- 產品與解決方案
- 行業解決方案
- 服務
- 支持
- 合作夥伴
- 關於我們
48-BFD典型配置舉例
本章節下載: 48-BFD典型配置舉例 (540.51 KB)
H3C S6800&S6860&S6861產品BFD配置舉例
Copyright © 2019 bobty下载软件 版權所有,保留一切權利。
非經本公司書麵許可,任何單位和個人不得擅自摘抄、複製本文檔內容的部分或全部,並不得以任何形式傳播。
除bobty下载软件 的商標外,本手冊中出現的其它公司的商標、產品標識及商品名稱,由各自權利人擁有。
本文檔中的信息可能變動,恕不另行通知。
目 錄
3.5.4 配置上行設備Device E和Device F到VRRP組虛擬IP的靜態路由
8.4.2 在AS 100內配置OSPF功能,保證設備間路由可達
9.4.4 配置BFD功能,並創建和BFD會話關聯的Track項11,檢測Device B是否可達
本文檔介紹了BFD配置舉例。
本文檔中的配置均是在實驗室環境下進行的配置和驗證,配置前設備的所有參數均采用出廠時的缺省配置。如果您已經對設備進行了配置,為了保證配置效果,請確認現有配置和以下舉例中的配置不衝突。
本文假設您已了解BFD特性、VRRP特性、Track特性以及OSPF、IS-IS等路由協議。
如圖1所示,區域A和區域B用戶所在網絡的出口處部署了兩台彙聚層設備(Device A和Device B)。
現要求使用VRRP與BFD、Track聯動功能,實現以下需求:
· 在Device A和Device B上分別配置兩個VRRP備份組,Device A是VRRP備份組1中的Master設備,Device B是VRRP備份組2中的Master設備;
· 在正常情況下,區域A的用戶將VRRP備份組1作為缺省網關,通過Device A進行數據轉發,區域B用戶將VRRP備份組2作為缺省網關,通過Device B進行數據轉發。當一台網關設備出現故障時,另一台網關設備能夠迅速承擔受影響區域內主機流量的轉發任務;
· 當網關設備Device A(Device B)自身出現故障,或其上行接口出現故障時,局域網中的主機可以通過另一台設備網關設備Device B(Device A)繼續通信,避免通信中斷;當Device A(Device B)故障恢複後,繼續承擔網關功能;
· 當Device A或Device B的下行鏈路出現故障時,局域網中的主機通過接入設備L2 Switch A 或L2 Switch B的Ten-GigabitEthernet1/0/2端口將數據轉發給網關設備繼續通信,避免通信中斷;當Device A或Device B的下行鏈路故障恢複後,繼續由L2 Switch A 或L2 Switch B的Ten-GigabitEthernet1/0/1端口將數據發送給網關設備。
圖1 VRRP與BFD、Track聯動配置組網圖
· 為了實現不同區域中用戶數據流的負載分擔,需要在Device A和Device B上分別創建兩個VRRP備份組,並配置區域A內的主機都將VRRP備份組1作為網關,區域B內的主機都將VRRP備份組2作為網關;
· 為使Device A優先被選舉為VRRP備份組1的Master設備,需要為其在VRRP備份組1中配置較高的優先級;為使Device B優先被選舉為VRRP備份組2的Master設備,需要為其在VRRP備份組2中配置較高的優先級;
· 配置兩個VRRP備份組都工作在搶占模式,以保證原Master設備故障恢複後,能再次搶占成為Master;
· 通過Device A與Device B上配置BFD功能監視其上行接口的狀態,當監測到其上行接口故障時,Device A或Device B的優先級會自動降低指定的數額,使VRRP備份組1內Device B的優先級高於Device A,或VRRP備份組2內Device A的優先級高於Device B,從而實現主備切換;
· 為了使Device A上不同VLAN的VRRP通告報文和BFD報文能夠和Device B相互傳輸,需要配置Device A與Device B相連的接口均允許VLAN 2和VLAN 3通過;
· 利用MSTP多實例技術避免二層環路。將VLAN 2映射到MSTP實例1中;將VLAN 3映射到MSTP實例2中。保證正常情況下,MSTP實例1中的流量通過L2 Switch A 的Ten-GigabitEthernet1/0/1端口轉發,MSTP實例2中的流量通過L2 Switch B的Ten-GigabitEthernet1/0/1端口轉發。
· 為了避免MSTP功能阻塞Device A或Device B的上行接口Ten-GigabitEthernet1/0/1,需要關閉此接口的STP功能。
表1 適用產品及版本
|
產品 |
軟件版本 |
|
S6800係列 S6860係列 S6861係列 |
Release 2702 |
· 請務必保證備份組中的所有設備上配置的VRRP版本一致,否則備份組無法正常工作。
· 為了避免對端發送大量的ICMP重定向報文造成網絡擁塞,建議不要將BFD echo報文的源IP地址配置為屬於該設備任何一個接口所在網段。
· 建議將備份組的虛擬IP地址和備份組中設備下行接口的IP地址配置為同一網段,否則可能導致局域網內的主機無法訪問外部網絡。
(1) 配置Device A各接口的IP地址
<DeviceA> system-view
[DeviceA] vlan 101
[DeviceA-vlan101] port ten-gigabitethernet 1/0/1
[DeviceA-vlan101] quit
[DeviceA] interface vlan-interface 101
[DeviceA-Vlan-interface101] ip address 1.1.1.1 24
[DeviceA-Vlan-interface101] quit
(2) 請參考以上方法配置3.1 圖1中其它接口的IP地址,配置步驟這裏省略
(1) 配置Device A
# 與Device B直連的Ten-Gigabitethernet 1/0/4配置為trunk端口,不允許VLAN 1的報文通過,允許VLAN 2和VLAN 3的報文通過。
[DeviceA] interface ten-gigabitethernet 1/0/4
[DeviceA-Ten-GigabitEthernet1/0/4] port link-type trunk
[DeviceA-Ten-GigabitEthernet1/0/4] undo port trunk permit vlan 1
[DeviceA-Ten-GigabitEthernet1/0/4] port trunk permit vlan 2 to 3
[DeviceA-Ten-GigabitEthernet1/0/4] port trunk pvid vlan 2
[DeviceA-Ten-GigabitEthernet1/0/4] quit
(2) 配置Device B
# 與Device A直連的Ten-Gigabitethernet1/0/4配置為trunk端口,不允許VLAN 1的報文通過,允許VLAN 2和VLAN 3的報文通過。
[DeviceB] interface ten-gigabitethernet 1/0/4
[DeviceB-Ten-GigabitEthernet1/0/4] port link-type trunk
[DeviceB-Ten-GigabitEthernet1/0/4] undo port trunk permit vlan 1
[DeviceB-Ten-GigabitEthernet1/0/4] port trunk permit vlan 2 to 3
[DeviceB-Ten-GigabitEthernet1/0/4] port trunk pvid vlan 2
[DeviceB-Ten-GigabitEthernet1/0/4] quit
(1) 配置Device A Ten-GigabitEthernet1/0/1端口關閉STP功能
[DeviceA] interface ten-gigabitethernet 1/0/1
[DeviceA-Ten-GigabitEthernet1/0/1] undo stp enable
[DeviceA-Ten-GigabitEthernet1/0/1] quit
(2) 配置Device B Ten-GigabitEthernet1/0/1端口關閉STP功能
[DeviceB] interface ten-gigabitethernet 1/0/1
[DeviceB-Ten-GigabitEthernet1/0/1] undo stp enable
[DeviceB-Ten-GigabitEthernet1/0/1] quit
(1) 配置Device E
# 配置Device E到VRRP備份組1和VRRP備份組2的虛擬IP地址的靜態路由。
<DeviceE> system-view
[DeviceE] ip route-static 10.1.1.0 255.255.255.0 1.1.1.1
[DeviceE] ip route-static 10.1.2.0 255.255.255.0 1.1.1.1
(2) 配置Device F
# 配置Device F到VRRP備份組1和VRRP備份組2的虛擬IP地址的靜態路由。
<DeviceE> system-view
[DeviceF] ip route-static 10.1.1.0 255.255.255.0 1.1.2.1
[DeviceF] ip route-static 10.1.2.0 255.255.255.0 1.1.2.1
(1) 配置Device A
# 配置VRRP備份組1的虛擬IP地址為10.1.1.1,搶占延時為5s。並且VRRP備份組1中Device A的優先級為110,高於Device B,成為VRRP備份組1的Master。
[DeviceA] interface vlan-interface 2
[DeviceA-Vlan-interface2] vrrp vrid 1 virtual-ip 10.1.1.1
[DeviceA-Vlan-interface2] vrrp vrid 1 priority 110
[DeviceA-Vlan-interface2] vrrp vrid 1 preempt-mode delay 500
[DeviceA-Vlan-interface2] quit
# 配置VRRP備份組2的虛擬IP地址為10.1.2.1,搶占延時為5s。
[DeviceA] interface vlan-interface 3
[DeviceA-Vlan-interface3] vrrp vrid 2 virtual-ip 10.1.2.1
[DeviceA-Vlan-interface3] vrrp vrid 2 preempt-mode delay 500
[DeviceA–Vlan-interface3] quit
(2) 配置Device B
# 配置VRRP備份組1的虛擬IP地址為10.1.1.1,搶占延時為5s。
[DeviceB] interface vlan-interface 2
[DeviceB-Vlan-interface2] vrrp vrid 1 virtual-ip 10.1.1.1
[DeviceB-Vlan-interface2] vrrp vrid 1 preempt-mode delay 500
[DeviceB-Vlan-interface2] quit
# 配置VRRP備份組2的虛擬IP地址為10.1.2.1,搶占延時為5s。並且VRRP備份組2中Device B的優先級為110,高於Device A,成為VRRP備份組2的Master。
[DeviceB] interface vlan-interface 3
[DeviceB-Vlan-interface3] vrrp vrid 2 virtual-ip 10.1.2.1
[DeviceB-Vlan-interface3] vrrp vrid 2 priority 110
[DeviceB-Vlan-interface3] vrrp vrid 2 preempt-mode delay 500
[DeviceB–Vlan-interface3] quit
(1) 配置Device A
# 配置BFD echo報文方式的Source IP,IP地址可以任意指定,不要與實際接口地址相同。
[DeviceA] bfd echo-source-ip 10.10.10.10
(2) 配置Device B
# 配置BFD echo報文方式的Source IP,IP地址可以任意指定,不要與實際接口地址相同。
[DeviceB] bfd echo-source-ip 11.11.11.11
(1) 配置Device A
# 創建和BFD會話關聯的Track項1,檢測上行設備Device E是否可達。
[DeviceA] track 1 bfd echo interface vlan-interface 101 remote ip 1.1.1.2 local ip 1.1.1.1
[DeviceA-track-1] quit
# 配置備份組1監視Track項1的狀態,當Track項狀態為Negative時,Device A在VRRP備份組1中的優先級減小20,低於Device B,以便Device B搶占成為Master。
[DeviceA] interface vlan-interface 2
[DeviceA-Vlan-interface2] vrrp vrid 1 track 1 priority reduced 20
[DeviceA-Vlan-interface2] quit
(2) 配置Device B
# 創建和BFD會話關聯的Track項1,檢測上行設備Device F是否可達。
[DeviceB] track 1 bfd echo interface vlan-interface 101 remote ip 1.1.2.2 local ip 1.1.2.1
[Deviceb-track-1] quit
# 配置備份組2監視Track項1的狀態,當Track項狀態為Negative時,Device B在VRRP備份組2中的優先級減小20,低於Device A,以便Device A搶占成為Master。
[DeviceB] interface vlan-interface 3
[DeviceB-Vlan-interface3] vrrp vrid 2 track 1 priority reduced 20
[DeviceB-Vlan-interface3] quit
(1) 配置Device A
[DeviceA] stp region-configuration
[DeviceA-mst-region] region-name vrrp
[DeviceA-mst-region] instance 1 vlan 2
[DeviceA-mst-region] instance 2 vlan 3
[DeviceA-mst-region] active region-configuration
[DeviceA-mst-region] quit
[DeviceA] stp instance 1 root primary
[DeviceA] stp instance 2 root secondary
[DeviceA] stp global enable
(2) 配置Device B
[DeviceB] stp region-configuration
[DeviceB-mst-region] region-name vrrp
[DeviceB-mst-region] instance 1 vlan 2
[DeviceB-mst-region] instance 2 vlan 3
[DeviceB-mst-region] active region-configuration
[DeviceB-mst-region] quit
[DeviceB] stp instance 2 root primary
[DeviceB] stp instance 1 root secondary
[DeviceB] stp global enable
(3) 配置L2 Switch A
<DeviceC> system-view
[SwitchA] stp region-configuration
[SwitchA-mst-region] region-name vrrp
[SwitchA-mst-region] instance 1 vlan 2
[SwitchA-mst-region] active region-configuration
[SwitchA-mst-region] quit
[SwitchA] stp global enable
(4) 配置L2 Switch B
<SwitchB> system-view
[SwitchB] stp region-configuration
[SwitchB-mst-region] region-name vrrp
[SwitchB-mst-region] instance 2 vlan 3
[SwitchB-mst-region] active region-configuration
[SwitchB-mst-region] quit
(1) 網關設備Device A、Device B和鏈路均正常工作時,驗證局域網內主機是否可以與外部網絡通信
# 檢查區域A的主機到目的端1.1.1.2是否可達。
<host A> ping 1.1.1.2
PING 1.1.1.2 (1.1.1.2): 56 data bytes
56 bytes from 1.1.1.2: seq=0 ttl=128 time=22.43 ms
56 bytes from 1.1.1.2: seq=1 ttl=128 time=7.17 ms
56 bytes from 1.1.1.2: seq=2 ttl=128 time=8.91 ms
56 bytes from 1.1.1.2: seq=3 ttl=128 time=7.45 ms
56 bytes from 1.1.1.2: seq=4 ttl=128 time=9.11 ms
--- 1.1.1.2 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 7.17/11.01/22.43 ms
# 檢查區域B的主機到目的端1.1.2.2是否可達。
<host C> ping 1.1.2.2
PING 1.1.2.2 (1.1.2.2): 56 data bytes
56 bytes from 1.1.2.2: seq=0 ttl=128 time=22.43 ms
56 bytes from 1.1.2.2: seq=1 ttl=128 time=7.17 ms
56 bytes from 1.1.2.2: seq=2 ttl=128 time=8.91 ms
56 bytes from 1.1.2.2: seq=3 ttl=128 time=7.45 ms
56 bytes from 1.1.2.2: seq=4 ttl=128 time=9.11 ms
--- 1.1.2.2 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 7.17/11.01/22.43 ms
以上顯示信息表示網關設備Device A、Device B和鏈路均正常工作時,區域A的主機和區域B的主機都可以訪問Internet。
# 查看Device A上的BFD會話。
[DeviceA] display bfd session
