双链路的负载分担2——MSTP+VRRP+OSPF
网络拓扑:
eNSP模拟器实验拓扑:
网络地址规划:vlan2:10.147.140.0/26 Gateway: 10.147.140.62
vlan3: 10.147.140.64/26 Gateway: 10.147.140.126
vlan4: 10.147.140.128/26 Gateway: 10.147.140.190
vlan5: 10.147.140.192/26 Gateway: 10.147.140.254
路由地址规划:
vlan10: 10.147.141.128/30
vlan11: 10.147.141.132/30
vlan12: 10.147.141.136/30
vlan13: 10.147.141.140/30
配置思路:
所有的交换机同属于同一个MSTP域(office_area),创建4个实例,分别为instance 1 vlan 2;instance 2 vlan 3;instance 3 vlan 4;instance 4 vlan 5。
接入层交换机手工配置开销值阻塞端口,核心层手工指定域根,汇聚层到核心层由stp协议自动阻塞端口。
一、接入层交换机配置
◆ 接入层<接入1>的配置:
① 基本配置:关闭消息提示和命名;
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname Access_1
② 启用MSTP协议,配置域名和实例,并激活;
[Access_1]stp region-configuration
[Access_1-mst-region]region-name office_area
[Access_1-mst-region]instance 1 vlan 2
[Access_1-mst-region]instance 2 vlan 3
[Access_1-mst-region]instance 3 vlan 4
[Access_1-mst-region]instance 4 vlan 5
[Access_1-mst-region]active region-configuration
Info: This operation may take a few seconds. Please wait for a moment...done.
[Access_1-mst-region]quit
③ 阻塞交换机端口,采用默认的路径计算方法;
[Access_1]inter g0/0/2
[Access_1-GigabitEthernet0/0/2]stp instance 3 cost 100 (千兆口默认cost值为1)
[Access_1-GigabitEthernet0/0/2]quit
[Access_1]interface g0/0/1
[Access_1-GigabitEthernet0/0/1]stp instance 4 cost 100 (千兆口默认cost值为1)
[Access_1-GigabitEthernet0/0/1]quit
◆ 接入层<接入3>的配置:
① 基本配置:关闭消息提示和命名;
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname Access_3
② 启用MSTP协议,配置域名和实例,并激活;
[Access_3]stp region-configuration
[Access_3-mst-region]region-name office_area
[Access_3-mst-region]instance 1 vlan 2
[Access_3-mst-region]instance 2 vlan 3
[Access_3-mst-region]instance 3 vlan 4
[Access_3-mst-region]instance 4 vlan 5
[Access_3-mst-region]active region-configuration
Info: This operation may take a few seconds. Please wait for a moment...done.
[Access_1-mst-region]quit
③ 阻塞交换机端口,采用默认的路径计算方法;
[Access_3]inter g0/0/2
[Access_3-GigabitEthernet0/0/2]stp instance 1 cost 100 (千兆口默认cost值为1)
[Access_3-GigabitEthernet0/0/2]quit
[Access_3]interface g0/0/1
[Access_3-GigabitEthernet0/0/1]stp instance 2 cost 100 (千兆口默认cost值为1)
[Access_3-GigabitEthernet0/0/1]quit
二、汇聚层交换机的配置
◆ 汇聚层<汇聚A>的配置:
① 基本配置:关闭消息提示和命名;
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname Convergence_A
② 启用MSTP协议,配置域名和实例,并激活;
[Convergence_A]stp region-configuration
[Convergence_A-mst-region]region-name office_area
[Convergence_A-mst-region]instance 1 vlan 2
[Convergence_A-mst-region]instance 2 vlan 3
[Convergence_A-mst-region]instance 3 vlan 4
[Convergence_A-mst-region]instance 4 vlan 5
[Convergence_A-mst-region]active region-configuration
Info: This operation may take a few seconds. Please wait for a moment...done.
