組網及說明
V7交換機靜態路由、Track與NQA聯動配置
1.1.1 1.1適用產品係列
|
本案例適用於如S6300-52QF、S6520X-30QC-HI、S6800-54QT、S6820-4C S6900-2F等S6X00係列的交換機 |
1.1.2 1.2配置需求及實現的效果
SW1、SW2、SW3和SW4連接了2.2.2.0/24和3.3.3.0/24兩個網段,在交換機上配置靜態路由以實現兩個網段的互通,並配置路由備份以提高網絡的可靠性。
SW2上配置環回口L0模擬2.2.2.0/24網段內的主機,在SW2上存在兩條到達3.3.3.0/24網段的靜態路由,下一跳分別為SW1和SW4,這兩條靜態路由形成備份,其中:
· 下一跳為SW1的靜態路由優先級高,作為主路由。該路由可達時,SW2通過SW1將報文轉發到3.3.3.0/24網段。
· 下一跳為SW4的靜態路作為備份路由。
· 在SW2上通過靜態路由、Track與NQA聯動,實時判斷主路由是否可達。當主路由不可達時,備份路由生效,SW2通過SW4將報文轉發到3.3.3.0/24網段。
同樣地,SW3上配置環回接口L0模擬3.3.3.0/24網段內的主機,在SW3D上存在兩條到達2.2.2.0/24網段的靜態路由,下一跳分別為SW1和SW4。這兩條靜態路由形成備份,其中:
· 下一跳為SW1的靜態路由優先級高,作為主路由。該路由可達時,SW3通過SW1將報文轉發到2.2.2.0/24網段。
· 下一跳為SW4的靜態路作為備份路由。
· 在SW3上通過靜態路由、Track與NQA聯動,實時判斷主路由是否可達。當主路由不可達時,備份路由生效,SW3通過SW4將報文轉發到2.2.2.0/24網段。
配置步驟
一.交換機vlan和ip地址基本配置
#在SW1上關閉生成樹
System View: return to User View with Ctrl+Z.
[H3C]undo stp global enable
#創建vlan 4
[H3C]vlan 4
[H3C-vlan4]quit
#配置vlan 1和vlan 4虛接口IP地址
[H3C]interface Vlan-interface 1
[H3C-Vlan-interface1] ip address 13.13.13.1 255.255.255.0
[H3C-Vlan-interface1]quit
[H3C]interface Vlan-interface 4
[H3C-Vlan-interface4] ip address 12.12.12.1 255.255.255.0
[H3C-Vlan-interface4]quit
#將端口2換分到vlan 4,端口1默認屬於vlan 1
[H3C]interface GigabitEthernet 1/0/2
[H3C-GigabitEthernet1/0/2] port access vlan 4
[H3C-GigabitEthernet1/0/2]quit
#在SW2上關閉生成樹
System View: return to User View with Ctrl+Z.
[H3C]undo stp global enable
#創建環回接口LoopBack 0用來模擬主機,地址是2.2.2.2/24
[H3C]interface LoopBack 0
[H3C-LoopBack0]ip address 2.2.2.2 255.255.255.0
[H3C-LoopBack0]quit
#創建vlan 3、4,並分別配置IP地址。
[H3C]vlan 3
[H3C-vlan3]quit
[H3C]interface Vlan-interface 3
[H3C-Vlan-interface3] ip address 24.24.24.2 255.255.255.0
[H3C-Vlan-interface3]quit
[H3C]vlan 4
[H3C-vlan4]quit
[H3C]interface Vlan-interface 4
[H3C-Vlan-interface4] ip address 12.12.12.2 255.255.255.0
[H3C-Vlan-interface4]quit
#將端口1換分到vlan 4,端口2劃分到vlan 3
[H3C]interface GigabitEthernet 1/0/1
[H3C-GigabitEthernet1/0/1] port access vlan 4
[H3C-GigabitEthernet1/0/1]quit
[H3C]interface GigabitEthernet 1/0/2
[H3C-GigabitEthernet1/0/2] port access vlan 3
[H3C-GigabitEthernet1/0/2]quit
#在SW3上關閉生成樹
System View: return to User View with Ctrl+Z.
[H3C]undo stp global enable
#創建環回接口LoopBack 0用來模擬主機,地址是3.3.3.3/24
[H3C]interface LoopBack 0
[H3C-LoopBack0]ip address 3.3.3.3 255.255.255.0
[H3C-LoopBack0]quit
#創建vlan 2,並分別配置vlan 1和vlan 2的IP地址
[H3C]vlan 2
[H3C-vlan2]quit
[H3C]interface Vlan-interface 1
[H3C-Vlan-interface1] ip address 13.13.13.3 255.255.255.0
[H3C-Vlan-interface1]quit
[H3C]interface Vlan-interface 2
[H3C-Vlan-interface2] ip address 34.34.34.3 255.255.255.0
[H3C-Vlan-interface2]quit
#將端口1換分到vlan 2,端口2默認屬於vlan 1
[H3C]interface GigabitEthernet 1/0/1
[H3C-GigabitEthernet1/0/1] port access vlan 2
[H3C-GigabitEthernet1/0/1]quit
#在SW4上關閉生成樹
System View: return to User View with Ctrl+Z.