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 session working in echo mode:
LD SourceAddr DestAddr State Holdtime Interface
129 1.1.1.1 1.1.1.2 Up 500ms Vlan101
以上顯示信息表示BFD會話已經建立。
# 顯示Device A上備份組的詳細信息。
[DeviceA] display vrrp verbose
IPv4 Virtual Router Information:
Running mode : Standard
Total number of virtual routers : 2
Interface Vlan-interface2
VRID : 1 Adver Timer : 100
Admin Status : Up State : Master
Config Pri : 110 Running Pri : 110
Preempt Mode : Yes Delay Time : 500
Auth Type : None
Virtual IP : 10.1.1.1
Virtual MAC : 0000-5e00-0101
Master IP : 10.1.1.101
VRRP Track Information:
Track Object : 1 State : Positive Pri Reduced : 20
Interface Vlan-interface3
VRID : 2 Adver Timer : 100
Admin Status : Up State : Backup
Config Pri : 100 Running Pri : 100
Preempt Mode : Yes Delay Time : 500
Become Master : 3600ms left
Auth Type : None
Virtual IP : 10.1.2.1
Virtual MAC : 0000-5e00-0102
Master IP : 10.1.2.102
# 顯示Device B上備份組的詳細信息。
[DeviceB] display vrrp verbose
IPv4 Virtual Router Information:
Running mode : Standard
Total number of virtual routers : 2
Interface Vlan-interface2
VRID : 1 Adver Timer : 100
Admin Status : Up State : Backup
Config Pri : 100 Running Pri : 100
Preempt Mode : Yes Delay Time : 500
Become Master : 3100ms left
Auth Type : None
Virtual IP : 10.1.1.1
Virtual MAC : 0000-5e00-0101
Master IP : 10.1.1.101
Interface Vlan-interface3
VRID : 2 Adver Timer : 100
Admin Status : Up State : Master
Config Pri : 110 Running Pri : 110
Preempt Mode : Yes Delay Time : 500
Auth Type : None
Virtual IP : 10.1.2.1
Virtual MAC : 0000-5e00-0102
Master IP : 10.1.2.102
VRRP Track Information:
Track Object : 1 State : Positive Pri Reduced : 20
以上顯示信息表示在備份組1中Device A為Master,Device B為Backup,缺省網關為10.1.1.1/24的主機通過Device A訪問Internet;備份組2中Device A為Backup,Device B為Master,缺省網關為10.1.2.1/24的主機通過Device B訪問Internet。
(2) 當Device A監視的上行設備或上行鏈路狀態為down時,驗證局域網內主機是否可以與外部網絡通信
# 檢查區域A的主機到目的端1.1.1.2是否可達。
<host A> ping 1.1.1.2
PING 1.1.1.2 (1.1.1.2): 56 data bytes
56 bytes from 1.1.1.2: seq=0 ttl=128 time=22.43 ms
56 bytes from 1.1.1.2: seq=1 ttl=128 time=7.17 ms
56 bytes from 1.1.1.2: seq=2 ttl=128 time=8.91 ms
56 bytes from 1.1.1.2: seq=3 ttl=128 time=7.45 ms
56 bytes from 1.1.1.2: seq=4 ttl=128 time=9.11 ms
--- 1.1.1.2 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 7.17/11.01/22.43 ms
# 檢查區域B的主機到目的端1.1.1.2是否可達。
<host C> ping 1.1.2.2
PING 1.1.2.2 (1.1.2.2): 56 data bytes
56 bytes from 1.1.2.2: seq=0 ttl=128 time=22.43 ms
56 bytes from 1.1.2.2: seq=1 ttl=128 time=7.17 ms
56 bytes from 1.1.2.2: seq=2 ttl=128 time=8.91 ms
56 bytes from 1.1.2.2: seq=3 ttl=128 time=7.45 ms
56 bytes from 1.1.2.2: seq=4 ttl=128 time=9.11 ms
--- 1.1.2.2 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 7.17/11.01/22.43 ms
以上顯示信息表示當Device A監視的上行設備或上行鏈路狀態為down時,區域A的主機和區域B的主機都可以訪問Internet。
# 查看Device A上的BFD會話。
[DeviceA] display bfd session
Total Session Num: 1 Up Session Num: 0 Init Mode: Active
IPv4 session working in echo mode:
LD SourceAddr DestAddr State Holdtime Interface
129 1.1.1.1 1.1.1.2 Down / Vlan101
以上顯示信息表示BFD會話已經終止。
# 顯示Device B上備份組的詳細信息。
[DeviceB] display vrrp verbose
IPv4 Virtual Router Information:
Running mode : Standard
Total number of virtual routers : 2
Interface Vlan-interface2
VRID : 1 Adver Timer : 100
Admin Status : Up State : Master
Config Pri : 100 Running Pri : 100
Preempt Mode : Yes Delay Time : 500
Auth Type : None
Virtual IP : 10.1.1.1
Virtual MAC : 0000-5e00-0101
Master IP : 10.1.1.102
Interface Vlan-interface3
VRID : 2 Adver Timer : 100
Admin Status : Up State : Master
Config Pri : 110 Running Pri : 110
Preempt Mode : Yes Delay Time : 500
Auth Type : None
Virtual IP : 10.1.2.1
Virtual MAC : 0000-5e00-0102
Master IP : 10.1.2.102
VRRP Track Information:
Track Object : 1 State : Positive Pri Reduced : 20
以上顯示信息表示當Device A監視的上行設備或上行鏈路狀態為down時,Device B搶占成為VRRP備份組1的Master,VLAN 2內的主機通過Device B與外界通信。
# 當上行設備或上行鏈路狀態恢複為UP後,查看Device A上的BFD會話。
[DeviceA] display bfd session
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 session working in echo mode:
LD SourceAddr DestAddr State Holdtime Interface
129 1.1.1.1 1.1.1.2 Up 1000ms Vlan101
以上顯示信息表示BFD會話已經恢複。
# 當上行設備或上行鏈路狀態恢複為UP後,顯示Device A上備份組的詳細信息。
[DeviceA] display vrrp verbose
IPv4 Virtual Router Information:
Running mode : Standard
Total number of virtual routers : 2
Interface Vlan-interface2
VRID : 1 Adver Timer : 100
Admin Status : Up State : Master
Config Pri : 110 Running Pri : 110
Preempt Mode : Yes Delay Time : 500
Auth Type : None
Virtual IP : 10.1.1.1
Virtual MAC : 0000-5e00-0101
Master IP : 10.1.1.101
VRRP Track Information:
Track Object : 1 State : Positive Pri Reduced : 20
Interface Vlan-interface3
VRID : 2 Adver Timer : 100
Admin Status : Up State : Backup
Config Pri : 100 Running Pri : 100
Preempt Mode : Yes Delay Time : 500
Become Master : 3550ms left
Auth Type : None
Virtual IP : 10.1.2.1
Virtual MAC : 0000-5e00-0102
Master IP : 10.1.2.102
以上顯示信息表示當上行設備或上行鏈路狀態恢複為UP後,Device A在VRRP備份組1中恢複為原來的優先級並搶占成為該備份組的Master,VLAN 2內的主機通過Device A與外界通信。
· Device A:
#
bfd echo-source-ip 10.10.10.10
#
vlan 2 to 3
#
vlan 101
#
stp region-configuration
region-name vrrp
instance 1 vlan 2
instance 2 vlan 3
active region-configuration
#
stp instance 1 root primary
stp instance 2 root secondary
stp global enable
#
interface Vlan-interface2
ip address 10.1.1.101 255.255.255.0
vrrp vrid 1 virtual-ip 10.1.1.1
vrrp vrid 1 priority 110
vrrp vrid 1 preempt-mode delay 500
vrrp vrid 1 track 1 priority reduced 20
#
interface Vlan-interface3
ip address 10.1.2.101 255.255.255.0
vrrp vrid 2 virtual-ip 10.1.2.1
vrrp vrid 2 preempt-mode delay 500
#
interface Vlan-interface101
ip address 1.1.1.1 255.255.255.0
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 101
undo stp enable
#
interface Ten-GigabitEthernet1/0/2
port link-mode bridge
port access vlan 2
#
interface Ten-GigabitEthernet1/0/3
port link-mode bridge
port access vlan 3
#
interface Ten-GigabitEthernet1/0/4
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 2 to 3
port trunk pvid vlan 2
#
track 1 bfd echo interface Vlan-interface101 remote ip 1.1.1.2 local ip 1.1.1.1
· Device B:
#
bfd echo-source-ip 11.11.11.11
#
vlan 2 to 3
#
vlan 101
#
stp region-configuration
region-name vrrp
instance 1 vlan 2
instance 2 vlan 3
active region-configuration
#
stp instance 1 root secondary
stp instance 2 root primary
stp global enable
#
interface Vlan-interface2
ip address 10.1.1.102 255.255.255.0
vrrp vrid 1 virtual-ip 10.1.1.1
vrrp vrid 1 preempt-mode delay 500
#
interface Vlan-interface3
ip address 10.1.2.102 255.255.255.0
vrrp vrid 2 virtual-ip 10.1.2.1
vrrp vrid 2 priority 110
vrrp vrid 2 preempt-mode delay 500
vrrp vrid 2 track 1 priority reduced 20
#
interface Vlan-interface101
ip address 1.1.2.1 255.255.255.0
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 101
undo stp enable
#
interface Ten-GigabitEthernet1/0/2
port link-mode bridge
port access vlan 2
#
interface Ten-GigabitEthernet1/0/3
port link-mode bridge
port access vlan 3
#
interface Ten-GigabitEthernet1/0/4
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 2 to 3
port trunk pvid vlan 2
#
track 1 bfd echo interface Vlan-interface101 remote ip 1.1.2.2 local ip 1.1.2.1
· L2 Switch A :
#
vlan 2
#
stp region-configuration
region-name vrrp
instance 1 vlan 2
active region-configuration
#
stp global enable
#
interface GigabitEthernet1/0/1
port link-mode bridge
port access vlan 2
#
interface GigabitEthernet1/0/2
port link-mode bridge
port access vlan 2
· L2 Switch B:
#
vlan 3
#
stp region-configuration
region-name vrrp
instance 2 vlan 3
active region-configuration
#
stp global enable
#
interface GigabitEthernet1/0/1
port link-mode bridge
port access vlan 3
#
interface GigabitEthernet1/0/2
port link-mode bridge
port access vlan 3
· Device E:
#
vlan 101
#
interface Vlan-interface101
ip address 1.1.1.2 255.255.255.0
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 101
#
ip route-static 10.1.1.0 255.255.255.0 1.1.1.1
ip route-static 10.1.2.0 255.255.255.0 1.1.1.1
#
· Device F:
#
vlan 101
#
interface Vlan-interface101
ip address 1.1.2.2 255.255.255.0
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 101
#
ip route-static 10.1.1.0 255.255.255.0 1.1.2.1
ip route-static 10.1.2.0 255.255.255.0 1.1.2.1
#
某公司內部網絡如圖2所示,從Device A到Device B有兩條轉發路徑,下一跳分別為Device B和Device C。由於Device A和Device B之間物理距離較遠,通過一個二層交換機L2 Switch作為中繼。假設Device B不支持BFD,要求在Device A上使用靜態路由與BFD聯動技術,實現當Device B與二層交換機L2 Switch之間的鏈路出現故障(如鏈路down)時,Device A能快速感知,並將流量切換到Device C的鏈路上。
圖2 靜態路由與BFD聯動配置組網圖
|
設備 |
接口 |
IP地址 |
設備 |
接口 |
IP地址 |
|
Device A |
Vlan-int10 |
192.168.10.101/24 |