[Convergence_A-mst-region]quit
其他3个汇聚交换机的MSTP配置和<汇聚1>一样。
三、核心层交换机的配置
◆ 核心层<核心1>的MSTP配置:
① 基本配置:关闭消息提示和命名;
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname Core_1
② 启用MSTP协议,配置域名和实例,并激活;
[Core_1]stp region-configuration
[Core_1-mst-region]region-name office_area
[Core_1-mst-region]instance 1 vlan 2
[Core_1-mst-region]instance 2 vlan 3
[Core_1-mst-region]instance 3 vlan 4
[Core_1-mst-region]instance 4 vlan 5
[Core_1-mst-region]active region-configuration
Info: This operation may take a few seconds. Please wait for a moment...done.
[Core_1-mst-region]quit
③ 配置核心1为instance 2和instance 4的主域根,instance 1和instance 3的第二域根;
[Core_1]stp instance 2 root primary
[Core_1]stp instance 4 root primary
[Core_1]stp instance 1 root secondary
[Core_1]stp instance 3 root secondary
◆ 核心层<核心2>的MSTP配置:
① 基本配置:关闭消息提示和命名;
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname Core_2
② 启用MSTP协议,配置域名和实例,并激活;
[Core_2]stp region-configuration
[Core_2-mst-region]region-name office_area
[Core_2-mst-region]instance 1 vlan 2
[Core_2-mst-region]instance 2 vlan 3
[Core_2-mst-region]instance 3 vlan 4
[Core_2-mst-region]instance 4 vlan 5
[Core_2-mst-region]active region-configuration
Info: This operation may take a few seconds. Please wait for a moment...done.
[Core_1-mst-region]quit
③ 配置核心1为instance 2和instance 4的主域根,instance 1和instance 3的第二域根;
[Core_2]stp instance 1 root primary
[Core_2]stp instance 3 root primary
[Core_2]stp instance 2 root secondary
[Core_2]stp instance 4 root secondary
四、接入层、汇聚层的vlan和接口类型配置
◆ 在接入层交换机<接入1、接入2>上配置vlan 4和vlan 5,设置上联接口类型为trunk口,允许vlan 4和vlan 5的报文通过,为避免环路,尽量只允许实例所包含的vlan通过,并启用STP,其他与PC端相连的端口禁用STP;以<接入1>为例:
[Access_1]Stp enable
[Access_1]vlan batch 4 5
[Access_1]interface g0/0/1
[Access_1-GigabitEthernet0/0/1]port link-type trunk
[Access_1-GigabitEthernet0/0/1]Port trunk allow vlan 4 5
[Access_1-GigabitEthernet0/0/1]stp enable
[Access_1-GigabitEthernet0/0/1]quit
[Access_1]interface g0/0/2
[Access_1-GigabitEthernet0/0/2]port link-type trunk
[Access_1-GigabitEthernet0/0/2]Port trunk allow vlan 4 5
[Access_1-GigabitEthernet0/0/2]stp enable
[Access_1-GigabitEthernet0/0/2]quit
[Access_1]port-group 1
[Access_1-port-group-1]group-member g0/0/3 to g0/0/24
[Access_1-port-group-1]port link-type access
.........
[Access_1-port-group-1]stp disable
.........
[Access_1-port-group-1]return
<Access_1>save
◆ 汇聚层<汇聚A、汇聚B>上配置相同的vlan,与各交换机相连的接口设置为trunk,允许vlan 4和vlan 5通过,并启用STP,以<汇聚A>为例:
[Convergence_A]stp enable
[Convergence_A]vlan batch 4 5
[Convergence_A]port-group 1
[Convergence_A-port-group-1]group-member g0/0/1 to g0/0/4
[Convergence_A-port-group-1]port link-type trunk
.........
[Convergence_A-port-group-1]port trunk allow-pass vlan 4 5
.........
[Convergence_A-port-group-1]return
<Convergence_A>save
◆ 其他接入层设备<接入3、接入4>的vlan和接口的配置与<接入1、接入2>配置类似;汇聚层设备<汇聚C、汇聚D>和<汇聚A、汇聚B>配置类似。仅创建vlan 2和vlan 3,接口仅允许vlan 2和vlan 3通过。
五、核心层交换机VRRP和OSPF配置
◆ 核心层<核心1>的配置:
① 基本配置:关闭消息提示和命名;
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname Core_1
② 配置vlan和VRRP:
[Core_1]vlan batch 2 to 5 10 13
Info: This operation may take a few seconds. Please wait for a moment...done.
