ensp router+mstp+vrrp+单nat

其他 2020-06-28 11:37:42 阅读次数: 0

router+mstp+vrrp+单nat

拓扑图

image.png

使用技术

使用到的技术:
	单区域ospf 
  dhcp
  nat

  mstp
  vrrp+track

	端口聚合

接入层

huijuA

sys
sysname huijuA

# 创建vlan
vlan batch 10 20 30 40

# 端口分配
int e0/0/1
port link-type access 
port default vlan 10

int e0/0/2
port link-type access 
port default vlan 20

int e0/0/3
port link-type trunk 
port trunk allow-pass vlan all 

int e0/0/4
port link-type trunk 
port trunk allow-pass vlan all 

# mstp 
stp region-configuration 
region-name wlgc
instance 1 vlan 10 30
instance 2 vlan 20 40 
active region-configuration

huijuB

sys
sysname huijuB

# 创建vlan
vlan batch 10 20 30 40

# 端口分配
int e0/0/1
port link-type access 
port default vlan 30

int e0/0/2
port link-type access 
port default vlan 40

int e0/0/3
port link-type trunk 
port trunk allow-pass vlan all 

int e0/0/4
port link-type trunk 
port trunk allow-pass vlan all 

# mstp 
stp region-configuration 
region-name wlgc
instance 1 vlan 10 30
instance 2 vlan 20 40 
active region-configuration

核心层

coreA

sys
sysname coreA

# 创建vlan
vlan batch 10 20 30 40 50

# 端口分配
int g0/0/1
port link-type access 
port default vlan 50

int g0/0/3
port link-type trunk 
port trunk allow-pass vlan all 

int g0/0/4
port link-type trunk 
port trunk allow-pass vlan all 

# 链路聚合
int Eth-Trunk 1
port link-type trunk 
port trunk allow-pass vlan 10 20 30 40
# 加入
int g0/0/23 
eth-trunk 1

int g0/0/24
eth-trunk 1

# mstp 
stp region-configuration 
region-name wlgc
instance 1 vlan 10 30
instance 2 vlan 20 40 
active region-configuration 

quit
# mstp 根桥指定
stp instance 1 root primary 
stp instance 2 root secondary 

# vrrp配置
int vlan 10
ip address 192.168.10.252 24
vrrp vrid 10 virtual-ip 192.168.10.254
vrrp vrid 10 priority 110
# 配置上联接口检测,直连接口(配置的是本机的端口)检测不通时,降级
vrrp vrid 10 track interface g0/0/1 reduced 50

int vlan 20
ip address 192.168.20.252 24
vrrp vrid 20 virtual-ip 192.168.20.254
# 配置上联接口检测,直连接口(配置的是本机的端口)检测不通时,降级
vrrp vrid 20 track interface g0/0/1 reduced 50

int vlan 30
ip address 192.168.30.252 24
vrrp vrid 30 virtual-ip 192.168.30.254
vrrp vrid 30 priority 110
# 配置上联接口检测,直连接口(配置的是本机的端口)检测不通时,降级
vrrp vrid 30 track interface g0/0/1 reduced 50

int vlan 40
ip address 192.168.40.252 24
vrrp vrid 40 virtual-ip 192.168.40.254
# 配置上联接口检测,直连接口(配置的是本机的端口)检测不通时,降级
vrrp vrid 40 track interface g0/0/1 reduced 50

## 这里配置完,建议display ip int brief
## 顺带验证vlan pc间是否能够通信

# 上联接口vlan
int vlan 50
ip address 192.168.252.1 24

# 配置ospf
ospf 100 router-id 1.1.1.1
area 0 
network 0.0.0.0 255.255.255.255

core B

sys
sysname coreB 

# 创建vlan
vlan batch 10 20 30 40 60

# 端口分配
int g0/0/1
port link-type access 
port default vlan 60

int g0/0/3
port link-type trunk 
port trunk allow-pass vlan all 

int g0/0/4
port link-type trunk 
port trunk allow-pass vlan all 

# 链路聚合
int Eth-Trunk 1
port link-type trunk 
port trunk allow-pass vlan 10 20 30 40

# 加入
int g0/0/23 
eth-trunk 1

int g0/0/24
eth-trunk 1

# mstp 
stp region-configuration 
region-name wlgc
instance 1 vlan 10 30
instance 2 vlan 20 40 
active region-configuration 

