企业网-VRRP实现网关冗余2021-10-07

2021-10-07 11:59:37 阅读：206 来源： 互联网

标签：10 网关 07 8.8 vlan 172.16 SW1 SW2 config

企业网-VRRP实现网关冗余

实验作业：

原在mac gns3 IOU 配置拓扑结果如下所示：

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-Ifinlkcm-1633578878183)(/Users/aron/Pictures/gns3 iou.png)]

配置IP地址并测试连通性！

R1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#int lo1
R1(config-if)#ip add 8
*Oct  5 15:50:37.766: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to up
R1(config-if)#ip add 8.8.8.8 255.255.255.255
R1(config-if)#no sh
R1(config-if)#int e0/0
R1(config-if)#ip add 11.1.1.1 255.255.255.0
R1(config-if)#no sh
R1(config-if)#int e0/1
R1(config-if)#ip add 12.1.1.1 255.255.255.0
R1(config-if)#no sh
R1(config-if)#end

R1#show ip int br
Interface                  IP-Address      OK? Method Status                Protocol
Ethernet0/0                11.1.1.1        YES manual up                    up      
Ethernet0/1                12.1.1.1        YES manual up                    up      
Ethernet0/2                unassigned      YES NVRAM  administratively down down    
Ethernet0/3                unassigned      YES NVRAM  administratively down down    
Ethernet1/0                unassigned      YES NVRAM  administratively down down    
Ethernet1/1                unassigned      YES NVRAM  administratively down down    
Ethernet1/2                unassigned      YES NVRAM  administratively down down    
Ethernet1/3                unassigned      YES NVRAM  administratively down down    
Serial2/0                  unassigned      YES NVRAM  administratively down down    
Serial2/1                  unassigned      YES NVRAM  administratively down down    
Serial2/2                  unassigned      YES NVRAM  administratively down down    
Serial2/3                  unassigned      YES NVRAM  administratively down down    
Serial3/0                  unassigned      YES NVRAM  administratively down down    
Serial3/1                  unassigned      YES NVRAM  administratively down down    
Serial3/2                  unassigned      YES NVRAM  administratively down down    
Serial3/3                  unassigned      YES NVRAM  administratively down down    
Loopback1                  8.8.8.8         YES manual up                    up      
R1#
R1#

SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#int e0/2
SW1(config-if)#no switchport 
SW1(config-if)#ip add 11.1.1.2 255.255.255.0
SW1(config-if)#no sh
SW1(config-if)#exit
SW1(config)#exit


SW2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW2(config)#int e0/2
SW2(config-if)#no switchport 
SW2(config-if)#ip add 12.1.1.2 255.255.255.0



配置vlan：
SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#vtp mode server
Device mode already VTP Server for VLANS.
SW1(config)#vtp domain PL
SW1(config)#vtp password cisco
Setting device VTP password to cisco
SW1(config)#vlan 10
SW1(config-vlan)#name vlan_10
SW1(config-vlan)#exit
SW1(config)#vlan 20
SW1(config-vlan)#name vlan_20
SW1(config-vlan)#end

SW1#show vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Et0/3, Et1/0, Et1/1, Et1/2
                                                Et1/3, Et2/0, Et2/1, Et2/2
                                                Et2/3, Et3/0, Et3/1, Et3/2
                                                Et3/3
10   vlan_10                          active    
20   vlan_20                          active 

SW2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW2(config)#vtp mode client 
Setting device to VTP Client mode for VLANS.
SW2(config)#vtp domain PL
Domain name already set to PL.
SW2(config)#vtp password cisco
Setting device VTP password to cisco
SW2(config)#end 
SW2#
*Oct  5 15:56:41.155: %SYS-5-CONFIG_I: Configured from console by console
SW2#show vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Et0/3, Et1/0, Et1/1, Et1/2
                                                Et1/3, Et2/0, Et2/1, Et2/2
                                                Et2/3, Et3/0, Et3/1, Et3/2
                                                Et3/3
10   vlan_10                          active    
20   vlan_20                          active   

SW3#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW3(config)#vtp mode client 
Setting device to VTP Client mode for VLANS.
SW3(config)#vtp domain PL
Changing VTP domain name from NULL to PL
SW3(config)#vtp password cisco
Setting device VTP password to cisco
SW3(config)#end
SW3#show vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Et0/0, Et0/3, Et1/0, Et1/1
                                                Et1/2, Et1/3, Et2/0, Et2/1
                                                Et2/2, Et2/3, Et3/0, Et3/1
                                                Et3/2, Et3/3
10   vlan_10                          active    
20   vlan_20                          active 

 
 SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#int vlan 10
SW1(config-if)#ip add 172.16.10.251 255.255.255.0
SW1(config-if)#no sh
SW1(config-if)#int vlan 20
SW1(config-if)#ip add 172.16.20.251 255.255.255.0
SW1(config-if)#no sh
SW1(config-if)#end

SW2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW2(config)#int vlan 10
SW2(config-if)#no sh
SW2(config-if)#ip add 172.16.10.252 255.255.255.0
SW2(config-if)#no sh
SW2(config-if)#int vlan 20
SW2(config-if)#ip add 172.16.20.252 255.255.255.0
SW2(config-if)#no sh

1、配置SW1、SW2、SW3之间的Trunk链路；

配置trunk链路：

SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#int range e0/0 - 1
SW1(config-if-range)#switchport trunk encapsulation dot1q 
SW1(config-if-range)#switchport mode trunk 
SW1(config-if-range)#

SW2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW2(config)#int range e0/0 - 1
SW2(config-if-range)#switchport trunk encapsulation dot1q 
SW2(config-if-range)#switchport mode trunk 
SW2(config-if-range)#

SW3#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW3(config)#int range e0/1 - 2
SW3(config-if-range)#switchport trunk encapsulation dot1q 
SW3(config-if-range)#switchport mode trunk 
SW3(config-if-range)#

2、配置SW1、SW2、R1之间的OSPF协议，要求SW1和SW2能够PING通8.8.8.8；

配置OSPF：

R1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#router ospf 100
R1(config-router)#router-id 1.1.1.1
R1(config-router)#network 8.8.8.8 0.0.0.0 area 0
R1(config-router)#network 11.1.1.0 0.0.0.255 area 0
R1(config-router)#network 12.1.1.0 0.0.0.255 area 0
R1(config-router)#


SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config-if)#int e0/2
SW1(config-if)#no switchport
SW1(config-if)#ip add 11.1.1.2 255.255.255.0
SW1(config-if)#router ospf 100
SW1(config-router)#router-id 2.2.2.2
SW1(config-router)# network 11.1.1.0 0.0.0.255 area 0
SW1(config-router)# network 172.16.10.0 0.0.0.255 area 0
SW1(config-router)# network 172.16.20.0 0.0.0.255 area 0
SW1(config-router)#end
SW1#show ip route
SW1#ping 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
SW1#




SW2(config-if-range)#int e0/2
SW2(config-if)#no switchport 
SW2(config-if)#ip add 12.1.1.2 255.255.255.0
SW2(config-if)#router ospf 100
SW2(config-router)#router-id 3.3.3.3
SW2(config-router)#network 12.1.1.0 0.0.0.255 area 0
SW2(config-router)#network 172.16.10.0 0.0.0.255 area 0
SW2(config-router)#network 172.16.20.0 0.0.0.255 area 0
SW2(config-router)#end


SW2#show ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      8.0.0.0/32 is subnetted, 1 subnets
O        8.8.8.8 [110/11] via 12.1.1.1, 00:00:23, Ethernet0/2
      11.0.0.0/24 is subnetted, 1 subnets
O        11.1.1.0 [110/11] via 172.16.10.251, 00:00:01, Vlan10
SW2#ping 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
SW2#