[Core_1]inter vlan 2
[Core_1-Vlanif2] ip address 10.147.140.60 26
[Core_1-Vlanif2]vrrp vrid 2 virtual-ip 10.147.140.62
[Core_1-Vlanif2]quit
[Core_1]inter vlan 3
[Core_1-Vlanif3] ip address 10.147.140.125 255.255.255.192
[Core_1-Vlanif3]vrrp vrid 3 virtual-ip 10.147.140.126
[Core_1-Vlanif2]vrrp vrid 3 priority 110
[Core_1-Vlanif2]vrrp vrid 3 preempt-mode timer delay 10
[Core_1-Vlanif3]quit
[Core_1]inter vlanif 4
[Core_1-Vlanif4]ip address 10.147.140.189 255.255.255.192
[Core_1-Vlanif4]vrrp vrid 4 virtual-ip 10.147.140.190
[Core_1-Vlanif4]quit
[Core_1]inter vlanif 5
[Core_1-Vlanif5]ip address 10.147.140.252 255.255.255.192
[Core_1-Vlanif5]vrrp vrid 5 virtual-ip 10.147.140.254
[Core_1-Vlanif3]vrrp vrid 5 priority 110
[Core_1-Vlanif3]vrrp vrid 5 preempt-mode timer delay 10
[Core_1-Vlanif5]quit
[Core_1]inter vlanif 10
[Core_1-Vlanif10]ip address 10.147.141.129 255.255.255.252
[Core_1-Vlanif10]quit
[Core_1]inter vlanif 13
[Core_1-Vlanif13]ip address 10.147.141.141 255.255.255.252
[Core_1-Vlanif13]quit
③ 配置端口聚合;
[Core_1]interface Eth-Trunk 1
[Core_1-Eth-Trunk1]port link-type trunk
[Core_1-Eth-Trunk1]port trunk allow-pass vlan 2 to 5
[Core_1-Eth-Trunk1]quit
[Core_1]inter g0/0/23
[Core_1-GigabitEthernet0/0/23]eth-trunk 1
Info: This operation may take a few seconds. Please wait for a moment...done.
[Core_1-GigabitEthernet0/0/24]eth-trunk 1
Info: This operation may take a few seconds. Please wait for a moment...done.
④ 配置接口类型和允许通过的vlan报文;
[Core_1]inter g0/0/3
[Core_1-GigabitEthernet0/0/3]port link-type trunk
[Core_1-GigabitEthernet0/0/3]port trunk allow-pass vlan 4 5
[Core_1-GigabitEthernet0/0/3]quit
[Core_1]interface g0/0/4
[Core_1-GigabitEthernet0/0/4]port link-type trunk
[Core_1-GigabitEthernet0/0/4]port trunk allow-pass vlan 4 5
[Core_1-GigabitEthernet0/0/4]quit
[Core_1]inter g0/0/1
[Core_1-GigabitEthernet0/0/1]port link-type trunk
[Core_1-GigabitEthernet0/0/1]port trunk allow-pass vlan 2 3
[Core_1-GigabitEthernet0/0/1]quit
[Core_1]inter g0/0/2
[Core_1-GigabitEthernet0/0/2]port link-type trunk
[Core_1-GigabitEthernet0/0/2]port trunk allow-pass vlan 2 3
[Core_1-GigabitEthernet0/0/2]quit
[Core_1]inter g0/0/5
[Core_1-GigabitEthernet0/0/5]port link-type access
[Core_1-GigabitEthernet0/0/5]port default vlan 10
[Core_1-GigabitEthernet0/0/5]quit
[Core_1]inter g0/0/6
[Core_1-GigabitEthernet0/0/6]port link-type access
[Core_1-GigabitEthernet0/0/6]port default vlan 13
[Core_1-GigabitEthernet0/0/6]quit
⑤ 配置loopback和OSPF;
[Core_1]inter LoopBack 0
[Core_1-LoopBack0]ip address 3.3.3.3 32
[Core_1-LoopBack0]quit
[Core_1]ospf 1 router-id 3.3.3.3
[Core_1-ospf-1]area 0
[Core_1-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[Core_1-ospf-1-area-0.0.0.0]network 10.147.141.128 0.0.0.3
[Core_1-ospf-1-area-0.0.0.0]network 10.147.141.140 0.0.0.3
[Core_1-ospf-1-area-0.0.0.0]network 10.147.140.0 0.0.0.255
[Core_1-ospf-1-area-0.0.0.0]return
<Core_1>save
◆ 核心层<核心2>的配置:
① 基本配置:关闭消息提示和命名;
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname Core_2
② 配置vlan和VRRP:
[Core_2]vlan batch 2 to 5 10 13
Info: This operation may take a few seconds. Please wait for a moment...done.
