Principle Analysis: VRRP provides services to end users in the form of virtual routers, And the vrouters responsible for data forwarding are elected by a group of vrouters running VRRP Protocol, so as to implement layer-3 gateway backup.
Multiple groups of VRRP groups are provided under the same VLAN Virtual Interface. Different VRRP selects different routers or layer-3 switches as the Master nodes to implement mutual backup. At the same time, different Virtual IP addresses are set as gateway addresses for the host in the VLAN to achieve load balancing.
Once the primary router is unavailable, this selection process provides a dynamic failover mechanism, which automatically switches to the Standby Router to ensure smooth connection. The advantage of using VRRP is higher availability of default paths without configuring dynamic routing or routing discovery protocols on each terminal host.
Network Topology:
650) this. width = 650; "border =" 0 "alt =" "width =" 616 "height =" 384 "src =" http://www.bkjia.com/uploads/allimg/131227/025354DH-0.jpg "/>
Project requirements: layer-3 switches of Huawei s5328c at the business layer and uplink 8508 are interconnected through OSPF to achieve VRRP redundancy and Hot Standby interconnection with Server Load balancer and the firewalls below.
Configuration process:
Configuration HX-S5328-A on the HX-S5328-B is similar)
#
Vlan batch 10 20 50 60 (create VLANs in batches)
#
Interface Vlanif10
Description Link_to_HX-S5328-B-GE0/0/24
Ip address 172.29.141.5 255.255.255.252
Ospf cost 1000
Ospf authentication-mode md5 10 cipher *******************
Ospf network-type p2p
Ospf timer hello 3
#
Interface Vlanif20
Description Link_to_E1000-A-GE0/0/0
Ip address 172.29.141.9 255.255.255.248
Vrrp vrid 20 virtual-ip 172.29.141.11 add virtual ip address)
Vrrp vrid 20 priority 150 sets the backup Group priority)
Vrrp vrid 20 preempt-mode sets the preemption mode)
Vrrp vrid 20 track interface GigabitEthernet0/0/18 reduced 60 sets monitoring for a specified interface)
#
Interface Vlanif50
Description Link_to_radware4016
Ip address 172.29.141.253 255.255.255.128
Vrrp vrid 50 virtual-ip 172.29.141.254
Vrrp vrid 50 priority 150
Vrrp vrid 20 preempt-mode
Vrrp vrid 20 track interface GigabitEthernet0/24/60 reduced 60
#
Interface Vlanif60
Description Link_to_S8508-1-G9/1/12
Ip address 172.29.252.2 255.255.255.252
Ospf authentication-mode md5 1 cipher *********************
Ospf network-type p2p
Ospf timer hello 3
Note: The VRRP virtual routing group is set up above)
#
Ospf 100
Import-route direct introduces direct connection routing in OSPF, similar to the Cisco redistribute command)
Area 20
Authentication-mode md5
Network 172.29.252.0 0.0.3
Network 172.29.141.4 0.0.3
Network 172.29.141.1 0.0.0.0
#
Ip route-static 0.0.0.0 0.0.0.0 172.29.252.1 (connect to 8508)
Ip route-static 172.29.141.64 255.255.255.192 172.29.141.14 connect to the firewall area)
#
Interface GigabitEthernet0/0/1
Description Link_to_S8508-1-G9/1/12
Port link-type access
Port default vlan 60
Ndp enable
Bpdu enable
Undo negotiation auto
#
Interface GigabitEthernet0/0/2
Description Link_to_radware1-G1
Port link-type access
Port default vlan 50
Ndp enable
Bpdu enable
#
Interface GigabitEthernet0/0/18
Description Link_to_E1000-A-GE0/0/0
Port link-type access
Port default vlan 20
Ndp enable
Bpdu enable
Note: Port interconnection between devices)
#
Interface Eth-Trunk1
Port link-type trunk
Undo port trunk allow-pass vlan 1
Port trunk allow-pass vlan 10 20 50
Bpdu enable
#
Interface GigabitEthernet0/0/22
Description Link_to_S5328-A_S5328-B
Eth-trunk 1
Undo ntdp enable
Undo ndp enable
#
Interface GigabitEthernet0/0/23
Description Link_to_S5328-A_S5328-B
Eth-trunk 1
Undo ntdp enable
Undo ndp enable
#
Interface GigabitEthernet0/0/24
Description Link_to_S5328-A_S5328-B
Eth-trunk 1
Undo ntdp enable
Undo ndp enable
(Note: bind the three ports as links and allow ports 10, 20, and 50 to pass through)
Conclusion: VRRP has many similarities with cisco hsrp. We can flexibly apply these two protocols to solve problems in specific project practices. Relatively speaking, HSRP is a private protocol, while VRRP is an open protocol. VRRP greatly improves network performance and stability, and has good application value.
This article is from the "dripping water and stone" blog and will not be reposted!