[H3C]undo stp global enable
#創建vlan 2、3,並分別配置IP地址
[H3C]vlan 2
[H3C-vlan2]quit
[H3C]interface Vlan-interface 2
[H3C-Vlan-interface2] ip address 34.34.34.4 255.255.255.0
[H3C-Vlan-interface2]quit
[H3C]vlan 3
[H3C-vlan3]quit
[H3C]interface Vlan-interface 3
[H3C-Vlan-interface3] ip address 24.24.24.4 255.255.255.0
[H3C-Vlan-interface3]quit
#將端口1換分到vlan 3,端口2劃分到vlan 2
[H3C]interface GigabitEthernet 1/0/1
[H3C-GigabitEthernet1/0/1] port access vlan 3
[H3C-GigabitEthernet1/0/1]quit
[H3C]interface GigabitEthernet 1/0/2
[H3C-GigabitEthernet1/0/2] port access vlan 2
[H3C-GigabitEthernet1/0/2]quit
二.鏈路檢測配置
【SW1】
#SW1配置到2.2.2.0和3.3.3.0網段的靜態路由
[H3C]ip route-static 2.2.2.0 24 12.12.12.2
[H3C]ip route-static 3.3.3.0 24 13.13.13.3
【SW2】
# 配置到達3.3.3.0/24網段的靜態路由:下一跳地址為12.12.12.1,優先級為缺省值60,該路由與Track項1關聯。
[H3C] ip route-static 3.3.3.0 24 12.12.12.1 track 1
# 配置到達3.3.3.0/24網段的靜態路由:下一跳地址為24.24.24.4,優先級為80。
[H3C] ip route-static 3.3.3.0 24 24.24.24.4 preference 80
# 配置到達13.13.13.0的靜態路由:下一跳地址為12.12.12.1。
[H3C]ip route-static 13.13.13.0 24 12.12.12.1
# 配置到達34.34.34.0的靜態路由:下一跳地址為24.24.24.4。
[H3C]ip route-static 34.34.34.0 24 24.24.24.4
# 創建管理員名為admin、操作標簽為test的NQA測試組。
[H3C] nqa entry admin test
# 配置測試類型為ICMP-echo。
[H3C-nqa-admin-test] type icmp-echo
# 配置測試的目的地址為13.13.13.3,下一跳地址為12.12.12.1,以便通過NQA檢測Switch 2-Switch 2-Switch 3這條路徑的連通性。
[H3C-nqa-admin-test-icmp-echo] destination ip 13.13.13.3
[H3C-nqa-admin-test-icmp-echo] next-hop ip 12.12.12.1
# 配置測試頻率為100ms。
[H3C-nqa-admin-test-icmp-echo] frequency 100
# 配置聯動項1(連續失敗5次觸發聯動)。
[H3C-nqa-admin-test-icmp-echo] reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only
[H3C-nqa-admin-test-icmp-echo] quit
# 啟動探測。
[H3C] nqa schedule admin test start-time now lifetime forever
# 配置Track項1,關聯NQA測試組(管理員為admin,操作標簽為test)的聯動項1。
[H3C] track 1 nqa entry admin test reaction 1
【SW3】
# 配置到達2.2.2.0/24網段的靜態路由:下一跳地址為13.13.13.1,優先級為缺省值60,該路由與Track項1關聯。
[H3C] ip route-static 2.2.2.0 24 13.13.13.1 track 1
# 配置到達2.2.2.0/24網段的靜態路由:下一跳地址為34.34.34.4,優先級為80。
[H3C] ip route-static 2.2.2.0 24 34.34.34.4 preference 80
# 配置到達12.12.12.0的靜態路由:下一跳地址為13.13.13.1。
[H3C] ip route-static 12.12.12.0 24 13.13.13.1
# 配置到達24.24.24.0的靜態路由:下一跳地址為34.34.34.4。
[H3C] ip route-static 24.24.24.0 24 34.34.34.4
# 創建管理員名為admin、操作標簽為test的NQA測試組。
[H3C] nqa entry admin test
# 配置測試類型為ICMP-echo。
[H3C-nqa-admin-test] type icmp-echo
# 配置測試的目的地址為12.12.12.2,下一跳地址為13.13.13.1,以便通過NQA檢測Switch 2-Switch 2-Switch 3這條路徑的連通性。
[H3C-nqa-admin-test-icmp-echo] destination ip 12.12.12.2
[H3C-nqa-admin-test-icmp-echo] next-hop ip 13.13.13.1
# 配置測試頻率為100ms。
[H3C-nqa-admin-test-icmp-echo] frequency 100
# 配置聯動項1(連續失敗5次觸發聯動)。
[H3C-nqa-admin-test-icmp-echo] reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only
[H3C-nqa-admin-test-icmp-echo] quit
# 啟動探測。
[H3C] nqa schedule admin test start-time now lifetime forever
# 配置Track項1,關聯NQA測試組(管理員為admin,操作標簽為test)的聯動項1。
[H3C] track 1 nqa entry admin test reaction 1
【SW4】
#SW1配置到2.2.2.0和3.3.3.0網段的靜態路由
[H3C]ip route-static 2.2.2.0 24 24.24.24.2
[H3C]ip route-static 3.3.3.0 24 34.34.34.3
# 顯示SW2上Track項的信息:
[H3C]display track all
Track ID: 1
State: Positive
Duration: 0 days 0 hours 1 minutes 18 seconds
