版权声明:AshQ https://blog.csdn.net/qq_41565459/article/details/87938510
很高兴,很自豪!公司越做越大,由以前的单条专线上打通道互通;到目前多POP点,主备多线路,多客户组网互通。没有技术的支撑是不可能长到现在的地步滴^_^. (其实只是网络小白的一个小小的成长...)
OK! 嘚瑟完毕后开始讲故事!
故事背景:
由于公司主要搞云服务的,起初每个客户的专线网络基本都是由虚拟linux云服务器配置静态路由搭建起来的。但随着业务成长,需求越来越复杂,稳定性要求越来越高。不得不开始考虑更加稳定的网络结构。
首先想到的就是大学玩过的路由协议,选了OSPF路由协议来搭建一个验证环境(后期还能在这基础上实现MPLS)。
拓扑图(拓扑图仅为HM-HK两个POP点之间的专线模拟实验图):
验证环境:云服务器CentOS6.9 + quagga
其中HK、HM、SH1、BJ是每个POP点的核心骨干节点。GW-SH1、GW-HM1、GW-HK1、GW-BJ1分别模拟不同POP点中用户的专线网关。VM-SH1、VM-HM1、VM-BJ1、VM-HK1分别是不同POP点中用户购买的云服务器。
HM-HK,SH1-HK,BJ-HK这三对之间都有主备两条专线。设置不同的ospf cost值。通常情况下数据都走主线路,当主线路有维护或者故障时流量会自动切到备用线路。
开始搭建:
1. 安装quagga,开启zebra和ospfd两个守护进程。
安利一波quagga和FinalShell(linux服务器管理工具);
Quagga是一个开源路由软件套件,可以将Linux变成支持如RIP、OSPF、BGP和IS-IS等主要路由协议的路由器。它具有对IPv4和IPv6的完整支持,并支持路由/前缀过滤。Quagga可以是你生命中的救星,以防你的生产路由器一旦宕机,而你没有备用的设备而只能等待更换。通过适当的配置,Quagga甚至可以作为生产路由器。
FinalShell是国产一体化的的服务器,网络管理软件,不仅是ssh客户端,还是功能强大的开发,运维工具,充分满足开发,运维需求.
特色功能;免费海外服务器远程桌面加速,ssh加速,双边tcp加速,内网穿透.
以下步骤需在上述所有节点上面运行(如果是虚拟云环境,可以配置好一台后建立OSPF模板,从模板直接开出新的云服务器)。
给linux云服务器配置好每个网卡的IP,关闭防火墙,开启ipforward,关闭selinux。
yum install quagga #直接yum安装quaggacp /usr/share/doc/quagga-0.99.15/zebra.conf.sample /etc/quagga/zebra.conf
cp /usr/share/doc/quagga-0.99.15/ospfd.conf.sample /etc/quagga/ospfd.conf
service zebra start
service ospfd start
chkconfig zebra on
chkconfig ospfd on
vtysh #进入命令行
GW1-SH1# configure terminal
GW1-SH1(config)# log file /var/log/quagga/quagga.log
GW1-SH1(config)# exit
GW1-SH1# write2. 在每个节点上面配置OSPF
GW-HK1
!
router ospf
ospf router-id 10.192.33.200
network 10.192.33.0/24 area 0.0.0.0
network 172.16.133.0/24 area 0.0.0.0
!HK
!
router ospf
ospf router-id 10.192.33.50
network 10.192.33.0/24 area 0.0.0.0
network 10.192.237.0/24 area 0.0.0.3
network 10.192.238.0/24 area 0.0.0.2
network 10.192.239.0/24 area 0.0.0.1
network 10.200.1.0/24 area 0.0.0.1
network 10.200.2.0/24 area 0.0.0.2
!
HM
!
router ospf
ospf router-id 10.192.239.51
network 10.192.239.0/24 area 0.0.0.1
network 172.16.55.0/24 area 0.0.0.1
!
GW-HM1
!
router ospf
ospf router-id 172.16.55.51
network 172.16.55.0/24 area 0.0.0.1
network 172.20.10.0/24 area 0.0.0.1
!
SH
!
router ospf
ospf router-id 10.192.1.50
network 10.192.1.0/24 area 0.0.0.2
network 10.192.238.0/24 area 0.0.0.2
network 10.200.2.0/24 area 0.0.0.2
!
GW-SH1
!
router ospf
ospf router-id 10.192.1.51
network 10.192.1.0/24 area 0.0.0.2
network 192.168.90.0/24 area 0.0.0.2
!
BJ
待更新...GW-SBJ1
待更新...
再配置好备用专线的cost
3. 检查路由节点路由和邻居信息
GW-HK1
GW1-HK# show ip route ospf
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
O>* 10.192.1.0/24 [110/30] via 10.192.33.50, eth2, 18:59:24
O 10.192.33.0/24 [110/10] is directly connected, eth2, 18:59:36
O>* 10.192.237.0/24 [110/20] via 10.192.33.50, eth2, 18:59:24
O>* 10.192.238.0/24 [110/20] via 10.192.33.50, eth2, 18:59:24
O>* 10.192.239.0/24 [110/20] via 10.192.33.50, eth2, 18:59:24
O>* 172.16.55.0/24 [110/30] via 10.192.33.50, eth2, 05:49:58
O 172.16.133.0/24 [110/10] is directly connected, eth3, 18:59:25
O>* 172.20.10.0/24 [110/40] via 10.192.33.50, eth2, 05:47:13
O>* 192.168.90.0/24 [110/40] via 10.192.33.50, eth2, 18:59:24
GW1-HK#
OSPF-HK1# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
10.192.1.50 1 Full/DR 39.684s 10.192.238.51 eth0:10.192.238.50 0 0 0
10.192.239.51 1 Full/Backup 36.517s 10.192.239.51 eth2:10.192.239.50 0 0 0
10.192.33.200 1 Full/Backup 34.406s 10.192.33.200 eth4:10.192.33.50 0 0 0
OSPF-HK1# HK
OSPF-HK1# show ip route ospf
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
O>* 10.192.1.0/24 [110/20] via 10.192.238.51, eth0, 19:05:07
O 10.192.33.0/24 [110/10] is directly connected, eth4, 19:04:40
O 10.192.237.0/24 [110/10] is directly connected, eth3, 19:04:26
O 10.192.238.0/24 [110/10] is directly connected, eth0, 19:05:26
O 10.192.239.0/24 [110/10] is directly connected, eth2, 19:05:12
O>* 172.16.55.0/24 [110/20] via 10.192.239.51, eth2, 05:51:24
O>* 172.16.133.0/24 [110/20] via 10.192.33.200, eth4, 19:00:51
O>* 172.20.10.0/24 [110/30] via 10.192.239.51, eth2, 05:48:39
O>* 192.168.90.0/24 [110/30] via 10.192.238.51, eth0, 19:05:07
OSPF-HK1#
GW1-HK# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
10.192.33.50 1 Full/DR 39.299s 10.192.33.50 eth2:10.192.33.200 0 0 0
GW1-HK# HM
OSPF-HM# show ip route ospf
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
O>* 10.192.1.0/24 [110/30] via 10.192.239.50, eth0, 05:51:41
O>* 10.192.33.0/24 [110/20] via 10.192.239.50, eth0, 05:51:41
O>* 10.192.237.0/24 [110/20] via 10.192.239.50, eth0, 05:51:41
O>* 10.192.238.0/24 [110/20] via 10.192.239.50, eth0, 05:51:41
O 10.192.239.0/24 [110/10] is directly connected, eth0, 05:51:59
O 172.16.55.0/24 [110/10] is directly connected, eth1, 05:51:46
O>* 172.16.133.0/24 [110/30] via 10.192.239.50, eth0, 05:51:41
O>* 172.20.10.0/24 [110/20] via 172.16.55.51, eth1, 05:49:01
O>* 192.168.90.0/24 [110/40] via 10.192.239.50, eth0, 05:51:41
OSPF-HM#
OSPF-HM# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
10.192.33.50 1 Full/DR 30.894s 10.192.239.50 eth0:10.192.239.51 0 0 0
172.16.55.51 1 Full/Backup 30.338s 172.16.55.51 eth1:172.16.55.50 0 0 0
OSPF-HM# GW-HM1
GW1-HM# show ip route ospf
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
O>* 10.192.1.0/24 [110/40] via 172.16.55.50, eth0, 05:49:24
O>* 10.192.33.0/24 [110/30] via 172.16.55.50, eth0, 05:49:24
O>* 10.192.237.0/24 [110/30] via 172.16.55.50, eth0, 05:49:24
O>* 10.192.238.0/24 [110/30] via 172.16.55.50, eth0, 05:49:24
O>* 10.192.239.0/24 [110/20] via 172.16.55.50, eth0, 05:49:24
O 172.16.55.0/24 [110/10] is directly connected, eth0, 05:49:36
O>* 172.16.133.0/24 [110/40] via 172.16.55.50, eth0, 05:49:24
O 172.20.10.0/24 [110/10] is directly connected, eth1, 05:49:25
O>* 192.168.90.0/24 [110/50] via 172.16.55.50, eth0, 05:49:24
GW1-HM#SH
OSPF-SH1# show ip route ospf
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
O 10.192.1.0/24 [110/10] is directly connected, eth1, 19:10:18
O>* 10.192.33.0/24 [110/20] via 10.192.238.50, eth0, 19:05:47
O>* 10.192.237.0/24 [110/20] via 10.192.238.50, eth0, 19:05:35
O 10.192.238.0/24 [110/10] is directly connected, eth0, 19:09:56
O>* 10.192.239.0/24 [110/20] via 10.192.238.50, eth0, 19:05:47
O>* 172.16.55.0/24 [110/30] via 10.192.238.50, eth0, 05:52:34
O>* 172.16.133.0/24 [110/30] via 10.192.238.50, eth0, 19:02:00
O>* 172.20.10.0/24 [110/40] via 10.192.238.50, eth0, 05:49:49
O>* 192.168.90.0/24 [110/20] via 10.192.1.51, eth1, 19:10:08
OSPF-SH1#GW-SH1
GW1-SH1# show ip route ospf
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
O 10.192.1.0/24 [110/10] is directly connected, eth0, 19:11:54
O>* 10.192.33.0/24 [110/30] via 10.192.1.50, eth0, 19:06:03
O>* 10.192.237.0/24 [110/30] via 10.192.1.50, eth0, 19:05:51
O>* 10.192.238.0/24 [110/20] via 10.192.1.50, eth0, 19:10:12
O>* 10.192.239.0/24 [110/30] via 10.192.1.50, eth0, 19:06:03
O>* 172.16.55.0/24 [110/40] via 10.192.1.50, eth0, 05:52:50
O>* 172.16.133.0/24 [110/40] via 10.192.1.50, eth0, 19:02:16
O>* 172.20.10.0/24 [110/50] via 10.192.1.50, eth0, 05:50:05
O 192.168.90.0/24 [110/10] is directly connected, eth1, 19:11:46
GW1-SH1#BJ
待更新...GW-SBJ1
待更新...4.验证路由
VM-SH1 tracert VM-HK1
VM-HK1 tracert VM-HM1
VM-SH1 tracert VM-HM1
完美收工!监控搞起,测试客户切进来,长时间观察下状况!期待好的结果...