3、SW1和SW2之间配置VRRP协议，根据拓扑要求设置虚拟网关地址；

配置vlan 10的vrrp协议：
SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#int vlan 10
SW1(config-if)#vrrp 10 ip 172.16.10.254
SW1(config-if)#vrrp 10 priority 200  
SW1(config-if)#vrrp 10 preempt 
SW1(config-if)#vrrp 10 track 1 decrement 150
SW1(config-if)#exit
SW1(config)#track 1 interface e0/0 line-protocol           
SW1(config-track)#exit

SW2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW2(config)#int vlan 10
SW2(config-if)#vrrp 10 ip 172.16.10.254
SW2(config-if)#vrrp 10 priority 150
SW2(config-if)#vrrp 10 preempt 
SW2(config-if)#vrrp 10 track 1 decrement 150
SW2(config-if)#exit
SW2(config)#track 1 interface e0/0 line-protocol 
SW2(config-track)#end


配置vlan 20 的vrrp协议：
SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#int vlan 20
SW1(config-if)#vrrp 20 ip 172.16.20.254           
SW1(config-if)#vrrp 20 priority 150
SW1(config-if)#vrrp 20 preempt 
SW1(config-if)#vrrp 20 track 1 decrement 150
SW1(config-if)#end
SW1#
*Oct  5 16:12:59.012: %SYS-5-CONFIG_I: Configured from console by console
SW1#show vrrp br
Interface          Grp Pri Time  Own Pre State   Master addr     Group addr
Vl10               10  200 3218       Y  Master  172.16.10.251   172.16.10.254  
Vl20               20  150 3414       Y  Backup  172.16.20.252   172.16.20.254  
SW1#

SW2#conf t 
Enter configuration commands, one per line.  End with CNTL/Z.
SW2(config)#int vlan 20
SW2(config-if)#vrrp 20 ip 172.16.20.254
SW2(config-if)#vrrp 20 priority 200
SW2(config-if)#vrrp 20 preempt 
SW2(config-if)#vrrp 20 track 1 decrement 150
SW2(config-if)#end
SW2#
*Oct  5 16:13:52.343: %SYS-5-CONFIG_I: Configured from console by console
SW2#show vrrp br
Interface          Grp Pri Time  Own Pre State   Master addr     Group addr
Vl10               10  150 3414       Y  Backup  172.16.10.251   172.16.10.254  
Vl20               20  200 3218       Y  Master  172.16.20.252   172.16.20.254  
SW2#

4、为PC1和PC2配置所在网段的ip地址例如172.16.10.1和172.16.20.1；根据VRRP配置设置默认网关；

SW3上划分接口所属的vlan
SW3#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW3(config)#int e1/1
SW3(config-if)#switchport access vlan 10
SW3(config-if)#no sh
SW3(config-if)#int e1/2
SW3(config-if)#switchport access vlan 20
SW3(config-if)#no sh
SW3(config-if)#

配置所在网段的ip地址例如172.16.10.1和172.16.20.1；根据VRRP配置设置默认网关；
PC1> ip 172.16.10.1 255.255.255.0 172.16.10.251 
Checking for duplicate address...
PC1 : 172.16.10.1 255.255.255.0 gateway 172.16.10.251

PC1> ping 8.8.8.8

84 bytes from 8.8.8.8 icmp_seq=1 ttl=254 time=1.526 ms
84 bytes from 8.8.8.8 icmp_seq=2 ttl=254 time=2.081 ms
84 bytes from 8.8.8.8 icmp_seq=3 ttl=254 time=1.675 ms
84 bytes from 8.8.8.8 icmp_seq=4 ttl=254 time=2.581 ms
p84 bytes from 8.8.8.8 icmp_seq=5 ttl=254 time=2.422 ms
^H^H^H^H
PC1> ping 172.16.10.254

