SW2] interface GigabitEthernet0/0/21
[SW2-GigabitEthernet0/0/21] port link-type access
[SW2-GigabitEthernet0/0/21] port default vlan 202
[SW2] interface vlanif 10
[SW2-vlanif10] ip adderss 192.168.10.252 24
[SW2] interface vlanif 20
[SW2-vlanif20] ip adderss 192.168.20.253 24
[SW2] interface vlanif 202
[SW2-vlanif202] ip adderss 192.168.202.1 24
[SW2] interface vlanif 203
[SW2-vlanif203] ip adderss 192.168.203.2 24
[r1] interface GigabitEthernet 0/0/0
[r1-GigabitEthernet0/0/0] ip address 192.168.201.2 24
[r1] interface GigabitEthernet 0/0/1
[r1-GigabitEthernet0/0/1] ip address 192.168.202.2 24
[r1] interface GigabitEthernet 0/0/2
[r1-GigabitEthernet0/0/2] ip address 192.168.1.254 24
②配置MSTP将vlan10映射到实例1,将vlan20映射到实例2:
[SW3] stp mode mstp
[SW3] stp region-configuration
[SW3-mst-region] region-name huawei
[SW3-mst-region] instance 1 vlan 10
[SW3-mst-region] instance 2 vlan 20
[SW3-mst-region] active region-configuration
[SW3-mst-region] quit
[SW3] stp enable
SW1的配置如下:
[SW1] stp mode mstp
[SW1] stp region-configuration
[SW1-mst-region] region-name huawei
[SW1-mst-region] instance 1 vlan 10
[SW1-mst-region] instance 2 vlan 20
[SW1-mst-region] active region-configuration
[SW1-mst-region] quit
[SW1] stp instance 1 root primary
[SW1] stp instance 2 root secondary
[SW1] stp enable
[SW1] interface Vlanif 10
[SW1-vlanif10] vrrp vrid 10 virtual-ip 192.168.10.254
[SW1-vlanif10] vrrp vrid 10 priority 120
[SW1-vlanif10]vrrp vrid 10 track interface GigabitEthernet 0/0/21 reduced30
[SW1] interface Vlanif 20
[SW1-vlanif20] vrrp vrid 20 virtual-ip 192.168.20.254
SW2的配置如下:
[SW2] stp mode mstp
[SW2] stp region-configuration
[SW2-mst-region] region-name huawei
[SW2-mst-region] instance 1 vlan 10
[SW2-mst-region] instance 2 vlan 20
[SW2-mst-region] active region-configuration
[SW2-mst-region] quit
[SW2] stp instance 1 root secondary
[SW2] stp instance 2 root primary
[SW2] stp enable
[SW2] interface Vlanif 10
[SW2-vlanif10] vrrp vrid 10 virtual-ip 192.168.10.254
[SW2] interface Vlanif 20
[SW2-vlanif20] vrrp vrid 20 virtual-ip 192.168.20.254
[SW2-vlanif20] vrrp vrid 20 priority 120
[SW2-vlanif20] vrrp vrid 20 track interface GigabitEthernet 0/0/21 reduced 30
在sw3上输入display stp brief查看各个实例下接口的转发状态,在sw1/sw2上输入display vrrp brief查看vrrp组别的主备状态
③SW1、SW2、SW3及r1的OSPF基础配置
[SW1] ospf 1 router-id 192.168.255.11
[SW1-ospf-1] area 0
[SW1-ospf-1-area-0.0.0.0] network 192.168.201.0 0.0.0.255
[SW1-ospf-1-area-0.0.0.0] network 192.168.203.0 0.0.0.255
[SW2] ospf 1 router-id 192.168.255.12
[SW2-ospf-1] area 0
[SW2-ospf-1-area-0.0.0.0] network 192.168.202.0 0.0.0.255
[SW2-ospf-1-area-0.0.0.0] network 192.168.203.0 0.0.0.255
[Router] ospf 1 router-id 192.168.255.1
[Router-ospf-1] area 0
[Router-ospf-1-area-0.0.0.0] network 192.168.201.0 0.0.0.255
[Router-ospf-1-area-0.0.0.0] network 192.168.202.0 0.0.0.255
[Router-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
④在SW1、SW2上执行路由重发布及路由策略
SW1的配置如下:
[SW1] route-policy vlanif10and20 permit node 10
[SW1-route-policy] if-match interface vlanif 10
[SW1-route-policy] apply cost 10
[SW1-route-policy] quit
[SW1] route-policy vlanif10and20 permit node 20
[SW1-route-policy] if-match interface vlanif 20
[SW1-route-policy] apply cost 20
[SW1-route-policy] quit
[SW1] ospf 1
[SW1-ospf-1] import-route direct route-policy vlanif10and20
SW2的配置如下:
[SW2] route-policy vlanif10and20 permit node 10
[SW2-route-policy] if-match interface vlanif 10
[SW2-route-policy] apply cost 20
[SW2-route-policy] quit
[SW2] route-policy vlanif10and20 permit node 20
[SW2-route-policy] if-match interface vlanif 20
[SW2-route-policy] apply cost 10
[SW2-route-policy] quit
[SW2] ospf 1
[SW1-ospf-1] import-route direct route-policy vlanif10and20
测试数据走向: