Tip: After the article is written, the table of contents can be automatically generated. How to generate it can refer to the help document on the right
Article Directory
- foreword
- 1. The purpose of the experiment: In the experiment in the local area network, the dhcp server is responsible for address allocation, and the core switch performs link aggregation to increase bandwidth
- 2. Use steps
- 1. eth-trunk configuration
- 2. VLAN layer 2 configuration
- 3. MSTP configuration
- 4. VRRP load sharing
- 5. DHCP relay server
- Summarize
foreword
I have tried this experiment many times. There was a loop in the MSTP configuration in the entire topology map, and the address could not be obtained normally. At first I thought it was an ensp system bag, but after many investigations, I found that it was a MSTP configuration problem. Now the experimental steps are as follows:
Experimental results: Data from PC1 and PC2 go to LSW1, data from PC3 and PC4 go to LSW2, when device g0/0/4 of LW1 is disconnected, switch to LW2, PC1 and PC2 go along the path of LSW2, and obtain addresses from DHCP. When the g0/0/4 link of the LW2 device is disconnected, PC3 and PC4 can go through the LSW1 link to obtain addresses from DHCP. The specific configuration is as follows (LAN dhcp server configuration and load sharing)
1. eth-trunk configuration:
LSW1:
sy
un in en (关闭信息提示)
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
trunkport g 0/0/1 to 0/0/3 加入端口
LSW2:
sy
un in en (关闭信息提示)
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
trunkport g 0/0/1 to 0/0/3
2. VLAN Layer 2 configuration:
LSW1:
vlan batch 10 20 30 40 100
int g0/0/4
port link-type access
port default vlan 100
int g0/0/5
port link-t trunk
port trunk allow-p vlan 10 20
int g0/0/6
port link-t trunk
port trunk allow-p vlan 30 40
LSW2:
vlan batch 10 20 30 40 101
int g0/0/4
port link-type access
port default vlan 101
int g0/0/5
port link-t trunk
port trunk allow-p vlan 10 20
int g0/0/6
port link-t trunk
port trunk allow-p vlan 30 40
JIERU1:
sy
un in en
vlan batch 10 20 30 40
int g0/0/1
port link-t trunk
port trunk allow-p vlan 10 20
int g0/0/2
port link-t trunk
port trunk allow-p vlan 10 20
int g0/0/3
port link-type access
port default vlan 10
int g0/0/4
port link-type access
port default vlan 20
JIERU2:
sy
un in en
vlan batch 10 20 30 40
int g0/0/1
port link-t trunk
port trunk allow-p vlan 30 40
int g0/0/2
port link-t trunk
port trunk allow-p vlan 30 40
int g0/0/3
port link-type access
port default vlan 30
int g0/0/4
port link-type access
port default vlan 40
3. MSTP configuration:
LSW1:
stp enable
stp region-configuration
region-name 1
instance 1 vlan 10 20
instance 2 vlan 30 40
active region-configuration
stp instance 1 root primary 主根桥
stp instance 2 root secondary 备用根桥
LSW2:
stp enable
stp region-configuration
region-name 1
instance 1 vlan 10 20
instance 2 vlan 30 40
active region-configuration
stp instance 1 root secondary
stp instance 2 root primary
JIERU1:
stp enable
stp region-configuration
region-name 1
instance 1 vlan 10 20
instance 2 vlan 30 40
active region-configuration
JIERU2:
stp enable
stp region-configuration
region-name 1
instance 1 vlan 10 20
instance 2 vlan 30 40
active region-configuration
4. Virtual address and vrrp configuration:
LSW1:
interface Vlanif10
ip address 10.1.1.254 255.255.255.0
vrrp vrid 1 virtual-ip 10.1.1.1 vrrp虚拟网关
vrrp vrid 1 priority 120 vrrp优先级(越大越优先)
vrrp vrid 1 track interface GigabitEthernet0/0/4 reduced 50 端口监视
interface Vlanif20
ip address 20.1.1.254 255.255.255.0
vrrp vrid 2 virtual-ip 20.1.1.1
vrrp vrid 2 priority 120
vrrp vrid 2 track interface GigabitEthernet0/0/4 reduced 50
interface Vlanif30
ip address 30.1.1.254 255.255.255.0
vrrp vrid 3 virtual-ip 30.1.1.1
ip address 40.1.1.254 255.255.255.0
vrrp vrid 4 virtual-ip 40.1.1.1
int vlanif 100
ip address 100.1.1.1 24
LSW2:
interface Vlanif10
ip address 10.1.1.253 255.255.255.0
vrrp vrid 1 virtual-ip 10.1.1.1
