虚拟路由冗余协议VRRP

是一种用于提高网络可靠性的容错协议。通过VRRP,可以在主机的下一跳设备出现故障时,及时将业务切换到备份设备,从而保障网络通信的连续性和可靠性。

网络拓扑:

img

VRRP 配置:

  1. 按照拓扑显示修改主机名,配置IP地址,AR3和AR1、AR2级联的链路,AR3的端口配置第一个可用IP地址
  2. AR1和AR3配置静态路由,AR2配置默认路由
  3. 配置VRRP备份组1,AR1为Master设备,优先级200,AR2为Backup设备,优先级150,VRRP备份组1的虚拟IP地址为192.168.1.253
  4. 配置VRRP备份组2:AR2为Master设备,优先级高于默认200,AR1为Backup设备,优先级150,VRRP备份组2的虚拟IP地址为192.168.1.254
  5. 配置Master的抢占延时时间为10秒。
  6. Master配置VRRP的上行接口跟踪。如果DOWN,优先级降低60

配置过程:

1.配置IP

AR1:

int g0/0/0
ip add 1.1.1.2 30
int g0/0/1
ip add 192.168.1.251 24

AR2:

int g0/0/0
ip add 2.2.2.2 30
int g0/0/1
ip add 192.168.1.252 24

AR3:

int g0/0/0
ip add 1.1.1.1 30
int g0/0/1
ip add 2.2.2.1 30
int lo0
ip add 3.3.3.3 24

2.配置路由

AR1:

ip route-static 3.3.3.3 24 1.1.1.1

AR3:

ip route-static 192.168.1.0 24 1.1.1.2
ip route-static 192.168.1.0 24 2.2.2.2

静态路由

AR2:

ip route-static 0.0.0.0 0.0.0.0 2.2.2.1

默认路由

3.启用OSPF

AR1:

ospf
a 0
net 1.1.1.0 0.0.0.3
net 192.168.1.1 0.0.0.255

AR2:

ospf
a 0
net 2.2.2.0 0.0.0.3
net 192.168.1.0 0.0.0.255

AR3:

ospf a 0
net 1.1.1.0 0.0.0.3
net 2.2.2.0 0.0.0.3
net 3.3.3.0 0.0.0.255

4.创建VRRP

AR1:

int g0/0/1
vrrp vrid 1 virtual-ip 192.168.1.253
vrrp vrid 1 priority 200
vrrp vrid 1 track int g0/0/0 reduced 60

vrrp vrid 2 virtual-ip 192.168.1.254
vrrp vrid 2 priority 150

vrrp vrid 1 preempt-mode timer delay 10

AR2:

int g0/0/1
vrrp vrid 1 virtual-ip 192.168.1.253
vrrp vrid 1 priority 150

vrrp vrid 2 virtual-ip 192.168.1.254
vrrp vrid 2 priority 210
vrrp vrid 1 track int g0/0/0 reduced 60

vrrp vrid 2 preempt-mode timer delay 10

5.验证配置

PC1:

PC>ping 3.3.3.3

Ping 3.3.3.3: 32 data bytes, Press Ctrl_C to break
Request timeout!
From 3.3.3.3: bytes=32 seq=2 ttl=254 time=93 ms
From 3.3.3.3: bytes=32 seq=3 ttl=254 time=79 ms
From 3.3.3.3: bytes=32 seq=4 ttl=254 time=62 ms
From 3.3.3.3: bytes=32 seq=5 ttl=254 time=62 ms

--- 3.3.3.3 ping statistics ---
  5 packet(s) transmitted
  4 packet(s) received
  20.00% packet loss
  round-trip min/avg/max = 0/74/93 ms

PC2:

PC>ping 3.3.3.3

Ping 3.3.3.3: 32 data bytes, Press Ctrl_C to break
Request timeout!
From 3.3.3.3: bytes=32 seq=2 ttl=254 time=94 ms
From 3.3.3.3: bytes=32 seq=3 ttl=254 time=78 ms
From 3.3.3.3: bytes=32 seq=4 ttl=254 time=62 ms
From 3.3.3.3: bytes=32 seq=5 ttl=254 time=63 ms

--- 3.3.3.3 ping statistics ---
  5 packet(s) transmitted
  4 packet(s) received
  20.00% packet loss
  round-trip min/avg/max = 0/74/94 ms

断开链路

img

PC1:

PC>ping 3.3.3.3

Ping 3.3.3.3: 32 data bytes, Press Ctrl_C to break
Request timeout!
From 3.3.3.3: bytes=32 seq=2 ttl=254 time=78 ms
From 3.3.3.3: bytes=32 seq=3 ttl=254 time=93 ms
From 3.3.3.3: bytes=32 seq=4 ttl=254 time=79 ms
From 3.3.3.3: bytes=32 seq=5 ttl=254 time=93 ms

--- 3.3.3.3 ping statistics ---
  5 packet(s) transmitted
  4 packet(s) received
  20.00% packet loss
  round-trip min/avg/max = 0/85/93 ms

依然可以正常通信,散花~