84 bytes from 172.16.10.254 icmp_seq=1 ttl=255 time=1.414 ms
84 bytes from 172.16.10.254 icmp_seq=2 ttl=255 time=1.616 ms
84 bytes from 172.16.10.254 icmp_seq=3 ttl=255 time=1.109 ms
84 bytes from 172.16.10.254 icmp_seq=4 ttl=255 time=1.171 ms
84 bytes from 172.16.10.254 icmp_seq=5 ttl=255 time=1.245 ms

PC1> ip 172.16.10.1 255.255.255.0 172.16.10.254 
Checking for duplicate address...
PC1 : 172.16.10.1 255.255.255.0 gateway 172.16.10.254

PC1> ping 8.8.8.8

84 bytes from 8.8.8.8 icmp_seq=1 ttl=254 time=3.428 ms
84 bytes from 8.8.8.8 icmp_seq=2 ttl=254 time=2.933 ms
84 bytes from 8.8.8.8 icmp_seq=3 ttl=254 time=3.495 ms
84 bytes from 8.8.8.8 icmp_seq=4 ttl=254 time=3.497 ms
84 bytes from 8.8.8.8 icmp_seq=5 ttl=254 time=3.075 ms

PC1> ping 172.16.10.254                        

84 bytes from 172.16.10.254 icmp_seq=1 ttl=255 time=1.613 ms
84 bytes from 172.16.10.254 icmp_seq=2 ttl=255 time=1.874 ms
84 bytes from 172.16.10.254 icmp_seq=3 ttl=255 time=0.885 ms
84 bytes from 172.16.10.254 icmp_seq=4 ttl=255 time=1.237 ms
84 bytes from 172.16.10.254 icmp_seq=5 ttl=255 time=1.666 ms


PC2> ip 172.16.20.1 255.255.255.0 172.16.20.254
Checking for duplicate address...
PC2 : 172.16.20.1 255.255.255.0 gateway 172.16.20.254

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-Sk9ttcD8-1633578878184)(/Users/aron/Library/Application Support/typora-user-images/image-20211006002708943.png)]

实验时会出现一些错误：

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-jA8BXR7Z-1633578878185)(/Users/aron/Library/Application Support/typora-user-images/image-20211004235011133.png)]

5、通过关闭SW1或SW2交换机，验证网关冗余切换效果。

查看切换的冗余效果：

show vrrp br

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-FwA9olti-1633578878186)(/Users/aron/Library/Application Support/typora-user-images/image-20211006001606577.png)]

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-jIoMrhEu-1633578878187)(/Users/aron/Library/Application Support/typora-user-images/image-20211006002501293.png)]

---------

【作业要求】
1、用GNS3搭建拓扑，并根据要求完成项目；
2、将整个GNS3项目文件打包为压缩包，并以附件上传，压缩包的名称规范为“姓名-VRRP综合实验”。

编写实验报告，将整个作业过程中的涉及的步骤、效果、思路等整理为Word或PDF或PPT文档并上传，文档名称为"姓名-作业名称"。*

标签：10,网关,07,8.8,vlan,172.16,SW1,SW2,config
来源： https://blog.csdn.net/m0_47210241/article/details/120634496

本站声明： 1. iCode9 技术分享网（下文简称本站）提供的所有内容，仅供技术学习、探讨和分享；
2. 关于本站的所有留言、评论、转载及引用，纯属内容发起人的个人观点，与本站观点和立场无关；
3. 关于本站的所有言论和文字，纯属内容发起人的个人观点，与本站观点和立场无关；
4. 本站文章均是网友提供，不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属；如您发现该文章侵犯了您的权益，可联系我们第一时间进行删除；
5. 本站为非盈利性的个人网站，所有内容不会用来进行牟利，也不会利用任何形式的广告来间接获益，纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。

ICode9

企业网-VRRP实现网关冗余2021-10-07