Device B |
Vlan-int10 |
192.168.10.102/24 |
|
|
Vlan-int20 |
192.168.20.101/24 |
|
Vlan-int30 |
192.168.30.101/24 |
|
|
Vlan-int40 |
192.168.40.101/24 |
|
Vlan-int50 |
192.168.50.101/24 |
|
Device C |
Vlan-int20 |
192.168.20.102/24 |
|
|
|
|
|
Vlan-int30 |
192.168.30.102/24 |
|
|
|
· 由於需要兩端設備均支持BFD,才能夠使用控製報文方式,本例中Device B不支持BFD,在Device A上配置的BFD功能僅能使用echo報文方式。
· echo報文方式下必須配置echo報文的源IP地址。IP地址可以任意指定,不需要與實際接口地址對應。建議不要將echo報文的源IP地址配置為屬於該設備任何一個接口所在網段,避免對端發送大量的ICMP重定向報文造成網絡擁塞。
表2 適用產品及版本
|
產品 |
軟件版本 |
|
S6800係列 S6860係列 S6861係列 |
Release 2702 |
(1) 配置Device A各接口的IP地址
<DeviceA> system-view
[DeviceA] vlan 10
[DeviceA-vlan10] port ten-gigabitethernet 1/0/1
[DeviceA-vlan10] quit
[DeviceA] interface vlan-interface 10
[DeviceA-Vlan-interface10] ip address 192.168.10.101 24
[DeviceA-Vlan-interface10] quit
(2) 請參考以上方法配置4.1 圖2中其它接口的IP地址,配置步驟這裏省略
(1) 配置Device A
# 配置Device A到192.168.50.0/24網段的靜態路由,Device A到Device B的流量優先走Device A –> L2 Switch–> Device B鏈路,當此鏈路發生故障時,流量切換到Device A –> Device C–> Device B鏈路上。
[DeviceA] ip route-static 192.168.50.0 24 vlan-interface 10 192.168.10.102 bfd echo-packet
[DeviceA] ip route-static 192.168.50.0 24 vlan-interface 20 192.168.20.102 preference 65
(2) 配置Device B
# 配置Device B到192.168.40.0/24網段的靜態路由,Device B到Device A的流量優先走Device B –> L2 Switch–> Device A鏈路,當此鏈路發生故障時,流量切換到Device B –> Device C–> Device A鏈路上。
[DeviceB] ip route-static 192.168.40.0 24 vlan-interface 10 192.168.10.101
[DeviceB] ip route-static 192.168.40.0 24 vlan-interface 30 192.168.30.102 preference 65
(3) 配置Device C
# 配置Device C到192.168.40.0/24和192.168.50.0/24網段的靜態路由。
[DeviceC] ip route-static 192.168.40.0 24 vlan-interface 20 192.168.20.101
[DeviceC] ip route-static 192.168.50.0 24 vlan-interface 30 192.168.30.101
# 靜態路由支持的BFD會話方式為echo報文方式,該方式下必須配置BFD echo報文的源IP地址。IP地址可以任意指定,不需要與實際接口地址對應。建議不要將BFD echo報文的源IP地址配置為屬於該設備任何一個接口所在網段。
[DeviceA] bfd echo-source-ip 10.10.10.10
# 配置接口接收BFD echo報文的最小時間間隔為100ms,單跳BFD檢測時間倍數為3。
[DeviceA] interface vlan-interface 10
[DeviceA-Vlan-interface10] bfd min-echo-receive-interval 100
[DeviceA-Vlan-interface10] bfd detect-multiplier 3
[DeviceA-Vlan-interface10] quit
(1) Device A和Device B設備及之間的鏈路均正常工作時
# 在Device A查看靜態路由信息。
[DeviceA] display ip routing-table protocol static
Summary Count : 1
Static Routing table Status : <Active>
Summary Count : 1
Destination/Mask Proto Pre Cost NextHop Interface
192.168.50.0/24 Static 60 0 192.168.10.102 Vlan10
Static Routing table Status : <Inactive>
Summary Count : 0
以上顯示信息表示Device A經過L2 Switch到達Device B。
# 查看BFD會話。
[DeviceA] display bfd session
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 session working in echo mode:
LD/RD SourceAddr DestAddr State Holdtime Interface
67 192.168.10.101 192.168.10.102 Up 300ms Vlan10
以上顯示信息表示BFD會話已經創建。
(2) Device B與L2 Switch之間的鏈路出現故障時
# 查看靜態路由。
[DeviceA] display ip routing-table protocol static
Summary Count : 1
Static Routing table Status : <Active>
Summary Count : 1
Destination/Mask Proto Pre Cost NextHop Interface
192.168.50.0/24 Static 65 0 192.168.20.102 Vlan20
Static Routing table Status : <Inactive>
Summary Count : 0
以上顯示信息表示Device A經過Device C到達Device B。
· Device A:
#
bfd echo-source-ip 10.10.10.10
#
vlan 10
#
vlan 20
#
vlan 40
#
interface Vlan-interface10
ip address 192.168.10.101 255.255.255.0
bfd min-echo-receive-interval 100
bfd detect-multiplier 3
#
interface Vlan-interface20
ip address 192.168.20.101 255.255.255.0
#
interface Vlan-interface40
ip address 192.168.40.101 255.255.255.0
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 10
#
interface Ten-GigabitEthernet1/0/2
port link-mode bridge
port access vlan 20
#
interface Ten-GigabitEthernet1/0/3
port link-mode bridge
port access vlan 40
#
ip route-static 192.168.50.0 24 Vlan-interface10 192.168.10.102 bfd echo-packet
ip route-static 192.168.50.0 24 Vlan-interface20 192.168.20.102 preference 65
#
· Device B:
#
vlan 10
#
vlan 30
#
vlan 50
#
interface Vlan-interface10
ip address 192.168.10.102 255.255.255.0
#
interface Vlan-interface30
ip address 192.168.30.101 255.255.255.0
#
interface Vlan-interface50
ip address 192.168.50.101 255.255.255.0
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 10
#
interface Ten-GigabitEthernet1/0/2
port link-mode bridge
port access vlan 30
#
interface Ten-GigabitEthernet1/0/3
port link-mode bridge
port access vlan 50
#
ip route-static 192.168.40.0 24 Vlan-interface10 192.168.10.101
ip route-static 192.168.40.0 24 Vlan-interface30 192.168.30.102 preference 65
#
· Device C:
#
vlan 20
#
vlan 30
#
interface Vlan-interface20
ip address 192.168.20.102 255.255.255.0
#
interface Vlan-interface30
ip address 192.168.30.102 255.255.255.0
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 20
#
interface Ten-GigabitEthernet1/0/2
port link-mode bridge
port access vlan 30
#
ip route-static 192.168.40.0 24 Vlan-interface20 192.168.20.101
ip route-static 192.168.50.0 24 Vlan-interface30 192.168.30.101
#
如圖3所示,某公司通過一台二層交換機作為中繼將兩個相距較遠的部門連接。Device A、Device B、Device C上運行RIP,建立RIP鄰居關係,保證網絡層相互可達。
公司希望在Device A上使用RIP與BFD聯動技術,實現當Device C與二層交換機之間的鏈路出現故障(如鏈路down)時,BFD能夠快速感知並通告RIP協議。
已知Device C不支持BFD功能,公司希望使用RIP與BFD聯動技術,采用BFD echo報文方式實現當Device A或Device C與二層交換機之間的鏈路出現故障時,BFD能夠快速感知並通告RIP協議。
現要求通過在Device A和Device C上配置RIP與BFD聯動功能,實現:
· 監測通過L2 Switch通信的鏈路;
· 當鏈路出現故障時設備能夠快速感知並通告RIP協議,快速切換到Device B鏈路進行通信。
圖3 RIP與BFD聯動配置組網圖
|
設備 |
接口 |
IP地址 |
設備 |
接口 |
IP地址 |
|
Device A |
Vlan-int10 |
10.1.0.101/24 |
Device B |
Vlan-int20 |
192.168.0.102/24 |
|
|
Vlan-int20 |
192.168.0.101/24 |
|
Vlan-int30 |
13.1.1.101/24 |
|
|
Vlan-int100 |
120.1.1.1/24 |
|
|
|
|
Device C |
Vlan-int10 |
10.1.0.102/24 |
|
|
|
|
|
Vlan-int30 |
13.1.1.102/24 |
|
|
|
|
|
Vlan-int100 |
121.1.1.1/24 |
|
|
|
· 由於需要兩端設備均支持BFD,才能夠使用控製報文方式,本例中Device C不支持BFD,在Device A上配置的BFD功能僅能使用echo報文方式。
· echo報文方式下必須配置echo報文的源IP地址。IP地址可以任意指定,不需要與實際接口地址對應。建議不要將echo報文的源IP地址配置為屬於該設備任何一個接口所在網段,避免對端發送大量的ICMP重定向報文造成網絡擁塞。
表3 適用產品及版本
|
產品 |
軟件版本 |
|
S6800係列 S6860係列 S6861係列 |
Release 2702 |
(1) 配置Device A各接口的IP地址
<DeviceA> system-view
[DeviceA] vlan 10
[DeviceA-vlan10] port ten-gigabitethernet 1/0/1
[DeviceA-vlan10] quit
[DeviceA] interface vlan-interface 10
[DeviceA-Vlan-interface10] ip address 10.1.0.101 24
[DeviceA-Vlan-interface10] quit
(2) 請參考以上方法配置5.1 圖3中其它接口的IP地址,配置步驟這裏省略
(1) 配置Device A
# 配置Device A的RIP基本功能,引入直連路由,並使能RIP的BFD功能。
<DeviceA> system-view
[DeviceA] rip 1
[DeviceA-rip-1] version 2
[DeviceA-rip-1] undo summary
[DeviceA-rip-1] network 10.1.0.0
[DeviceA-rip-1] network 192.168.0.0
[DeviceA-rip-1] import-route direct
[DeviceA-rip-1] quit
[DeviceA] interface vlan-interface 10
[DeviceA-Vlan-interface10] rip bfd enable
[DeviceA-Vlan-interface10] quit
(2) 配置Device B
# 配置Device B的RIP基本功能,引入直連路由。
<DeviceB> system-view
[DeviceB] rip 1
[DeviceB-rip-1] version 2
[DeviceB-rip-1] undo summary
[DeviceB-rip-1] network 192.168.0.0
[DeviceB-rip-1] network 13.1.1.0
[DeviceB-rip-1] import-route direct
[DeviceB-rip-1] quit
(3) 配置Device C
# 配置Device C的RIP基本功能,引入直連路由。
<DeviceC> system-view
[DeviceC] rip 1
[DeviceC-rip-1] version 2
[DeviceC-rip-1] undo summary
[DeviceC-rip-1] network 10.1.0.0
[DeviceC-rip-1] network 13.1.1.0
[DeviceC-rip-1] import-route direct
[DeviceC-rip-1] quit
# RIP支持的BFD會話方式為echo報文方式,該方式下必須配置BFD echo報文的源IP地址。IP地址可以任意指定,不需要與實際接口地址對應。建議不要將BFD echo報文的源IP地址配置為屬於該設備任何一個接口所在網段。
[DeviceA] bfd echo-source-ip 11.11.11.11
# 配置接口接收BFD echo報文的最小時間間隔為100ms,單跳BFD檢測時間倍數為3。
[DeviceA] interface vlan-interface 10
[DeviceA-Vlan-interface10] bfd min-echo-receive-interval 100
[DeviceA-Vlan-interface10] bfd detect-multiplier 3
[DeviceA-Vlan-interface10] quit
# 查看Device A上BFD會話信息,顯示BFD會話已被創建,且狀態為Up。
[DeviceA] display bfd session verbose
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 session working in echo mode:
Local Discr: 2049
Source IP: 10.1.0.101 Destination IP: 10.1.0.102
Session State: Up Interface: Vlan-interface10
Hold Time: 300ms Act Tx Inter: 100ms
Min Rx Inter: 100ms Detect Inter: 300ms
Rx Count: 0 Tx Count: 910
Connect Type: Direct Running Up for: 00:00:46
Detect Mode: Async Slot: 1
Protocol: RIP
Version: 1
Diag Info: No Diagnostic
# 查看Device A上學到的路由121.1.1.0/24,可以看到Device A經過L2 Switch到達Device C。
<DeviceA> display ip routing-table 121.1.1.0 24 verbose
Summary Count : 1
Destination: 121.1.1.0/24
Protocol: RIP
Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 1 Preference: 100
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 10.1.0.102
Flags: 0x1008c OrigNextHop: 10.1.0.102
Label: NULL RealNextHop: 10.1.0.102
BkLabel: NULL BkNextHop: N/A
SRLabel: NULL BkSRLabel: NULL
Tunnel ID: Invalid Interface: Vlan-interface10
BkTunnel ID: Invalid BkInterface: N/A
