华为交换机VRRP配置

图3-128 配置VRRP主备备份组网图

配置思路

采用VRRP主备备份实现网关冗余备份，配置思路如下：

1. 配置各设备接口IP地址与路由协议，使各设备间网络层连通。

2. 在SwitchA和SwitchB上配置VRRP备份组。其中，SwitchA上配置较高优先级和20秒抢占延时，作为Master设备承当流量转发；SwitchB上配置较低优先级，作为备用交换机，实现网关冗余备份。

操作步骤

1. 配置设备间的网络互连

# 配置设备各接口的IP地址，以SwitchA为例。SwitchB和SwitchC的配置与SwitchA

1 / 24

. .

类似，详见配置文件。

system-view

[HUAWEI] sysname SwitchA

[SwitchA] vlan batch 100 300

[SwitchA] interface gigabitethernet 1/0/1

[SwitchA-GigabitEthernet1/0/1] port link-type hybrid

[SwitchA-GigabitEthernet1/0/1] port hybrid pvid vlan 300

[SwitchA-GigabitEthernet1/0/1] port hybrid untagged vlan 300

[SwitchA-GigabitEthernet1/0/1] quit

[SwitchA] interface gigabitethernet 1/0/2

[SwitchA-GigabitEthernet1/0/2] port link-type hybrid

[SwitchA-GigabitEthernet1/0/2] port hybrid pvid vlan 100

[SwitchA-GigabitEthernet1/0/2] port hybrid untagged vlan 100

2 / 24

. .

[SwitchA-GigabitEthernet1/0/2] quit

[SwitchA] interface vlanif 100

[SwitchA-Vlanif100] ip address 10.1.1.1 24

[SwitchA-Vlanif100] quit

[SwitchA] interface vlanif 300

[SwitchA-Vlanif300] ip address 192.168.1.1 24

[SwitchA-Vlanif300] quit

# 配置Switch的二层转发功能。

system-view

[HUAWEI] sysname Switch

[Switch] vlan 100

[Switch-vlan100] quit

[Switch] interface gigabitethernet 1/0/1

3 / 24

. .

[Switch-GigabitEthernet1/0/1] port link-type hybrid

[Switch-GigabitEthernet1/0/1] port hybrid pvid vlan 100

[Switch-GigabitEthernet1/0/1] port hybrid untagged vlan 100

[Switch-GigabitEthernet1/0/1] quit

[Switch] interface gigabitethernet 1/0/2

[Switch-GigabitEthernet1/0/2] port link-type hybrid

[Switch-GigabitEthernet1/0/2] port hybrid pvid vlan 100

[Switch-GigabitEthernet1/0/2] port hybrid untagged vlan 100

[Switch-GigabitEthernet1/0/2] quit

# 配置SwitchA、SwitchB和SwitchC间采用OSPF协议进行互连。以SwitchA为例，SwitchB和SwitchC的配置与SwitchA类似，详见配置文件。

[SwitchA] ospf 1

[SwitchA-ospf-1] area 0

[SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

4 / 24

. .

[SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255

[SwitchA-ospf-1-area-0.0.0.0] quit

[SwitchA-ospf-1] quit

2. 配置VRRP备份组

# 在SwitchA上创建VRRP备份组1，配置SwitchA在该备份组中的优先级为120，并配置抢占时间为20秒。

[SwitchA] interface vlanif 100

[SwitchA-Vlanif100] vrrp vrid 1 virtual-ip 10.1.1.111

[SwitchA-Vlanif100] vrrp vrid 1 priority 120 //设备在VRRP备份组中的优先级缺省为100，修改Master设备的优先级大于Backup设备

[SwitchA-Vlanif100] vrrp vrid 1 preempt-mode timer delay 20 //设备在VRRP备份组中缺省采用立即抢占方式。修改Master设备的延迟抢占时间，以避免在网络环境不稳定时，由于双方频繁抢占而导致流量中断的问题

[SwitchA-Vlanif100] quit

# 在SwitchB上创建VRRP备份组1，其在该备份组中的优先级采用缺省值100（不需要配置）。

5 / 24

. .

[SwitchB] interface vlanif 100

[SwitchB-Vlanif100] vrrp vrid 1 virtual-ip 10.1.1.111

[SwitchB-Vlanif100] quit

3. 验证配置结果

# 完成上述配置以后，在SwitchA和SwitchB上分别执行display vrrp命令，可以看到SwitchA在备份组中的状态为Master，SwitchB在备份组中的状态为Backup。

[SwitchA] display vrrp

Vlanif100 | Virtual Router 1

State : Master

Virtual IP : 10.1.1.111

Master IP : 10.1.1.1

PriorityRun : 120

PriorityConfig : 120

MasterPriority : 120

6 / 24

. .