interface Vlanif20
ip address 20.1.1.253 255.255.255.0
vrrp vrid 2 virtual-ip 20.1.1.1
interface Vlanif30
ip address 30.1.1.253 255.255.255.0
vrrp vrid 3 virtual-ip 30.1.1.1
vrrp vrid 3 priority 120
vrrp vrid 3 track interface GigabitEthernet0/0/4 reduced 50
interface Vlanif40
ip address 40.1.1.253 255.255.255.0
vrrp vrid 4 virtual-ip 40.1.1.1
vrrp vrid 4 priority 120
vrrp vrid 4 track interface GigabitEthernet0/0/4 reduced 50
interface vlanif 101
ip address 101.1.1.1 24
5. Configure dhcp server, dhcp relay, dhcp snooping, static routing strategy:
DHCP服务器:
sy
un in en
sys DHCP
dhcp enable 开启服务
ip pool 10
gateway-list 10.1.1.1
network 10.1.1.0 mask 255.255.255.0
excluded-ip-address 10.1.1.253 10.1.1.254
dns-list 8.8.8.8
#
ip pool 20
gateway-list 20.1.1.1
network 20.1.1.0 mask 255.255.255.0
excluded-ip-address 20.1.1.253 20.1.1.254
dns-list 8.8.8.8
#
ip pool 30
gateway-list 30.1.1.1
network 30.1.1.0 mask 255.255.255.0
excluded-ip-address 30.1.1.253 30.1.1.254
dns-list 8.8.8.8
#
ip pool 40
gateway-list 40.1.1.1
network 40.1.1.0 mask 255.255.255.0
excluded-ip-address 40.1.1.253 40.1.1.254
dns-list 8.8.8.8
interface GigabitEthernet0/0/0
ip address 100.1.1.2 255.255.255.0
dhcp select global
#
interface GigabitEthernet0/0/1
ip address 101.1.1.2 255.255.255.0
dhcp select global
interface LoopBack0
ip address 5.5.5.5 255.255.255.0
#
ip route-static 10.1.1.0 255.255.255.0 100.1.1.1
ip route-static 10.1.1.0 255.255.255.0 101.1.1.1 preference 70
ip route-static 20.1.1.0 255.255.255.0 100.1.1.1
ip route-static 20.1.1.0 255.255.255.0 101.1.1.1 preference 70
ip route-static 30.1.1.0 255.255.255.0 100.1.1.1 preference 70
ip route-static 30.1.1.0 255.255.255.0 101.1.1.1
ip route-static 40.1.1.0 255.255.255.0 100.1.1.1 preference 70
ip route-static 40.1.1.0 255.255.255.0 101.1.1.1
LSW1中继:
dhcp en
int v 10
dhcp select relay
dhcp relay server-ip 100.1.1.2
int v 20
dhcp select relay
dhcp relay server-ip 100.1.1.2
int v 30
dhcp select relay
dhcp relay server-ip 100.1.1.2
int v 40
dhcp select relay
dhcp relay server-ip 100.1.1.2
ip route-static 0.0.0.0 0 100.1.1.2
LSW2中继:
dhcp en
int v 10
dhcp select relay
dhcp relay server-ip 101.1.1.2
int v 20
dhcp select relay
dhcp relay server-ip 101.1.1.2
int v 30
dhcp select relay
dhcp relay server-ip 101.1.1.2
int v 40
dhcp select relay
dhcp relay server-ip 101.1.1.2
ip route-static 0.0.0.0 0 101.1.1.2
JIERU1 DHCP snooping配置:
dhcp en
dhcp snooping en
vlan 10
dhcp snooping enable
vlan 20
dhcp snooping enable
int g/0/1
dhcp snooping enable
dhcp snooping trusted
int g0/0/2
dhcp snooping enable
dhcp snooping trusted
JIERU2 DHCP snooping配置:
dhcp en
dhcp snooping en
vlan 30
dhcp snooping enable
vlan 40
dhcp snooping enable
int g/0/1
dhcp snooping enable
dhcp snooping trusted
int g0/0/2
dhcp snooping enable
dhcp snooping trusted
The configuration is complete: view the relevant data:
1. VRRP load sharing:
When disconnecting the LSW1g0/0/4 port:
It can complete the active/standby switch autonomously.
When disconnecting the LSW2g0/0/4 port:
Active/standby switching is also possible.
2. Check the address obtained by the PC:
The address can be obtained, and access to the DHCP loopback network port 5.5.5.5 is completed.
Summarize
This experiment combines Huawei's various policy protocols, and is suitable for internal network planning of companies and departments. On this basis, ACL access control can be added to prohibit mutual visits between departments. AC deploys wireless networks, and FTP, DNS, and www servers can also be deployed. On this basis, a variety of network elements can be added, but there are also shortcomings, that is, the downlink network redundancy of the core part and the diverse configuration of the aggregated links are not done well. When the core downlink interface fails, the PC cannot obtain the address. , I am still looking for a solution to this, if anyone knows, please leave a message and let me know, thank you very much.