# 當Device C和二層交換機之間的鏈路發生故障,BFD快速檢測到鏈路發生變化並立刻通告RIP。
%Oct 9 18:42:17:650 2013 Device A BFD/5/BFD_CHANGE_FSM: Sess[10.1.0.101/10.1.0.102, LD/RD:2049/2049, Interface:Vlan10, SessType:Echo, LinkType:INET], Ver:1, Sta: UP-> DOWN, Diag:1 (Control Detection Time Expired)
# 查看Device A上學到的路由121.1.1.0/24,可以看到Device A經過Device B到達Device C。
<DeviceA> display ip routing-table 121.1.1.0 24 verbose
Summary Count : 1
Destination: 121.1.1.0/24
Protocol: RIP
Process ID: 2
SubProtID: 0x1 Age: 04h20m37s
Cost: 2 Preference: 100
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 192.168.0.102
Flags: 0x1008c OrigNextHop: 192.168.0.102
Label: NULL RealNextHop: 192.168.0.102
BkLabel: NULL BkNextHop: N/A
SRLabel: NULL BkSRLabel: NULL
Tunnel ID: Invalid Interface: Vlan-interface20
BkTunnel ID: Invalid BkInterface: N/A
· Device A:
#
bfd echo-source-ip 11.11.11.11
#
rip 1
undo summary
version 2
network 10.0.0.0
network 192.168.0.0
import-route direct
#
vlan 10
#
vlan 20
#
vlan 100
#
interface Vlan-interface10
ip address 10.1.0.101 255.255.255.0
rip bfd enable
bfd min-transmit-interval 100
bfd min-receive-interval 100
bfd detect-multiplier 3
#
interface Vlan-interface20
ip address 192.168.0.101 255.255.255.0
#
interface Vlan-interface100
ip address 120.1.1.1 255.255.255.0
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 10
#
interface Ten-GigabitEthernet1/0/2
port link-mode bridge
port access vlan 20
#
interface Ten-GigabitEthernet1/0/3
port link-mode bridge
port access vlan 100
#
· Device B:
#
rip 1
undo summary
version 2
network 192.168.0.0
network 13.1.1.0
import-route direct
#
vlan 20
#
vlan 30
#
interface Vlan-interface20
ip address 192.168.0.102 255.255.255.0
#
interface Vlan-interface30
ip address 13.1.1.101 255.255.255.0
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 20
#
interface Ten-GigabitEthernet1/0/2
port link-mode bridge
port access vlan 30
#
· Device C:
#
rip 1
undo summary
version 2
network 10.1.0.0
network 13.1.1.0
import-route direct
#
vlan 10
#
vlan 30
#
vlan 100
#
interface Vlan-interface10
ip address 10.1.0.102 255.255.255.0
#
interface Vlan-interface30
ip address 13.1.1.102 255.255.255.0
#
interface Vlan-interface100
ip address 121.1.1.1 255.255.255.0
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 10
#
interface Ten-GigabitEthernet1/0/2
port link-mode bridge
port access vlan 30
#
interface Ten-GigabitEthernet1/0/3
port link-mode bridge
port access vlan 100
#
如圖4所示,某公司通過一台二層交換機作為中繼將兩個相距較遠的部門連接。Device A、Device B、Device C上運行OSPF,建立OSPF鄰居關係,保證網絡層相互可達。
已知Device A和Device C都支持BFD功能,要求使用OSPF與BFD聯動技術,采用BFD控製報文方式實現當Device A或Device C與二層交換機之間的鏈路出現故障(如鏈路down)時,BFD能夠快速感知並通告OSPF協議。
現要求通過在Device A和Device C上配置OSPF與BFD聯動功能,實現:
· 監測通過L2 Switch通信的鏈路;
· 當鏈路出現故障時設備能夠快速感知並通告OSPF協議,快速切換到Device B鏈路進行通信。
圖4 OSPF與BFD聯動配置組網圖
|
設備 |
接口 |
IP地址 |
設備 |
接口 |
IP地址 |
|
Device A |
Vlan-int10 |
10.1.0.101/24 |
Device B |
Vlan-int20 |
192.168.0.102/24 |
|
|
Vlan-int20 |
192.168.0.101/24 |
|
Vlan-int30 |
13.1.1.101/24 |
|
|
Vlan-int100 |
120.1.1.1/24 |
|
|
|
|
Device C |
Vlan-int10 |
10.1.0.102/24 |
|
|
|
|
|
Vlan-int30 |
13.1.1.102/24 |
|
|
|
|
|
Vlan-int100 |
121.1.1.1/24 |
|
|
|
Device A和Device C都支持BFD,可以使用BFD控製報文方式,通信雙方至少要有一方運行在主動模式才能成功建立起BFD會話。
|
產品 |
軟件版本 |
|
S6800係列 S6860係列 S6861係列 |
Release 2702 |
(1) 配置Device A各接口的IP地址
<DeviceA> system-view
[DeviceA] vlan 10
[DeviceA-vlan10] port ten-gigabitethernet 1/0/1
[DeviceA-vlan10] quit
[DeviceA] interface vlan-interface 10
[DeviceA-Vlan-interface10] ip address 10.1.0.101 24
[DeviceA-Vlan-interface10] undo shutdown
[DeviceA-Vlan-interface10] quit
(2) 請參考以上方法配置6.1 圖4中其它接口的IP地址,具體配置步驟略
(1) 配置Device A
# 配置Device A的OSPF基本功能,並使能OSPF的BFD功能。
[DeviceA] ospf
[DeviceA-ospf-1] area 0
[DeviceA-ospf-1-area-0.0.0.0] network 10.1.0.0 0.0.0.255
[DeviceA-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255
[DeviceA-ospf-1-area-0.0.0.0] network 120.1.1.0 0.0.0.255
[DeviceA-ospf-1-area-0.0.0.0] quit
[DeviceA-ospf-1] quit
[DeviceA] interface vlan-interface 10
[DeviceA-Vlan-interface10] ospf bfd enable
[DeviceA-Vlan-interface10] quit
(2) 配置Device B
# 配置Device B的OSPF基本功能。
[DeviceB] ospf
[DeviceB-ospf-1] area 0
[DeviceB-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255
[DeviceB-ospf-1-area-0.0.0.0] network 13.1.1.0 0.0.0.255
[DeviceB-ospf-1-area-0.0.0.0] quit
[DeviceB-ospf-1] quit
(3) 配置Device C
# 配置Device C的OSPF基本功能,並使能OSPF的BFD功能。
[DeviceC] ospf
[DeviceC-ospf-1] area 0
[DeviceC-ospf-1-area-0.0.0.0] network 10.1.0.0 0.0.0.255
[DeviceC-ospf-1-area-0.0.0.0] network 13.1.1.0 0.0.0.255
[DeviceC-ospf-1-area-0.0.0.0] network 121.1.1.0 0.0.0.255
[DeviceC-ospf-1-area-0.0.0.0] quit
[DeviceC-ospf-1] quit
[DeviceC] interface vlan-interface 10
[DeviceC-Vlan-interface10] ospf bfd enable
[DeviceC-Vlan-interface10] quit
# 配置BFD會話建立前的運行模式為主動模式(缺省為主動模式)。
[DeviceA] bfd session init-mode active
# 配置發送和接收單跳BFD控製報文的最小時間間隔都為100ms,單跳BFD檢測時間倍數為3。
[DeviceA] interface vlan-interface 10
[DeviceA-Vlan-interface10] bfd min-transmit-interval 100
[DeviceA-Vlan-interface10] bfd min-receive-interval 100
[DeviceA-Vlan-interface10] bfd detect-multiplier 3
[DeviceA-Vlan-interface10] quit
(2) 配置Device C
# 配置BFD會話建立前的運行模式為主動模式(缺省為主動模式)。
[DeviceC] bfd session init-mode active
# 配置發送和接收單跳BFD控製報文的最小時間間隔都為100ms,單跳BFD檢測時間倍數為3。
[DeviceC] interface vlan-interface 10
[DeviceC-Vlan-interface10] bfd min-transmit-interval 100
[DeviceC-Vlan-interface10] bfd min-receive-interval 100
[DeviceC-Vlan-interface10] bfd detect-multiplier 3
[DeviceC-Vlan-interface10] quit
# 檢查Device A連接的主機host A(120.1.1.2)到Device C連接的主機host C(121.1.1.2)是否可達。
<host A> ping 121.1.1.2
PING 121.1.1.2 (121.1.1.2): 56 data bytes
56 bytes from 121.1.1.2: seq=0 ttl=128 time=22.43 ms
56 bytes from 121.1.1.2: seq=1 ttl=128 time=7.17 ms
56 bytes from 121.1.1.2: seq=2 ttl=128 time=8.91 ms
56 bytes from 121.1.1.2: seq=3 ttl=128 time=7.45 ms
56 bytes from 121.1.1.2: seq=4 ttl=128 time=9.11 ms
--- 121.1.1.2 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 7.17/11.01/22.43 ms
# 查看Device A 上OSPF鄰居信息,顯示Device A和Device C已建立OSPF鄰居關係。
[DeviceA] display ospf peer verbose
OSPF Process 1 with Router ID 2.2.2.2
Neighbors
Area 0.0.0.0 interface 10.1.0.101(Vlan-interface10)'s neighbors
Router ID: 1.1.1.1 Address: 10.1.0.102 GR State: Normal
State: Full Mode: Nbr is slave Priority: 1
DR: 10.1.0.101 BDR: 10.1.0.102 MTU: 0
Options is 0x42 (-|O|-|-|-|-|E|-)
Dead timer due in 39 sec
Neighbor is up for 00:09:01
Authentication Sequence: [ 0 ]
Neighbor state change count: 5
BFD status: Enabled(Control mode)
# 查看 Device A和Device C上BFD會話信息,顯示BFD會話已被創建,且狀態為Up。
[DeviceA] display bfd session verbose
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 session working in control packet mode:
Local Discr: 2049 Remote Discr: 2049
Source IP: 10.1.0.101 Destination IP: 10.1.0.102
Session State: Up Interface: Vlan-interface10
Min Tx Inter: 100ms Act Tx Inter: 100ms
Min Rx Inter: 100ms Detect Inter: 300ms
Rx Count: 536 Tx Count: 536
Connect Type: Direct Running Up for: 00:04:48
Hold Time: 300ms Auth mode: None
Detect Mode: Async Slot: 1
Protocol: OSPF
Version: 1
Diag Info: No Diagnostic
[DeviceC] display bfd session verbose
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 session working in control packet mode:
Local Discr: 2049 Remote Discr: 2049
Source IP: 10.1.0.102 Destination IP: 10.1.0.101
Session State: Up Interface: Vlan-interface10
Min Tx Inter: 100ms Act Tx Inter: 100ms
Min Rx Inter: 100ms Detect Inter: 300ms
Rx Count: 3971 Tx Count: 3776
Connect Type: Direct Running Up for: 00:06:52
Hold Time: 300ms Auth mode: None
Detect Mode: Async Slot: 1
Protocol: OSPF
Version: 1
Diag Info: No Diagnostic
# 在Device A上查看121.1.1.0/24的路由信息,可以看出Device A和Device C是通過L2 Switch進行通信的。
<DeviceA> display ip routing-table 121.1.1.0 verbose
Summary Count : 1
Destination: 121.1.1.0/24
Protocol: OSPF
Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 1 Preference: 10
IpPre: N/A QosLocalID: N/A
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NibID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 10.1.0.102
Label: NULL RealNextHop: 10.1.0.102
BkLabel: NULL BkNextHop: N/A
SRLabel: NULL BkSRLabel: NULL
Tunnel ID: Invalid Interface: Vlan-interface10
BkTunnel ID: Invalid BkInterface: N/A
FtnIndex: 0x0 TrafficIndex: N/A
Connector: N/A PathID: 0x0
# 當Device C和二層交換機之間的鏈路狀態變為Down,BFD快速檢測到鏈路發生變化並立刻通告OSPF。
%Oct 9 15:22:23:154 2013 DeviceC BFD/5/BFD_CHANGE_FSM: Sess[10.1.0.102/10.1.0.101, LD/RD:2049/2049, Interface:Vlan10, SessType:Ctrl, LinkType:INET], Ver:1, Sta: UP-> DOWN, Diag: 1 (Control Detection Time Expired)
%Oct 9 15:22:23:155 2013 DeviceC OSPF/5/OSPF_NBR_CHG: OSPF 1 Neighbor 10.1.0.101(Vlan-interface10) from FULL to DOWN.