Preempt : YES Delay Time : 20 s

TimerRun : 1 s

TimerConfig : 1 s

Auth type : NONE

Virtual MAC : 0000-5e00-0101

Check TTL : YES

Config type : normal-vrrp

Backup-forward : disabled

Create time : 2012-01-12 20:15:46

Last change time : 2012-01-12 20:15:46

[SwitchB] display vrrp

Vlanif100 | Virtual Router 1

State : Backup

7 / 24

. .

Virtual IP : 10.1.1.111

Master IP : 10.1.1.1

PriorityRun : 100

PriorityConfig : 100 MasterPriority : 120 Preempt : YES Delay Time : 0 s

TimerRun : 1 s

TimerConfig : 1 s

Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled

8 / 24

. .

Create time : 2012-01-12 20:15:46

Last change time : 2012-01-12 20:15:46

# 在SwitchA和SwitchB上执行display ip routing-table命令，SwitchA上可以看到路由表中有一条目的地址为虚拟IP地址的直连路由，而SwitchB上该路由为OSPF路由。SwitchA和SwitchB上的显示信息如下。

[SwitchA] display ip routing-table

Route Flags: R - relay, D - download to fib

------------------------------------------------------------------------------

Routing Tables: Public

Destinations : 9 Routes : 10

Destination/Mask Proto Pre Cost Flags NextHop Interface

10.1.1.0/24 Direct 0 0 D 10.1.1.1 Vlanif100

10.1.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif100

10.1.1.111/32Direct00D127.0.0.1Vlanif100

9 / 24

. .

127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0

127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0

172.16.1.0/24 OSPF 10 2 D 192.168.1.2 Vlanif300

192.168.1.0/24 Direct 0 0 D 192.168.1.1 Vlanif300

192.168.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif300

192.168.2.0/24 OSPF 10 2 D 10.1.1.2 Vlanif100

OSPF 10 2 D 192.168.1.2 Vlanif300

[SwitchB] display ip routing-table

Route Flags: R - relay, D - download to fib

------------------------------------------------------------------------------

10 / 24

. .

Routing Tables: Public

Destinations : 9 Routes : 10

Destination/Mask Proto Pre Cost Flags NextHop Interface

10.1.1.0/24 Direct 0 0 D 10.1.1.2 10.1.1.2/32 Direct 0 0 D 127.0.0.1 10.1.1.111/32OSPF102D10.1.1.1Vlanif100

127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0

127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0

172.16.1.0/24 OSPF 10 2 D 192.168.2.2 Vlanif200

192.168.1.0/24 OSPF 10 2 D 10.1.1.1 Vlanif100

OSPF 10 2 D 192.168.2.2 11 / 24

Vlanif100

Vlanif100

Vlanif200

. .

192.168.2.0/24 Direct 0 0 D 192.168.2.1 Vlanif200

192.168.2.1/32 Direct 0 0 D 127.0.0.1 Vlanif200

# 在SwitchA的接口GE1/0/2上执行shutdown命令，模拟SwitchA出现故障。

[SwitchA] interface gigabitethernet 1/0/2

[SwitchA-GigabitEthernet1/0/2] shutdown

[SwitchA-GigabitEthernet1/0/2] quit

# 在SwitchB上执行display vrrp命令查看VRRP状态信息，可以看到SwitchB的状态是Master。

[SwitchB] display vrrp

Vlanif100 | Virtual Router 1

State : Master

Virtual IP : 10.1.1.111

Master IP : 10.1.1.2

12 / 24

. .

PriorityRun : 100

PriorityConfig : 100

MasterPriority : 100

Preempt : YES Delay Time : 0 s

TimerRun : 1 s

TimerConfig : 1 s

Auth type : NONE

Virtual MAC : 0000-5e00-0101

Check TTL : YES

Config type : normal-vrrp

Backup-forward : disabled

Create time : 2012-01-12 20:15:46

Last change time : 2012-01-12 20:18:40

13 / 24

. .

