The topology diagram and the topic are in the 2016 Xinhua Three Cup rematch experiment blog in this column, the basic configuration is not included (IP address and vlan division)
MSTP and VRRP deployment
Configure MSTP on headquarters switches S1 and S2 to prevent Layer 2 loops: All data flows are required to be forwarded through S1, and forwarded through S2 when S1 fails. The configured parameters are as follows:
- region-name is H3C
- Instance value is 1
- S1 acts as the primary root in the instance, and S2 acts as the secondary root in the instance
Configure VRRP on S1 and S2 to realize the gateway redundancy of the host, and the configured parameters are as shown in the figure below
| VLAN |
VRRP backup group number |
VRRP virtual IP |
| VLAN 10 |
10 |
192.0.10.254 |
| WAVE 20 |
20 |
192.0.20.254 |
| VLAN 30 |
30 |
192.0.30.254 |
| VLAN 40 |
40 |
192.0.40.254 |
S1 is the actual gateway of all hosts, and S2 is the backup gateway of all hosts. The high priority of each VRRP group is 150, and the low priority is 120.
Problem solving: MSTP configuration part
S1 has the same configuration as S2
stp region-configuration
region-name H3C
instance 1 vlan 10 20 30 40
active region-configurationS1 command: stp instance 1 root primary #Configure as the primary root in instance 1
S2 command: stp instance 1 root secondary #Configure as backup root in instance 1
Problem solving: VRRP configuration part
S1
interface Vlan-interface10
vrrp vrid 10 virtual-ip 192.0.10.254
vrrp vrid 10 priority 150
#
interface Vlan-interface20
vrrp vrid 10 virtual-ip 192.0.20.254
vrrp vrid 10 priority 150
#
interface Vlan-interface30
vrrp vrid 10 virtual-ip 192.0.30.254
vrrp vrid 10 priority 150
#
interface Vlan-interface40
vrrp vrid 10 virtual-ip 192.0.40.254
vrrp vrid 10 priority 150
S2
interface Vlan-interface10
vrrp vrid 10 virtual-ip 192.0.10.254
vrrp vrid 10 priority 120
#
interface Vlan-interface20
vrrp vrid 10 virtual-ip 192.0.20.254
vrrp vrid 10 priority 120
#
interface Vlan-interface30
vrrp vrid 10 virtual-ip 192.0.30.254
vrrp vrid 10 priority 120
#
interface Vlan-interface40
vrrp vrid 10 virtual-ip 192.0.40.254
vrrp vrid 10 priority 120
View and configure: view on S1
QoS deployment
Due to the limited bandwidth of the WAN between the headquarters and the branch, in order to ensure key applications, it is necessary to configure QoS on the device so that the DNS data packets (UDP , port 53) can be accelerated forwarding (EF), the maximum bandwidth is 10% of the link bandwidth, the parameters configured are as follows:
- ACL number 3030 (matching DNS packets), and its rule ID is 10
- The classifier name is DNS
- The behavior name is DNS
- QOS policy name is DNS
R3
acl advanced 3030
rule 10 permit tcp source 192.0.50.0 0.0.0.255 destination 192.0.30.0 0.0.0.255 destination-port eq 53#
traffic classifier DNS operator and
if-match acl 3030
#
traffic behavior DNS
queue ef bandwidth pct 10 #accelerated forwarding (EF), the maximum bandwidth is 10% of the link bandwidth
#
qos policy DNS
classifier DNS behavior DNS#
int ran s1/0 s2/0 #Enter s1/0 s2/0 at the same time
qos apply policy DNS outbound #Invoke the qos policy of DNS in the outbound direction