# 在Device A上查看121.1.1.0/24的路由信息,可以看出Device A和Device C已經切換到Device B進行通信。
<DeviceA> display ip routing-table 121.1.1.0 verbose
Summary Count : 1
Destination: 121.1.1.0/24
Protocol: OSPF
Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 2 Preference: 10
IpPre: N/A QosLocalID: N/A
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NibID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 192.168.0.102
Label: NULL RealNextHop: 192.168.0.102
BkLabel: NULL BkNextHop: N/A
SRLabel: NULL BkSRLabel: NULL
Tunnel ID: Invalid Interface: Vlan-interface20
BkTunnel ID: Invalid BkInterface: N/A
FtnIndex: 0x0 TrafficIndex: N/A
Connector: N/A PathID: 0x0
· Device A:
#
ospf 1
area 0.0.0.0
network 10.1.0.0 0.0.0.255
network 120.1.1.0 0.0.0.255
network 192.168.0.0 0.0.0.255
#
vlan 10
#
vlan 20
#
vlan 100
#
interface Vlan-interface10
ip address 10.1.0.101 255.255.255.0
ospf bfd enable
bfd min-transmit-interval 100
bfd min-receive-interval 100
bfd detect-multiplier 3
#
interface Vlan-interface20
ip address 192.168.0.101 255.255.255.0
#
interface Vlan-interface100
ip address 120.1.1.1 255.255.255.0
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 10
#
interface Ten-GigabitEthernet1/0/2
port link-mode bridge
port access vlan 20
#
interface Ten-GigabitEthernet1/0/3
port link-mode bridge
port access vlan 100
#
· Device B:
#
ospf 1
area 0.0.0.0
network 13.1.1.0 0.0.0.255
network 192.168.0.0 0.0.0.255
#
vlan 20
#
vlan 30
#
interface Vlan-interface20
ip address 192.168.0.102 255.255.255.0
#
interface Vlan-interface30
ip address 13.1.1.101 255.255.255.0
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 20
#
interface Ten-GigabitEthernet1/0/2
port link-mode bridge
port access vlan 30
#
· Device C:
#
ospf 1
area 0.0.0.0
network 10.1.0.0 0.0.0.255
network 13.1.1.0 0.0.0.255
network 121.1.1.0 0.0.0.255
#
vlan 10
#
vlan 30
#
vlan 100
#
interface Vlan-interface10
ip address 10.1.0.102 255.255.255.0
ospf bfd enable
bfd min-transmit-interval 100
bfd min-receive-interval 100
bfd detect-multiplier 3
#
interface Vlan-interface30
ip address 13.1.1.102 255.255.255.0
#
interface Vlan-interface100
ip address 121.1.1.1 255.255.255.0
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 10
#
interface Ten-GigabitEthernet1/0/2
port link-mode bridge
port access vlan 30
#
interface Ten-GigabitEthernet1/0/3
port link-mode bridge
port access vlan 100
#
如圖5所示,某公司通過一台二層交換機作為中繼將兩個相距較遠的部門連接。Device A、Device B、Device C上運行IS-IS,建立IS-IS鄰居關係,保證網絡層相互可達。
已知Device A和Device C都支持BFD功能,公司希望使用IS-IS與BFD聯動技術,采用BFD控製報文方式實現當Device A或Device C與二層交換機之間的鏈路出現故障(如鏈路down)時,BFD能夠快速感知並通告IS-IS協議。
現要求通過在Device A和Device C上配置IS-IS與BFD聯動功能,實現:
· 監測通過L2 Switch通信的鏈路;
· 當鏈路出現故障時設備能夠快速感知並通告IS-IS協議,快速切換到Device B鏈路進行通信。
圖5 IS-IS與BFD聯動配置組網圖
|
設備 |
接口 |
IP地址 |
設備 |
接口 |
IP地址 |
|
Device A |
Vlan-int10 |
10.1.0.101/24 |
Device B |
Vlan-int20 |
192.168.0.102/24 |
|
|
Vlan-int20 |
192.168.0.101/24 |
|
Vlan-int30 |
13.1.1.101/24 |
|
|
Vlan-int100 |
120.1.1.1/24 |
|
|
|
|
Device C |
Vlan-int10 |
10.1.0.102/24 |
|
|
|
|
|
Vlan-int30 |
13.1.1.102/24 |
|
|
|
|
|
Vlan-int100 |
121.1.1.1/24 |
|
|
|
Device A和Device C都支持BFD,可以使用BFD控製報文方式,通信雙方至少要有一方運行在主動模式才能成功建立起BFD會話。
表5 適用產品及版本
|
產品 |
軟件版本 |
|
S6800係列 S6860係列 S6861係列 |
Release 2702 |
(1) 配置Device A各接口的IP地址
<DeviceA> system-view
[DeviceA] vlan 10
[DeviceA-vlan10] port ten-gigabitethernet 1/0/1
[DeviceA-vlan10] quit
[DeviceA] interface vlan-interface 10
[DeviceA-Vlan-interface10] ip address 10.1.0.101 24
[DeviceA-Vlan-interface10] quit
(2) 請參考以上方法配置圖5中其它接口的IP地址,配置步驟這裏省略
(1) 配置Device A
# 配置Device A的IS-IS基本功能,並使能IS-IS的BFD功能。
[DeviceA] isis
[DeviceA-isis-1] network-entity 10.0000.0000.0001.00
[DeviceA-isis-1] quit
[DeviceA] interface vlan-interface 20
[DeviceA-Vlan-interface20] isis enable
[DeviceA-Vlan-interface20] quit
[DeviceA] interface vlan-interface 10
[DeviceA-Vlan-interface10] isis enable
[DeviceA-Vlan-interface10] isis bfd enable
[DeviceA-Vlan-interface10] quit
[DeviceA] interface vlan-interface 100
[DeviceA-Vlan-interface100] isis enable
[DeviceA-Vlan-interface100] isis bfd enable
[DeviceA-Vlan-interface100] quit
(2) 配置Device B
# 配置Device B的IS-IS基本功能。
[DeviceB] isis
[DeviceB-isis-1] network-entity 10.0000.0000.0003.00
[DeviceB-isis-1] quit
[DeviceB] interface vlan-interface 20
[DeviceB-Vlan-interface20] isis enable
[DeviceB-Vlan-interface20] quit
[DeviceB] interface vlan-interface 30
[DeviceB-Vlan-interface30] isis enable
[DeviceB-Vlan-interface30] quit
(3) 配置Device C
# 配置Device C的IS-IS基本功能,並使能IS-IS的BFD功能。
[DeviceC] isis
[DeviceC-isis-1] network-entity 10.0000.0000.0002.00
[DeviceC-isis-1] quit
[DeviceC] interface vlan-interface 10
[DeviceC-Vlan-interface10] isis enable
[DeviceC-Vlan-interface10] isis bfd enable
[DeviceC-Vlan-interface10] quit
[DeviceC] interface vlan 30
[DeviceC-Vlan-interface30] isis enable
[DeviceC-Vlan-interface30] quit
[DeviceC] interface vlan-interface 100
[DeviceC-Vlan-interface100] isis enable
[DeviceC-Vlan-interface100] isis bfd enable
[DeviceC-Vlan-interface100] quit
# 配置BFD會話建立前的運行模式為主動模式(缺省為主動模式)。
[DeviceA] bfd session init-mode active
# 配置發送和接收單跳BFD控製報文的最小時間間隔都為100ms,單跳BFD檢測時間倍數為3。
[DeviceA] interface vlan-interface 10
[DeviceA-Vlan-interface10] bfd min-transmit-interval 100
[DeviceA-Vlan-interface10] bfd min-receive-interval 100
[DeviceA-Vlan-interface10] bfd detect-multiplier 3
[DeviceA-Vlan-interface10] quit
(2) 配置Device C
# 配置BFD會話建立前的運行模式為主動模式(缺省為主動模式)。
[DeviceC] bfd session init-mode active
# 配置發送和接收單跳BFD控製報文的最小時間間隔都為100ms,單跳BFD檢測時間倍數為3。
[DeviceC] interface vlan 10
[DeviceC-Vlan-interface10] bfd min-transmit-interval 100
[DeviceC-Vlan-interface10] bfd min-receive-interval 100
[DeviceC-Vlan-interface10] bfd detect-multiplier 3
[DeviceC-Vlan-interface10] quit
# 查看Device A上IS-IS鄰居信息,顯示Device A和Device C已建立IS-IS鄰居關係。
[DeviceA] display isis peer verbose
Peer information for IS-IS(1)
-----------------------------
System ID: 0000.0000.0002
Interface: Vlan10 Circuit Id: 0000.0000.0002.01
State: Up HoldTime: 6s Type: L1(L1L2) PRI: 64
Area address(es): 00
Peer IP address(es): 10.1.0.102
Peer local circuit ID: 1
Peer circuit SNPA address: ce9d-d91d-d100
Uptime: 00:01:19
Adj protocol: IPv4
Graceful Restart capable
Restarting signal: No
Suppress adjacency advertisement: No
Local topology:
0
Remote topology:
0
# 查看Device A和Device C上BFD會話信息,顯示BFD會話已被創建,且狀態為Up。
[DeviceA] display bfd session verbose
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 session working in control packet mode:
Local Discr: 2049 Remote Discr: 2049
Source IP: 10.1.0.101 Destination IP: 10.1.0.102
Session State: Up Interface: Vlan-interface10
Min Tx Inter: 100ms Act Tx Inter: 100ms
Min Rx Inter: 100ms Detect Inter: 300ms
Rx Count: 3 Tx Count: 3
Connect Type: Direct Running Up for: 00:06:09
Hold Time: 300ms Auth mode: None
Detect Mode: Async Slot: 1
Protocol: ISIS_BR_L1/ISIS_BR_L2
Version: 1
Diag Info: No Diagnostic
[DeviceC] display bfd session verbose
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 session working in control packet mode:
Local Discr: 2049 Remote Discr: 2049
Source IP: 10.1.0.102 Destination IP: 10.1.0.101
Session State: Up Interface: Vlan-interface10
Min Tx Inter: 100ms Act Tx Inter: 100ms
Min Rx Inter: 100ms Detect Inter: 300ms
Rx Count: 3 Tx Count: 3
Connect Type: Direct Running Up for: 00:07:10
Hold Time: 300ms Auth mode: None
Detect Mode: Async Slot: 1
Protocol: ISIS_BR_L1/ISIS_BR_L2
Version: 1
Diag Info: No Diagnostic
# 在Device A上查看121.1.1.0/24的路由信息,可以看出Device A和Device C是通過L2 Switch進行通信的。
<DeviceA> display ip routing-table 121.1.1.0 verbose
Summary Count : 1
Destination: 121.1.1.0/24
Protocol: IS_L1
Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 20 Preference: 15
IpPre: N/A QosLocalID: N/A
Tag: 0 State: Active Adv
OrigTblID: 0x2 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NibID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 10.1.0.102
Label: NULL RealNextHop: 10.1.0.102
BkLabel: NULL BkNextHop: N/A
SRLabel: NULL BkSRLabel: NULL
Tunnel ID: Invalid Interface: Vlan-interface10
BkTunnel ID: Invalid BkInterface: N/A
FtnIndex: 0x0 TrafficIndex: N/A
Connector: N/A PathID: 0x0
# 當Device C和二層交換機之間的鏈路Down了,BFD快速檢測到鏈路發生變化並立刻通告IS-IS。
%Oct 9 16:11:24:163 2013 DeviceC BFD/5/BFD_CHANGE_FSM: Sess[10.1.0.102/10.1.0.101, LD/RD:2049/2049, Interface:Vlan10, SessType:Ctrl, LinkType:INET], Ver:1, Sta: UP-> DOWN, Diag: 1
%Oct 9 16:11:24:164 2013 DeviceC ISIS/5/ISIS_NBR_CHG: IS-IS 1, Level-1 adjacency 0000.0000.0001 (Vlan-interface10), state change to: DOWN.