# 在SwitchA的接口GE1/0/2上执行undo shutdown命令。

[SwitchA] interface gigabitethernet 1/0/2

[SwitchA-GigabitEthernet1/0/2] undo shutdown

[SwitchA-GigabitEthernet1/0/2] quit

# 等待20秒后，在SwitchA上执行display vrrp命令查看VRRP状态信息，可以看到SwitchA的状态恢复成Master。

[SwitchA] display vrrp

Vlanif100 | Virtual Router 1

State : Master

Virtual IP : 10.1.1.111

Master IP : 10.1.1.1

PriorityRun : 120

PriorityConfig : 120

MasterPriority : 120

14 / 24

. .

Preempt : YES Delay Time : 20 s

TimerRun : 1 s

TimerConfig : 1 s

Auth type : NONE

Virtual MAC : 0000-5e00-0101

Check TTL : YES

Config type : normal-vrrp

Backup-forward : disabled

Create time : 2012-01-12 20:15:46

Last change time : 2012-01-12 20:20:56

配置文件

• SwitchA的配置文件

•

#

15 / 24

. .

•

sysname SwitchA

•

#

•

vlan batch 100 300

•

#

•

interface Vlanif100

•

ip address 10.1.1.1 255.255.255.0

•

vrrp vrid 1 virtual-ip 10.1.1.111

•

vrrp vrid 1 priority 120

•

vrrp vrid 1 preempt-mode timer delay 20

•

#

•

interface Vlanif300

•

ip address 192.168.1.1 255.255.255.0

•

#

16 / 24

. .

•

interface GigabitEthernet1/0/1

•

port link-type hybrid

•

port hybrid pvid vlan 300

•

port hybrid untagged vlan 300

•

#

•

interface GigabitEthernet1/0/2

•

port link-type hybrid

•

port hybrid pvid vlan 100

•

port hybrid untagged vlan 100

•

#

•

ospf 1

•

area 0.0.0.0

•

network 10.1.1.0 0.0.0.255

17 / 24

. .

•

network 192.168.1.0 0.0.0.255

•

#

return

• SwitchB的配置文件

•

#

•

sysname SwitchB

•

#

•

vlan batch 100 200

•

#

•

interface Vlanif100

•

ip address 10.1.1.2 255.255.255.0

•

vrrp vrid 1 virtual-ip 10.1.1.111

•

#

18 / 24

. .

•

interface Vlanif200

•

ip address 192.168.2.1 255.255.255.0

•

#

•

interface GigabitEthernet1/0/1

•

port link-type hybrid

•

port hybrid pvid vlan 200

•

port hybrid untagged vlan 200

•

#

•

interface GigabitEthernet1/0/2

•

port link-type hybrid

•

port hybrid pvid vlan 100

•

port hybrid untagged vlan 100

•

#

19 / 24

. .

•

ospf 1

•

area 0.0.0.0

•

network 10.1.1.0 0.0.0.255

•

network 192.168.2.0 0.0.0.255

•

#

return

• SwitchC的配置文件

•

#

•

sysname SwitchC

•

#

•

vlan batch 200 300 400

•

#

•

interface Vlanif200

20 / 24

. .

•

ip address 192.168.2.2 255.255.255.0

•

#

•

interface Vlanif300

•

ip address 192.168.1.2 255.255.255.0

•

#

•

interface Vlanif400

•

ip address 172.16.1.1 255.255.255.0

•

#

•

interface GigabitEthernet1/0/1

•

port link-type hybrid

•

port hybrid pvid vlan 300

•

port hybrid untagged vlan 300

•

#

21 / 24

. .

•

interface GigabitEthernet1/0/2

•

port link-type hybrid

•

port hybrid pvid vlan 200

•

port hybrid untagged vlan 200

•

#

•

interface GigabitEthernet1/0/3

•

port link-type hybrid

•

port hybrid pvid vlan 400

•

port hybrid untagged vlan 400

•

#

•

ospf 1

•

area 0.0.0.0

•

network 172.16.1.0 0.0.0.255

22 / 24

. .

•

network 192.168.1.0 0.0.0.255

•

network 192.168.2.0 0.0.0.255

•

#

•

return

• Switch的配置文件

•

#

•

sysname Switch

•

#

•

vlan batch 100

•

#

•

interface GigabitEthernet1/0/1

•

port link-type hybrid

•

port hybrid pvid vlan 100

23 / 24

. .

•

port hybrid untagged vlan 100

•

#

•

interface GigabitEthernet1/0/2

•

port link-type hybrid

•

port hybrid pvid vlan 100

•

port hybrid untagged vlan 100

•

#

return

24 / 24