[Core_2]inter vlan 2
[Core_2-Vlanif2] ip address 10.147.140.61 26
[Core_2-Vlanif2]vrrp vrid 2 virtual-ip 10.147.140.62
[Core_2-Vlanif2]vrrp vrid 2 priority 110
[Core_2-Vlanif2]vrrp vrid 2 preempt-mode timer delay 10
[Core_2-Vlanif2]quit
[Core_2]inter vlan 3
[Core_2-Vlanif3] ip address 10.147.140.124 255.255.255.192
[Core_2-Vlanif3]vrrp vrid 3 virtual-ip 10.147.140.126
[Core_2-Vlanif3]quit
[Core_2]inter vlanif 4
[Core_2-Vlanif4]ip address 10.147.140.188 255.255.255.192
[Core_2-Vlanif4]vrrp vrid 4 virtual-ip 10.147.140.190
[Core_2-Vlanif3]vrrp vrid 4 priority 110
[Core_2-Vlanif3]vrrp vrid 4 preempt-mode timer delay 10
[Core_2-Vlanif4]quit
[Core_2]inter vlanif 5
[Core_2-Vlanif5]ip address 10.147.140.253 255.255.255.192
[Core_2-Vlanif5]vrrp vrid 5 virtual-ip 10.147.140.254
[Core_2-Vlanif5]quit
[Core_2]inter vlanif 11
[Core_2-Vlanif10]ip address 10.147.141.133 255.255.255.252
[Core_2-Vlanif10]quit
[Core_2]inter vlanif 12
[Core_2-Vlanif13]ip address 10.147.141.137 255.255.255.252
[Core_2-Vlanif13]quit
③ 配置端口聚合;
[Core_2]interface Eth-Trunk 1
[Core_2-Eth-Trunk1]port link-type trunk
[Core_2-Eth-Trunk1]port trunk allow-pass vlan 2 to 5
[Core_2-Eth-Trunk1]quit
[Core_2]inter g0/0/23
[Core_2-GigabitEthernet0/0/23]eth-trunk 1
Info: This operation may take a few seconds. Please wait for a moment...done.
[Core_2-GigabitEthernet0/0/24]eth-trunk 1
Info: This operation may take a few seconds. Please wait for a moment...done.