%Oct 9 16:11:24:164 2013 DeviceC ISIS/5/ISIS_NBR_CHG: IS-IS 1, Level-2 adjacency 0000.0000.0001 (Vlan-interface10), state change to: DOWN.
# 在Device A上查看121.1.1.0/24的路由信息,可以看出Device A和Device C已經切換到Device B進行通信。
<DeviceA> display ip routing-table 121.1.1.0 verbose
Summary Count : 1
Destination: 121.1.1.0/24
Protocol: IS_L1
Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 2 Preference: 10
IpPre: N/A QosLocalID: N/A
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NibID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 192.168.0.102
Label: NULL RealNextHop: 192.168.0.102
BkLabel: NULL BkNextHop: N/A
SRLabel: NULL BkSRLabel: NULL
Tunnel ID: Invalid Interface: Vlan-interface20
BkTunnel ID: Invalid BkInterface: N/A
FtnIndex: 0x0 TrafficIndex: N/A
Connector: N/A PathID: 0x0
· Device A:
#
isis 1
network-entity 10.0000.0000.0001.00
#
vlan 10
#
vlan 20
#
vlan 100
#
interface Vlan-interface10
ip address 10.1.0.101 255.255.255.0
isis enable 1
isis bfd enable
bfd min-transmit-interval 100
bfd min-receive-interval 100
bfd detect-multiplier 3
#
interface Vlan-interface20
ip address 192.168.0.101 255.255.255.0
isis enable 1
#
interface Vlan-interface100
ip address 120.1.1.1 255.255.255.0
isis enable 1
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 10
#
interface Ten-GigabitEthernet1/0/2
port link-mode bridge
port access vlan 20
#
interface Ten-GigabitEthernet1/0/3
port link-mode bridge
port access vlan 100
#
· Device B:
#
isis 1
network-entity 10.0000.0000.0003.00
#
vlan 20
#
vlan 30
#
interface Vlan-interface20
ip address 192.168.0.102 255.255.255.0
isis enable 1
#
interface Vlan-interface30
ip address 13.1.1.101 255.255.255.0
isis enable 1
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 20
#
interface Ten-GigabitEthernet1/0/2
port link-mode bridge
port access vlan 30
#
· Device C:
#
isis 1
network-entity 10.0000.0000.0002.00
#
vlan 10
#
vlan 30
#
vlan 100
#
interface Vlan-interface10
ip address 10.1.0.102 255.255.255.0
isis enable 1
isis bfd enable
bfd min-transmit-interval 100
bfd min-receive-interval 100
bfd detect-multiplier 3
#
interface Vlan-interface30
ip address 13.1.1.102 255.255.255.0
isis enable 1
#
interface Vlan-interface100
ip address 121.1.1.1 255.255.255.0
isis enable 1
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 10
#
interface Ten-GigabitEthernet1/0/2
port link-mode bridge
port access vlan 30
#
interface Ten-GigabitEthernet1/0/3
port link-mode bridge
port access vlan 100
#
如圖6所示,某公司的兩個部門相距較遠,Device A和Device F分別作為這兩個部門的出口設備,現通過部署BGP,使兩個部門可以進行業務通信。已知Device B和Device D都支持BFD功能,公司希望使用BGP與BFD聯動技術,采用BFD控製報文方式檢測AS 200與AS 300之間通信的主鏈路狀態,實現當Device B或Device D之間的鏈路出現故障(如鏈路down)時,BFD能夠快速感知並通告BGP協議。具體要求如下:
· 在AS 100內使用OSPF作為IGP;
· 配置Device B<->Device C<->Device D鏈路作為主鏈路,負責轉發Device A和Device F之間的流量,並采用BFD控製報文的方式檢測主鏈路;
· 當主鏈路發生故障時,BFD能夠快速檢測並通告BGP協議,使得迅速切換到Device B<->Device E<->Device D這條路徑進行通信。
圖6 BGP與BFD聯動配置組網圖
|
設備 |
接口 |
IP地址 |
設備 |
接口 |
IP地址 |
|
Device A |
Vlan-int100 |
120.1.0.1/24 |
Device D |
Vlan-int20 |
10.2.0.101/24 |
|
Device B |
Vlan-int10 |
10.1.0.101/24 |
|
Vlan-int40 |
13.1.1.101/24 |
|
|
Vlan-int30 |
192.168.0.101/24 |
|
Vlan-int100 |
120.2.0.2/24 |
|
|
Vlan-int100 |
120.1.0.2/24 |
Device E |
Vlan-int30 |
192.168.0.102/24 |
|
Device C |
Vlan-int10 |
10.1.0.102/24 |
|
Vlan-int40 |
13.1.1.102/24 |
|
|
Vlan-int20 |
10.2.0.102/24 |
Device F |
Vlan-int100 |
120.2.0.1/24 |
· Device B和Device D都支持BFD,可以使用BFD控製報文方式,通信雙方至少要有一方運行在主動模式才能成功建立起BFD會話。
· 為了使Device B<->Device C<->Device D成為主鏈路,需要通過路由策略配置其路由開銷低於鏈路Device B<->Device E<->Device D的路由開銷。
表6 適用產品及版本
|
產品 |
軟件版本 |
|
S6800係列 S6860係列 S6861係列 |
Release 2702 |
設備上各接口IP地址的配置步驟這裏省略。
(1) 配置Device B
[DeviceB] ospf
[DeviceB-ospf-1] import-route direct
[DeviceB-ospf-1] area 0
[DeviceB-ospf-1-area-0.0.0.0] network 10.1.0.0 0.0.0.255
[DeviceB-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255
[DeviceB-ospf-1-area-0.0.0.0] quit
[DeviceB-ospf-1] quit
(2) 配置Device C
[DeviceC] ospf
[DeviceC-ospf-1] area 0
[DeviceC-ospf-1-area-0.0.0.0] network 10.1.0.0 0.0.0.255
[DeviceC-ospf-1-area-0.0.0.0] network 10.2.0.0 0.0.0.255
[DeviceC-ospf-1-area-0.0.0.0] quit
[DeviceC-ospf-1] quit
(3) 配置Device D
[DeviceD] ospf
[DeviceD-ospf-1] import-route direct
[DeviceD-ospf-1] area 0
[DeviceD-ospf-1-area-0.0.0.0] network 10.2.0.0 0.0.0.255
[DeviceD-ospf-1-area-0.0.0.0] network 13.1.1.0 0.0.0.255
[DeviceD-ospf-1-area-0.0.0.0] quit
[DeviceD-ospf-1] quit
(4) 配置Device E
[DeviceE] ospf
[DeviceE-ospf-1] area 0
[DeviceE-ospf-1-area-0.0.0.0] network 13.1.1.0 0.0.0.255
[DeviceE-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255
[DeviceE-ospf-1-area-0.0.0.0] quit
[DeviceE-ospf-1] quit
(1) 配置Device A
# 啟動BGP,指定本地AS號為200。
[DeviceA] bgp 200
[DeviceA-bgp-default] router-id 1.1.1.1
# 配置Device A和Device B建立EBGP連接。
[DeviceA-bgp-default] peer 120.1.0.2 as-number 100
# 創建BGP IPv4單播地址族,並進入BGP IPv4單播地址族視圖。
[DeviceA-bgp-default] address-family ipv4 unicast
# 在BGP IPv4單播地址族視圖下,將本地路由表中到達120.1.0.0/24網段的路由添加到BGP路由表中。
[DeviceA-bgp-default-ipv4] network 120.1.0.0 255.255.255.0
# 使能Device A與對等體120.1.0.2交換IPv4單播路由信息的能力。
[DeviceA-bgp-default-ipv4] peer 120.1.0.2 enable
[DeviceA-bgp-default-ipv4] quit
(2) 配置Device B
# 啟動BGP,指定本地AS號為100。
[DeviceB] bgp 100
[DeviceB-bgp-default] router-id 2.2.2.2
# 配置Device B和Device A建立EBGP連接。
[DeviceB-bgp-default] peer 120.1.0.1 as-number 200
# 配置Device B和Device D建立IBGP連接。
[DeviceB-bgp-default] peer 10.2.0.101 as-number 100
[DeviceB-bgp-default] peer 13.1.1.101 as-number 100
# 創建BGP IPv4單播地址族,並進入BGP IPv4單播地址族視圖。
[DeviceB-bgp-default] address-family ipv4 unicast
# 使能Device B與對等體10.2.0.101交換IPv4單播路由信息的能力。
[DeviceB-bgp-default-ipv4] peer 10.2.0.101 enable
# 在BGP IPv4單播地址族視圖下,配置向對等體10.2.0.101發布BGP路由時,將下一跳屬性修改為自身的地址。
[DeviceB-bgp-default-ipv4] peer 10.2.0.101 next-hop-local
# 使能Device B與對等體13.1.1.101交換IPv4單播路由信息的能力。
[DeviceB-bgp-default-ipv4] peer 13.1.1.101 enable
# 在BGP IPv4單播地址族視圖下,配置向對等體13.1.1.101發布BGP路由時,將下一跳屬性修改為自身的地址。
[DeviceB-bgp-default-ipv4] peer 13.1.1.101 next-hop-local
# 使能Device B與對等體120.1.0.1交換IPv4單播路由信息的能力。
[DeviceB-bgp-default-ipv4] peer 120.1.0.1 enable
[DeviceB-bgp-default-ipv4] quit
(3) 配置Device D
# 啟動BGP,指定本地AS號為100。
[DeviceD] bgp 100
[DeviceD-bgp-default] router-id 4.4.4.4
# 配置Device D和Device B建立IBGP連接。
[DeviceD-bgp-default] peer 10.1.0.101 as-number 100
[DeviceD-bgp-default] peer 192.168.0.101 as-number 100
# 配置Device D和Device F建立EBGP連接。
[DeviceD-bgp-default] peer 120.2.0.1 as-number 300
# 創建BGP IPv4單播地址族,並進入BGP IPv4單播地址族視圖。
[DeviceD-bgp-default] address-family ipv4 unicast
# 使能Device D與對等體10.1.0.101交換IPv4單播路由信息的能力。
[DeviceD-bgp-default-ipv4] peer 10.1.0.101 enable
# 在BGP IPv4單播地址族視圖下,配置向對等體10.1.0.101發布BGP路由時,將下一跳屬性修改為自身的地址。
[DeviceD-bgp-default-ipv4] peer 10.1.0.101 next-hop-local
# 使能Device D與對等體192.168.0.101交換IPv4單播路由信息的能力。
[DeviceD-bgp-default-ipv4] peer 192.168.0.101 enable
# 在BGP IPv4單播地址族視圖下,配置向對等體192.168.0.101發布BGP路由時,將下一跳屬性修改為自身的地址。
[DeviceD-bgp-default-ipv4] peer 192.168.0.101 next-hop-local
# 使能Device D與對等體120.2.0.1交換IPv4單播路由信息的能力。
[DeviceD-bgp-default-ipv4] peer 120.2.0.1 enable
[DeviceD-bgp-default-ipv4] quit
(4) 配置Device F
#啟動BGP,指定本地AS號為300。
[DeviceF] bgp 300
[DeviceF-bgp-default] router-id 6.6.6.6
# 配置Device F和Device D建立EBGP連接。
[DeviceF-bgp-default] peer 120.2.0.2 as-number 100
# 創建BGP IPv4單播地址族,並進入BGP IPv4單播地址族視圖。
[DeviceF-bgp-default] address-family ipv4 unicast
# 在BGP IPv4單播地址族視圖下,將本地路由表中到達120.2.0.0/24網段的路由添加到BGP路由表中。
[DeviceF-bgp-default-ipv4] network 120.2.0.0 255.255.255.0
# 使能Device F與對等體120.2.0.2交換IPv4單播路由信息的能力。
[DeviceF-bgp-default-ipv4] peer 120.2.0.2 enable
[DeviceF-bgp-default-ipv4] quit
(1) 配置Device B
# 創建ACL 2000,允許源IP地址為120.1.0.0/24的報文通過。
[DeviceB] acl basic 2000
[DeviceB-acl-ipv4-basic-2000] rule permit source 120.1.0.0 0.0.0.255
[DeviceB-acl-ipv4-basic-2000] quit
# 配置向對等體10.2.0.101發布的路由設置本地優先級為200,並配置IBGP路由優先級為100。
[DeviceB] route-policy local-pre permit node 10