Tracked object type: NQA
Notification delay: Positive 0, Negative 0 (in seconds)
Tracked object:
NQA entry: admin test
Reaction: 1
Remote IP/URL: 13.13.13.3
Local IP: --
Interface: --
#查看SW2上的路由表:
[H3C]display ip routing-table
Destinations : 23 Routes : 23
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
2.2.2.0/24 Direct 0 0 2.2.2.2 Loop0
2.2.2.0/32 Direct 0 0 2.2.2.2 Loop0
2.2.2.2/32 Direct 0 0 127.0.0.1 InLoop0
2.2.2.255/32 Direct 0 0 2.2.2.2 Loop0
3.3.3.0/24 Static 60 0 12.12.12.1 Vlan4
12.12.12.0/24 Direct 0 0 12.12.12.2 Vlan4
12.12.12.0/32 Direct 0 0 12.12.12.2 Vlan4
12.12.12.2/32 Direct 0 0 127.0.0.1 InLoop0
12.12.12.255/32 Direct 0 0 12.12.12.2 Vlan4
13.13.13.0/24 Static 60 0 12.12.12.1 Vlan4
24.24.24.0/24 Direct 0 0 24.24.24.2 Vlan3
24.24.24.0/32 Direct 0 0 24.24.24.2 Vlan3
24.24.24.2/32 Direct 0 0 127.0.0.1 InLoop0
24.24.24.255/32 Direct 0 0 24.24.24.2 Vlan3
34.34.34.0/24 Static 60 0 24.24.24.4 Vlan3
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0
224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0
255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
#以上NQA測試的結果為主路由可達(Track項狀態為Positive),訪問3.3.3.0/24網段路徑是SW2-SW1-SW3。
#將SW1的2號端口shutdown
[H3C]int GigabitEthernet 1/0/2
[H3C-GigabitEthernet1/0/2]shutdown
# 顯示SW2上Track項的信息:
[H3C]display track all
Track ID: 1
State: Negative
Duration: 0 days 0 hours 0 minutes 10 seconds
Tracked object type: NQA
Notification delay: Positive 0, Negative 0 (in seconds)
Tracked object:
NQA entry: admin test
Reaction: 1
Remote IP/URL: 13.13.13.3
Local IP: --
Interface: --
#查看SW2上的路由表
[H3C]display ip routing-table
Destinations : 18 Routes : 18
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
2.2.2.0/24 Direct 0 0 2.2.2.2 Loop0
2.2.2.0/32 Direct 0 0 2.2.2.2 Loop0
2.2.2.2/32 Direct 0 0 127.0.0.1 InLoop0
2.2.2.255/32 Direct 0 0 2.2.2.2 Loop0
3.3.3.0/24 Static 80 0 24.24.24.4 Vlan3
24.24.24.0/24 Direct 0 0 24.24.24.2 Vlan3
24.24.24.0/32 Direct 0 0 24.24.24.2 Vlan3
24.24.24.2/32 Direct 0 0 127.0.0.1 InLoop0
24.24.24.255/32 Direct 0 0 24.24.24.2 Vlan3
34.34.34.0/24 Static 60 0 24.24.24.4 Vlan3
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0
224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0
255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
#NQA測試的結果為主路由不可達(Track項狀態為Negative),則備份路由生效,訪問3.3.3.0/24網段路徑是SW2-SW4-SW3。出現故障後,2.2.2.2到3.3.3.3之間仍然可以通信:
[H3C]ping -a 2.2.2.2 3.3.3.3
Ping 3.3.3.3 (3.3.3.3) from 2.2.2.2: 56 data bytes, press CTRL_C to break
56 bytes from 3.3.3.3: icmp_seq=0 ttl=254 time=4.000 ms
56 bytes from 3.3.3.3: icmp_seq=1 ttl=254 time=3.000 ms
56 bytes from 3.3.3.3: icmp_seq=2 ttl=254 time=1.000 ms
56 bytes from 3.3.3.3: icmp_seq=3 ttl=254 time=1.000 ms
56 bytes from 3.3.3.3: icmp_seq=4 ttl=254 time=1.000 ms
--- Ping statistics for 3.3.3.3 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 1.000/2.000/4.000/1.265 ms
[H3C]%May 29 10:21:41:325 2019 H3C PING/6/PING_STATISTICS: Ping statistics for 3.3.3.3: 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss, round-trip min/avg/max/std-dev = 1.000/2.000/4.000/1.265 ms.
該案例暫時沒有網友評論
編輯評論
✖
案例意見反饋
親~登錄後才可以操作哦!
確定你的郵箱還未認證,請認證郵箱或綁定手機後進行當前操作