quit
# mstp 根桥指定
stp instance 2 root primary 
stp instance 1 root secondary 

# vrrp 配置
int vlan 10
ip address 192.168.10.253 24
vrrp vrid 10 virtual-ip 192.168.10.254 
# 配置上联接口检测,直连接口(配置的是本机的端口)检测不通时,降级
vrrp vrid 10 track interface g0/0/1 reduced 50

int vlan 20
ip address 192.168.20.253 24
vrrp vrid 20 virtual-ip 192.168.20.254
vrrp vrid 20 priority 110
# 配置上联接口检测,直连接口(配置的是本机的端口)检测不通时,降级
vrrp vrid 20 track interface g0/0/1 reduced 50

int vlan 30
ip address 192.168.30.253 24
vrrp vrid 30 virtual-ip 192.168.30.254
# 配置上联接口检测,直连接口(配置的是本机的端口)检测不通时,降级
vrrp vrid 30 track interface g0/0/1 reduced 50

int vlan 40
ip address 192.168.40.253 24
vrrp vrid 40 virtual-ip 192.168.40.254
vrrp vrid 40 priority 110
# 配置上联接口检测,直连接口(配置的是本机的端口)检测不通时,降级
vrrp vrid 40 track interface g0/0/1 reduced 50

## 这里配置完,建议display ip int brief,验证vlan ip
## 顺带验证vlan pc间是否能够通信

# 上联接口vlan
int vlan 60
ip address 192.168.253.1 24

# 配置ospf
ospf 100 router-id 2.2.2.2
area 0 
network 0.0.0.0 255.255.255.255

对外

核心路由器(AR1)

sys
sysname AR1 


int g0/0/0
ip address 192.168.252.2 24

int g0/0/1
ip address 192.168.253.2 24

int g0/0/2
ip address 12.1.1.1 30


# 默认路由
ip route-static 0.0.0.0 0.0.0.0 12.1.1.2


# ospf
ospf 100 router-id 3.3.3.3
# 默认路由重分布
default-route-advertise 
area 0 
network 192.168.0.0 0.0.255.255

# nat 
acl number 3000 
rule 10 permit ip source 192.168.0.0 0.0.255.255

int g0/0/2
nat outbound 3000

ISP

sys
sysname ISP

int g0/0/1
ip address 9.9.9.254 24

int g0/0/0
ip address 12.1.1.2 30

效果图

核心层

coreA

display ip int brief

image.png

vrrp
display vrrp brief

image.png

stp
display stp brief

image.png

coreB

display ip int brief

image.png

vrrp
display vrrp brief

image.png

stp
display stp brief

image.png

dis ip routing-table

image.png

汇聚层

huijuA

display stp brief

image.png

huijuB

display stp brief

image.png

核心路由器

dis ip int brief

错误排查

交换机mac漂移

大致原因是环路
https://support.huawei.com/enterprise/zh/doc/EDOC1000141442/b2b79367

ospf router-id 冲突

先看看是否手工指定时,确实失误了。
再排查和交换机的接口,是否已经配置了vlan,测试和交换机的对应vlan能否互通。

vrrp 主备未切换

1. 确认使用shutdown命令,模拟故障。
2. 确认配置了vrrp track,且配置的接口,是上联接口

猜你喜欢

转载自blog.csdn.net/lik_lik/article/details/106949938
今日推荐
Linus “吃狗粮”最积极!
开源日报 | Winamp播放器即将开源;生成式AI之战升级第二轮;Linus“吃狗粮”最积极;AI进入泡沫前期;吴泳铭为阿里云带来了什么?
NetBSD 禁止提交由 AI 生成的代码
Apache Doris 2.0.10 版本正式发布!
开源日报 | 大模型开战;大模型独角兽被曝卖身;周鸿祎建议谷歌开源所有产品;最大开源AI社区提供1000万美元共享GPU
开源日报 | Chrome内置Gemini的意义不在于Gemini;中国AI追随之路的五大误区;ECharts创始人“下海”养鱼;谷歌I/O开发者大会什么都有,只是没有惊喜
微软回应中国区AI团队“打包赴美”传闻
周排行
SVN服务端安装在阿里云
实战 | 相机标定
webpack核心概念
note20——》只要肯低头吃苦,人生就会有救
PAT甲级 1062 Talent and Virtue (25 分)排序
NG Toolset开发笔记--5GNR Resource Grid(26)
如何对待上司
oracle命令
第9章 STL迭代器
logstash使用es映射模板
每日归档
更多
2024-05-20(36)
2024-05-19(0)
2024-05-18(4)
2024-05-17(34)
2024-05-16(6)
2024-05-15(24)
2024-05-14(0)
2024-05-13(18)
2024-05-12(0)
2024-05-11(38)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022