[DeviceB-route-policy-local-pre] if-match ip address acl 2000
[DeviceB-route-policy-local-pre] apply local-preference 200
[DeviceB-route-policy-local-pre] quit
[DeviceB] bgp 100
[DeviceB-bgp-default] address-family ipv4 unicast
[DeviceB-bgp-default-ipv4] peer 10.2.0.101 route-policy local-pre export
[DeviceB-bgp-default-ipv4] preference 255 100 130
[DeviceB-bgp-default-ipv4] quit
(2) 配置Device D
# 創建ACL 2000,允許源IP地址為120.2.0.0/24的報文通過。
[DeviceD] acl basic 2000
[DeviceD-acl-ipv4-basic-2000] rule permit source 120.2.0.0 0.0.0.255
[DeviceD-acl-ipv4-basic-2000] quit
# 配置向對等體10.1.0.101發布的路由設置本地優先級為200,並配置IBGP路由優先級為100。
[DeviceD] route-policy local-pre permit node 10
[DeviceD-route-policy-local-pre] if-match ip address acl 2000
[DeviceD-route-policy-local-pre] apply local-preference 200
[DeviceD-route-policy-local-pre] quit
[DeviceD] bgp 100
[DeviceD-bgp-default] address-family ipv4 unicast
[DeviceD-bgp-default-ipv4] peer 10.1.0.101 route-policy local-pre export
[DeviceD-bgp-default-ipv4] preference 255 100 130
[DeviceD-bgp-default-ipv4] quit
(1) 配置Device B
[DeviceB] bgp 100
[DeviceB-bgp-default] peer 10.2.0.101 bfd
[DeviceB-bgp-default] quit
(2) 配置Device D
[DeviceD] bgp 100
[DeviceD-bgp-default] peer 10.1.0.101 bfd
[DeviceD-bgp-default] quit
# 從Device A上ping Device F的IP地址,可以互通。
[DeviceA] ping 120.2.0.1
Ping 120.2.0.1 (120.2.0.1): 56 data bytes, press CTRL_C to break
56 bytes from 120.2.0.1: icmp_seq=0 ttl=252 time=1.189 ms
56 bytes from 120.2.0.1: icmp_seq=1 ttl=252 time=1.095 ms
56 bytes from 120.2.0.1: icmp_seq=2 ttl=252 time=1.086 ms
56 bytes from 120.2.0.1: icmp_seq=3 ttl=252 time=1.097 ms
56 bytes from 120.2.0.1: icmp_seq=4 ttl=252 time=1.089 ms
--- Ping statistics for 120.2.0.1 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 1.086/1.111/1.189/0.039 ms
# 在Device B上通過命令display bgp peer查看BGP對等體信息,可以看到Device B與Device D建立IBGP連接,Device B與Device A建立EBGP連接,且均處於Established狀態。
[DeviceB] display bgp peer ipv4
BGP local router ID: 2.2.2.2
Local AS number: 100
Total number of peers: 3 Peers in established state: 3
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
10.2.0.101 100 6 4 0 1 00:00:56 Established
13.1.1.101 100 6 5 0 1 00:00:56 Established
120.1.0.1 200 6 5 0 1 00:00:56 Established
# 查看Device B上BFD會話信息,顯示BFD會話已被創建,且狀態為Up。
[DeviceB] display bfd session verbose
Total Session Num: 1 Up Session Num: 0 Init Mode: Active
IPv4 session working in control packet mode:
Local Discr: 2049 Remote Discr: 0
Source IP: 10.1.0.101 Destination IP: 10.2.0.101
Session State: UP Interface: N/A
Min Tx Inter: 400ms Act Tx Inter: 400ms
Min Rx Inter: 400ms Detect Inter: 2000ms
Rx Count: 0 Tx Count: 910
Connect Type: Indirect Running Up for: 00:00:00
Hold Time: 0ms Auth mode: None
Detect Mode: Async Slot: 1
Protocol: BGP
Version: 1
Diag Info: No Diagnostic
# 在Device B上查看120.2.0.0/24的路由信息,可以看出Device B通過Device B<->Device C<->Device D這條路徑與120.2.0.0/24網段通信。
[DeviceB] display ip routing-table 120.2.0.0 24 verbose
Summary Count : 3
Destination: 120.2.0.0/24
Protocol: Protocol: BGP instance default
Process ID: 0
SubProtID: 0x1 Age: 00h24m48s
Cost: 0 Preference: 100
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 300
NibID: 0x15000001 LastAs: 300
AttrID: 0x1 Neighbor: 10.2.0.101
Flags: 0x10060 OrigNextHop: 10.2.0.101
Label: NULL RealNextHop: 10.1.0.102
BkLabel: NULL BkNextHop: N/A
SRLabel: NULL BkSRLabel: NULL
Tunnel ID: Invalid Interface: Vlan-interface10
BkTunnel ID: Invalid BkInterface: N/A
FtnIndex: 0x0 TrafficIndex: N/A
Connector: N/A PathID: 0x0
Destination: 120.2.0.0/24
Protocol: Protocol: O_ASE2
Process ID: 1
SubProtID: 0x8 Age: 00h26m19s
Cost: 1 Preference: 150
Tag: 1 State: Inactive Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NibID: 0x13000005 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x41 OrigNextHop: 10.1.0.102
Label: NULL RealNextHop: 10.1.0.102
BkLabel: NULL BkNextHop: N/A
SRLabel: NULL BkSRLabel: NULL
Tunnel ID: Invalid Interface: Vlan-interface10
BkTunnel ID: Invalid BkInterface: N/A
FtnIndex: 0x0 TrafficIndex: N/A
Connector: N/A PathID: 0x0
Destination: 120.2.0.0/24
Protocol: Protocol: O_ASE2
Process ID: 1
SubProtID: 0x8 Age: 00h26m19s
Cost: 1 Preference: 150
Tag: 1 State: Inactive Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NibID: 0x13000003 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x41 OrigNextHop: 192.168.0.102
Label: NULL RealNextHop: 192.168.0.102
BkLabel: NULL BkNextHop: N/A
SRLabel: NULL BkSRLabel: NULL
Tunnel ID: Invalid Interface: Vlan-interface30
BkTunnel ID: Invalid BkInterface: N/A
FtnIndex: 0x0 TrafficIndex: N/A
Connector: N/A PathID: 0x0
# 在Device B<->Device C<->Device D鏈路發生故障後,從Device A上ping Device F的IP地址,可以互通。
[DeviceA] ping 120.2.0.1
Ping 120.1.0.1 (120.2.0.1): 56 data bytes, press CTRL_C to break
56 bytes from 120.2.0.1: icmp_seq=0 ttl=252 time=0.680 ms
56 bytes from 120.2.0.1: icmp_seq=1 ttl=252 time=0.295 ms
56 bytes from 120.2.0.1: icmp_seq=2 ttl=252 time=0.423 ms
56 bytes from 120.2.0.1: icmp_seq=3 ttl=252 time=0.464 ms
56 bytes from 120.2.0.1: icmp_seq=4 ttl=252 time=0.445 ms
--- Ping statistics for 120.2.0.1 ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.295/0.461/0.680/0.124 ms
# 在Device B上查看120.2.0.0/24的路由信息,可以看出Device B通過Device B<->Device E<->Device D這條路徑與120.2.0.0/24網段通信。
[DeviceB] display ip routing-table 120.2.0.0 24 verbose
Summary Count : 2
Destination: 120.2.0.0/24
Protocol: Protocol: BGP instance default
Process ID: 0
SubProtID: 0x1 Age: 00h00m18s
Cost: 0 Preference: 100
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 300
NibID: 0x15000001 LastAs: 300
AttrID: 0x1 Neighbor: 13.1.1.101
Flags: 0x10060 OrigNextHop: 13.1.1.101
Label: NULL RealNextHop: 192.168.0.102
BkLabel: NULL BkNextHop: N/A
SRLabel: NULL BkSRLabel: NULL
Tunnel ID: Invalid Interface: Vlan-interface30
BkTunnel ID: Invalid BkInterface: N/A
FtnIndex: 0x0 TrafficIndex: N/A
Connector: N/A PathID: 0x0
Destination: 120.2.0.0/24
Protocol: Protocol: O_ASE2
Process ID: 1
SubProtID: 0x8 Age: 00h00m18s
Cost: 1 Preference: 150
Tag: 1 State: Inactive Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NibID: 0x13000001 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x41 OrigNextHop: 192.168.0.102
Label: NULL RealNextHop: 192.168.0.102
BkLabel: NULL BkNextHop: N/A
SRLabel: NULL BkSRLabel: NULL
Tunnel ID: Invalid Interface: Vlan-interface30
BkTunnel ID: Invalid BkInterface: N/A
FtnIndex: 0x0 TrafficIndex: N/A
Connector: N/A PathID: 0x0
· Device A:
#
vlan 100
#
interface Vlan-interface100
ip address 120.1.0.1 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-mode bridge
port access vlan 100
#
bgp 200
router-id 1.1.1.1
peer 120.1.0.2 as-number 100
#
address-family ipv4 unicast
network 120.1.0.0 255.255.255.0
peer 120.1.0.2 enable
#
· Device B:
#
ospf 1
import-route direct
area 0.0.0.0
network 10.1.0.0 0.0.0.255
network 192.168.0.0 0.0.0.255
#
vlan 10
#
vlan 30
#
vlan 100
#
interface Vlan-interface10
ip address 10.1.0.101 255.255.255.0
#
interface Vlan-interface30
ip address 192.168.0.101 255.255.255.0
#
interface Vlan-interface100
ip address 120.1.0.2 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-mode bridge
port access vlan 10
#
interface GigabitEthernet1/0/2
port link-mode bridge
port access vlan 30
#
interface GigabitEthernet1/0/3
port link-mode bridge
port access vlan 100
#
bgp 100
router-id 2.2.2.2
peer 10.2.0.101 as-number 100
peer 10.2.0.101 bfd
peer 13.1.1.101 as-number 100
peer 120.1.0.1 as-number 200
#
address-family ipv4 unicast
preference 255 100 130
peer 10.2.0.101 enable
peer 10.2.0.101 next-hop-local
peer 10.2.0.101 route-policy local-pre export
peer 13.1.1.101 enable
peer 13.1.1.101 next-hop-local
peer 120.1.0.1 enable
#
route-policy local-pre permit node 10
if-match ip address acl 2000
apply local-preference 200
#
acl basic 2000
rule 0 permit source 120.1.0.0 0.0.0.255
#
· Device C:
#
ospf 1
area 0.0.0.0