④ 配置接口类型和允许通过的vlan报文;
[Core_2]inter g0/0/3
[Core_2-GigabitEthernet0/0/3]port link-type trunk
[Core_2-GigabitEthernet0/0/3]port trunk allow-pass vlan 4 5
[Core_2-GigabitEthernet0/0/3]quit
[Core_2]interface g0/0/4
[Core_2-GigabitEthernet0/0/4]port link-type trunk
[Core_2-GigabitEthernet0/0/4]port trunk allow-pass vlan 4 5
[Core_2-GigabitEthernet0/0/4]quit
[Core_2]inter g0/0/1
[Core_2-GigabitEthernet0/0/1]port link-type trunk
[Core_2-GigabitEthernet0/0/1]port trunk allow-pass vlan 2 3
[Core_2-GigabitEthernet0/0/1]quit
[Core_2]inter g0/0/2
[Core_2-GigabitEthernet0/0/2]port link-type trunk
[Core_2-GigabitEthernet0/0/2]port trunk allow-pass vlan 2 3
[Core_2-GigabitEthernet0/0/2]quit
[Core_2]inter g0/0/5
[Core_2-GigabitEthernet0/0/5]port link-type access
[Core_2-GigabitEthernet0/0/5]port default vlan 11
[Core_2-GigabitEthernet0/0/5]quit
[Core_2]inter g0/0/6
[Core_2-GigabitEthernet0/0/6]port link-type access
[Core_2-GigabitEthernet0/0/6]port default vlan 12
[Core_2-GigabitEthernet0/0/6]quit
⑤ 配置loopback和OSPF;
[Core_2]inter LoopBack 0
[Core_2-LoopBack0]ip address 4.4.4.4 32
[Core_2-LoopBack0]quit
[Core_2]ospf 1 router-id 4.4.4.4
[Core_2-ospf-1]area 0
[Core_2-ospf-1-area-0.0.0.0]network 4.4.4.4 0.0.0.0
[Core_2-ospf-1-area-0.0.0.0]network 10.147.141.132 0.0.0.3
[Core_2-ospf-1-area-0.0.0.0]network 10.147.141.136 0.0.0.3
[Core_2-ospf-1-area-0.0.0.0]network 10.147.140.0 0.0.0.255
[Core_2-ospf-1-area-0.0.0.0]return
<Core_2>save
六、路由器的配置
◆ 路由器1的配置过程
① 基本配置:关闭消息提示和命名;
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname R1
② 配置接口地址:
[R1]inter LoopBack 0
[R1-LoopBack0]ip address 1.1.1.1 32
[R1-LoopBack0]quit
[R1]inter g0/0/0
[R1-GigabitEthernet0/0/0]ip address 10.147.141.130 30
[R1-GigabitEthernet0/0/0]quit
[R1]inter g0/0/1
[R1-GigabitEthernet0/0/1]ip address 10.147.141.134 30
[R1-GigabitEthernet0/0/1]quit
③ 启用OSPF,配置路由:
[R1]ospf 1 router-id 1.1.1.1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.147.141.128 0.0.0.3
[R1-ospf-1-area-0.0.0.0]network 10.147.141.132 0.0.0.3
[R1-ospf-1-area-0.0.0.0]return
<R1>save
◆ 路由器R2的配置过程和R1类似
① 基本配置:关闭消息提示和命名;
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname R2
② 配置接口地址:
[R2]inter LoopBack 0
[R2-LoopBack0]ip address 2.2.2.2 32
[R2-LoopBack0]quit
[R2]inter g0/0/0
[R2-GigabitEthernet0/0/0]ip address 10.147.141.142 30
[R2-GigabitEthernet0/0/0]quit
[R2]inter g0/0/1
[R2-GigabitEthernet0/0/1]ip address 10.147.141.138 30
[R2-GigabitEthernet0/0/1]quit
③ 启用OSPF,配置路由:
[R2]ospf 1 router-id 2.2.2.2
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 10.147.141.140 0.0.0.3
[R2-ospf-1-area-0.0.0.0]network 10.147.141.136 0.0.0.3
[R2-ospf-1-area-0.0.0.0]return
<R2>save
七、抓包检验数据流向
◆ 接入层<接入1>配置属于vlan4的PC,向路由器R1发包:
PC端ping
PC>ping 1.1.1.1
Ping 1.1.1.1: 32 data bytes, Press Ctrl_C to break
From 1.1.1.1: bytes=32 seq=1 ttl=254 time=78 ms
From 1.1.1.1: bytes=32 seq=2 ttl=254 time=63 ms
From 1.1.1.1: bytes=32 seq=3 ttl=254 time=78 ms
From 1.1.1.1: bytes=32 seq=4 ttl=254 time=78 ms
From 1.1.1.1: bytes=32 seq=5 ttl=254 time=93 ms
--- 1.1.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 63/78/93 ms
交换机<接入1>接口G0/0/1和G0/0/2的数据包:
汇聚层交换机<汇聚A>接口G0/0/3和G0/0/4的数据包:
4.核心层交换<核心1>的接口G0/0/5和<核心2>的接口G0/0/6数据包:
数据流向的抓包不够全面,可能存在其他vlan并不能按照设定的链路流出,总体没有形成环路,设备可以实现负载分担。
本文出自 “每天进步一点点” 博客,请务必保留此出处http://pthahnil.blog.51cto.com/814988/1432120