network 10.1.0.0 0.0.0.255
network 10.2.0.0 0.0.0.255
#
vlan 10
#
vlan 20
#
interface Vlan-interface10
ip address 10.1.0.102 255.255.255.0
#
interface Vlan-interface20
ip address 10.2.0.102 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-mode bridge
port access vlan 10
#
interface GigabitEthernet1/0/2
port link-mode bridge
port access vlan 20
#
· Device D
#
ospf 1
import-route direct
area 0.0.0.0
network 10.2.0.0 0.0.0.255
network 13.1.1.0 0.0.0.255
#
vlan 20
#
vlan 40
#
vlan 100
#
interface Vlan-interface20
ip address 10.2.0.101 255.255.255.0
#
interface Vlan-interface40
ip address 13.1.1.101 255.255.255.0
#
interface Vlan-interface100
ip address 120.1.0.1 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-mode bridge
port access vlan 20
#
interface GigabitEthernet1/0/2
port link-mode bridge
port access vlan 40
#
interface GigabitEthernet1/0/3
port link-mode bridge
port access vlan 100
#
bgp 100
router-id 4.4.4.4
peer 10.1.0.101 as-number 100
peer 10.1.0.101 bfd
peer 120.2.0.1 as-number 300
peer 192.168.0.101 as-number 100
#
address-family ipv4 unicast
preference 255 100 130
peer 10.1.0.101 enable
peer 10.1.0.101 next-hop-local
peer 10.1.0.101 route-policy local-pre export
peer 192.168.0.101 enable
peer 192.168.0.101 next-hop-local
peer 120.2.0.1 enable
#
acl basic 2000
rule 0 permit source 120.2.0.0 0.0.0.255
#
· Device E:
#
ospf 1
area 0.0.0.0
network 13.1.1.0 0.0.0.255
network 192.168.0.0 0.0.0.255
#
vlan 30
#
vlan 40
#
interface Vlan-interface30
ip address 192.168.0.102 255.255.255.0
#
interface Vlan-interface40
ip address 13.1.1.102 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-mode bridge
port access vlan 30
#
interface GigabitEthernet1/0/2
port link-mode bridge
port access vlan 40
#
· Device F:
#
vlan 100
#
interface Vlan-interface100
ip address 120.2.0.1 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-mode bridge
port access vlan 100
#
bgp 300
router-id 6.6.6.6
peer 120.2.0.2 as-number 100
#
address-family ipv4 unicast
network 120.2.0.0 255.255.255.0
peer 120.2.0.2 enable
#
某公司內部網絡如圖7所示,從Device A到Device C有兩條轉發路徑:Link A和Link B。下一跳分別為Device B和Device C。Link A為直連鏈路,Link B為非直連鏈路。已知Device C不支持BFD功能,公司希望使用策略路由與BFD聯動技術,實現源IP為40.0.0.2的報文優先選擇Link B,當Device A和Device B的鏈路出現故障(如鏈路down)時,Device A能快速感知,並將流量切換到Link A的鏈路上。
圖7 策略路由與BFD聯動配置組網圖
· 由於需要兩端設備均支持BFD,才能夠使用控製報文方式,本例中Device C不支持BFD,在Device A上配置的BFD功能僅能使用echo報文方式。
· echo報文方式下必須配置echo報文的源IP地址。IP地址可以任意指定,不需要與實際接口地址對應。建議不要將echo報文的源IP地址配置為屬於該設備任何一個接口所在網段,避免對端發送大量的ICMP重定向報文造成網絡擁塞。
表7 適用產品及版本
|
產品 |
軟件版本 |
|
S6800係列 S6860係列 S6861係列 |
Release 2702 |
(1) 配置Device A各接口的IP地址
<DeviceA> system-view
[DeviceA] vlan 40
[DeviceA-vlan40] port ten-gigabitethernet 1/0/2
[DeviceA-vlan40] quit
[DeviceA] interface vlan-interface 40
[DeviceA-Vlan-interface40] ip address 40.0.0.1 24
[DeviceA-Vlan-interface40] quit
請參考以上方法配置9.1 圖7中其它接口的IP地址,配置步驟這裏省略.
(1) 配置Device A
# 配置Device A到Device C 50.0.0.0網段的靜態路由。
[DeviceA] ip route-static 50.0.0.0 24 vlan-interface 200 13.13.13.2
(2) 配置Device B
# 配置Device B到Device C 50.0.0.0網段的靜態路由。
[DeviceB] ip route-static 50.0.0.0 24 vlan-interface 101 24.24.24.4
# 配置匹配源IP地址為40.0.0.2的IP報文的ACL規則。
[DeviceA] acl number 3010
[DeviceA-acl-adv-3010] rule 0 permit ip source 40.0.0.2 0
[DeviceA-acl-adv-3010] quit
# 配置策略路由aaa,使滿足ACL規則報文的下一跳為12.12.12.2,並與track 11綁定。
[DeviceA] policy-based-route aaa permit node 5
[DeviceA-pbr-aaa-5] if-match acl 3010
[DeviceA-pbr-aaa-5] apply next-hop 12.12.12.2 track 11
[DeviceA-pbr-aaa-5] quit
# 在接口上應用路由策略aaa。
[DeviceA] interface vlan-interface 40
[DeviceA-Vlan-interface40] ip policy-based-route aaa
[DeviceA-Vlan-interface40] quit
(1) 配置Device A
# 策略路由支持的BFD會話方式為echo報文方式,該方式下必須配置BFD echo報文的源IP地址。IP地址可以任意指定,不需要與實際接口地址對應。建議不要將BFD echo報文的源IP地址配置為屬於該設備任何一個接口所在網段。
[DeviceA] bfd echo-source-ip 3.3.3.3
# 配置發送和接收單跳BFD控製報文的最小時間間隔都為100ms,單跳BFD檢測時間倍數為3。
[DeviceA] interface vlan-interface 100
[DeviceA-Vlan-interface100] bfd min-echo-receive-interval 100
[DeviceA-Vlan-interface100] bfd detect-multiplier 3
[DeviceA-Vlan-interface100] quit
[DeviceA] track 11 bfd echo interface vlan-interface 100 remote ip 12.12.12.2 local ip 12.12.12.1
[DeviceA-track-11] quit
# 查看Device A上源地址為40.0.0.0網段的流量,可以看到該網段當前流量優先從VLAN接口100(即Link B)轉發出去。
<DeviceA> reset counters interface
<DeviceA> display counters outbound interface
Interface Total (pkts) Broadcast (pkts) Multicast (pkts) Err (pkts)
XGE1/0/1 0 0 0 0
XGE1/0/2 0 0 0 0
XGE1/0/3 585414 0 0 0
XGE1/0/4 0 0 0 0
XGE1/0/5 0 0 0 0
XGE1/0/6 0 0 0 0
# 查看BFD會話信息,顯示BFD會話已被創建,且狀態為Up。
[DeviceA] display bfd session verbose
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 Session Working in Echo Mode:
Local Discr: 2049
Source IP: 12.12.12.1 Destination IP: 12.12.12.2
Session State: Up Interface: Vlan-interface100
Min Tx Inter: 100ms Act Tx Inter: 100ms
Min Rx Inter: 100ms Detect Inter: 300ms
Rx Count: 128234 Tx Count: 371950
Connect Type: Direct Running Up for: 00:01:04
Detect Mode: Async Slot: 1
Version: 1
Protocol: TRACK
Diag Info: No Diagnostic
# 當Device A和Device B間鏈路故障後,BFD會話Down。
%Dec 10 16:39:46:210 2013 DeviceA BFD/5/BFD_CHANGE_FSM: -MDC=1; Sess[12.12.12.1/12.12.12.2, LD/RD:2049/2049, Interface:Vlan100, SessType:Echo, LinkType:INET], Ver:1, Sta: UP-> DOWN, Diag: 1 (Control Detection Time Expired)
%Dec 10 16:39:47:343 2013 DeviceA IFNET/5/LINK_UPDOWN: -MDC=1; Line protocol on
the interface Ten-GigabitEthernet1/0/3 is down.
%Dec 10 16:39:47:343 2013 DeviceA IFNET/3/PHY_UPDOWN: -MDC=1; Vlan-interface100
link status is down.
# 清除流量後重新查看Device A上源地址為40.0.0.0網段的流量,可以看到當前流量從VLAN接口200(即Link A)轉發出去。
<DeviceA> reset counters interface
<DeviceA> display counters outbound interface
Interface Total (pkts) Broadcast (pkts) Multicast (pkts) Err (pkts)
XGE1/0/1 863764 0 0 0
XGE1/0/2 0 0 0 0
XGE1/0/3 0 0 0 0
XGE1/0/4 0 0 0 0
XGE1/0/5 0 0 0 0
XGE1/0/6 0 0 0 0
· Device A
#
bfd echo-source-ip 3.3.3.3
#
vlan 40
#
vlan 100
#
vlan 200
#
policy-based-route aaa permit node 5
if-match acl 3010
apply next-hop 12.12.12.2 track 11
#
interface Vlan-interface40
ip address 40.0.0.1 255.255.255.0
ip policy-based-route aaa
#
interface Vlan-interface100
ip address 12.12.12.1 255.255.255.0
bfd min-echo-receive-interval 10
bfd detect-multiplier 3
#
interface Vlan-interface200
ip address 13.13.13.1 255.255.255.0
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 200
#
interface Ten-GigabitEthernet1/0/2
port link-mode bridge
port access vlan 40
#
interface Ten-GigabitEthernet1/0/3
port link-mode bridge
port access vlan 100
#
ip route-static 50.0.0.0 24 Vlan-interface200 13.13.13.2
#
ip local policy-based-route aaa
#
acl number 3010
rule 0 permit ip source 40.0.0.2 0
#
track 11 bfd echo interface Vlan-interface100 remote ip 12.12.12.2 local ip 12.
12.12.1
#
· Device B
#
vlan 100 to 101
#
interface NULL0
#
interface Vlan-interface100
ip address 12.12.12.2 255.255.255.0
#
interface Vlan-interface101
ip address 24.24.24.2 255.255.255.0
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 100
#
interface Ten-GigabitEthernet1/0/2
port link-mode bridge
port access vlan 101
#
ip route-static 50.0.0.0 24 Vlan-interface101 24.24.24.4
· Device C
#
vlan 50
#
vlan 101
#
vlan 200
#
interface NULL0
#
interface Vlan-interface50
ip address 50.0.0.1 255.255.255.0
#
interface Vlan-interface101
ip address 24.24.24.4 255.255.255.0
#
interface Vlan-interface200
ip address 13.13.13.2 255.255.255.0
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 200
#
interface Ten-GigabitEthernet1/0/2
port link-mode bridge
port access vlan 50
#
interface Ten-GigabitEthernet1/0/3
port link-mode bridge
port access vlan 101
#
· H3C S6800[60][61](R27xx) & S6820(R630x)係列以太網交換機 三層技術-IP路由配置指導
· H3C S6800[60][61](R27xx) & S6820(R630x)係列以太網交換機 三層技術-IP路由命令參考
· H3C S6800[60][61](R27xx) & S6820(R630x)係列以太網交換機 可靠性配置指導
· H3C S6800[60][61](R27xx) & S6820(R630x)係列以太網交換機 可靠性命令參考
不同款型規格的資料略有差異, 詳細信息請向具體銷售和400谘詢。H3C保留在沒有任何通知或提示的情況下對資料內容進行修改的權利!
支持
