High Availability of Enterprise LAN with Redundancy

High Availability of Enterprise LAN with Redundancy

I. Basic Knowledge:

With the rapid development of the Internet, network-based applications are gradually increasing. This puts forward higher and higher requirements on network reliability. Updating all network devices is of course a good reliability solution. However, we can adopt the idea of cheap redundancy to protect existing investment, find a balance between reliability and economics.

<1> port aggregation:

Port aggregation aggregates multiple ports to form an aggregation group. The inbound/outbound load is shared among all member ports in the aggregation group, it also provides higher connection reliability.

Port aggregation classification: A port aggregation group can be divided into load-sharing aggregation groups and non-load-sharing aggregation groups.

In a port aggregation group, the smallest port number is the primary port, and the others are the member ports. The link type of the member ports in the same aggregation group is consistent with that of the master port. That is, if the master port is a Trunk port, the member port is also a Trunk port; if the link type of the master port is changed to Access port, the link type of the member port is also changed to Access port;

<2> vro redundancy:

VRRP is a fault tolerance protocol. It combines several routing devices into a virtual routing device and uses a certain mechanism to ensure that when the next hop device of the host fails, services can be switched to other devices in a timely manner to maintain communication continuity and reliability.

Advantages of VRRP: Default routes with higher reliability can be obtained without changing the network conditions or configuring any dynamic routing or routing discovery protocols on the host.

VRRP routers and virtual Routers: VRRP routers are vrouters that run VRRP, physical entities, and virtual routers are created by VRRP protocol and logical concepts. A group of VRRP routers work together to form a virtual router. The vro acts as a logical router with a unique fixed IP address and MAC address.

Working principle of VRRP: VRRP combines a group of routers in the LAN into a backup group, which is equivalent to a virtual router. The host in the LAN only needs to know the IP address of the vro, and does not need to know the IP address of a specific device. Set the default gateway of the host in the network to the IP address of the vro, the host can use the virtual gateway to communicate with the external network.

<3> Spanning Tree Protocol:

The Spanning Tree Protocol (Spanning Tree) is a layer-2 management protocol that selectively blocks redundant network links to eliminate L2 loops. It also supports link backup.

The Spanning Tree Protocol has two main functions: one is to use the Spanning Tree Algorithm and the other is to create a spanning tree based on a port of a vswitch In the Ethernet network to avoid loops. Second, convergence protection is achieved through the Spanning Tree Protocol when the Ethernet network topology changes.

<4> calculation process of the Spanning Tree Algorithm:

1. Root. First, select the algorithm. The root is the minimum bridge-id;

2. In each non-root switch, find the nearest root port with the minimum overhead), it is the root port.

A) Select the root Port Based on the cost;

B) when the cost is the same, it is selected through the bridge-id priority or mac, and the size should be the root;

C) when the bridge-id is the same, compare the port id) the port id includes the port number and port priority]

3. One line connection interface in each CIDR Block) specifies the port BP, and the port connected to the root port is the specified port.

A) according to the cost

B) According to the bridge-id

4. Find the blocked Port

<5> port status:

FWD: Forwarding status;

BLK: Blocking status;

LRN: learning status;

LIS: Listener status;

Ii. Case 1

1. Experiment description:

A company uses the networks provided by two ISP carriers to connect to the Internet. To achieve high availability of the company's Lan, port aggregation and VRRP technology are used, in addition, our users can access the Internet and perform business operations normally.

2. Experiment topology:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-26931 "border =" 0 "alt =" wps_clip_image-26931 "src =" http://img1.51cto.com/attachment/201208/16/5251990_1345134977gzG6.png "height =" 416 "/>

3. experiment environment:

Two S2000 series Huawei switches)

Two Huawei routers (R2621 Series)

4 PCs

4. Lab requirements:

Implement inter-vlan communication;

To achieve high router utilization, set different roles of the router in each VRRP group;

The two vswitches use port combinations for communication;

5. Experiment steps:

<1> SW 1 switch Configuration:

1) vlan Division:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-13812 "border =" 0 "alt =" wps_clip_image-13812 "src =" http://img1.51cto.com/attachment/201208/16/5251990_1345134977pcAl.png "height =" 149 "/>

2) configure the trunk link:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-13220 "border =" 0 "alt =" wps_clip_image-13220 "src =" http://www.bkjia.com/uploads/allimg/131227/0146093b3-2.png "height =" 96 "/>

3) Configure port aggregation:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-19561 "border =" 0 "alt =" wps_clip_image-19561 "src =" http://www.bkjia.com/uploads/allimg/131227/01460a055-3.png "height =" 291 "/>

<2> SW2 Switch configuration

1) vlan Division:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-21388 "border =" 0 "alt =" wps_clip_image-21388 "src =" http://www.bkjia.com/uploads/allimg/131227/01460a0E-4.png "height =" 190 "/>

2) set the trunk link:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-29952 "border =" 0 "alt =" wps_clip_image-29952 "src =" http://www.bkjia.com/uploads/allimg/131227/0146095V4-5.png "height =" 116 "/>

3) Configure port aggregation:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-10877 "border =" 0 "alt =" wps_clip_image-10877 "src =" http://www.bkjia.com/uploads/allimg/131227/0146095O7-6.png "height =" 326 "/>

<3> R1 router configuration:

1) configure the Ethernet sub-interface:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-16680 "border =" 0 "alt =" wps_clip_image-16680 "src =" http://www.bkjia.com/uploads/allimg/131227/0146092613-7.png "height =" 208 "/>

2) Configure vrrp:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-2476 "border =" 0 "alt =" wps_clip_image-2476 "src =" http://www.bkjia.com/uploads/allimg/131227/01460935C-8.png "height =" 240 "/>

<4> R2 router configuration:

1) configure the Ethernet sub-interface:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-13506 "border =" 0 "alt =" wps_clip_image-13506 "src =" http://www.bkjia.com/uploads/allimg/131227/0146095S4-9.png "height =" 200 "/>

2) Configure vrrp:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-26381 "border =" 0 "alt =" wps_clip_image-26381 "src =" http://www.bkjia.com/uploads/allimg/131227/01460934K-10.png "height =" 244 "/>

6. Verification test:

<1> under normal circumstances

1) VLAN10 PC 1 Host ping VLAN20 PC 4 HOST:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-12601 "border =" 0 "alt =" wps_clip_image-12601 "src =" http://www.bkjia.com/uploads/allimg/131227/0146092394-11.png "height =" 223 "/>

2) view the link path:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-31866 "border =" 0 "alt =" wps_clip_image-31866 "src =" http://www.bkjia.com/uploads/allimg/131227/01460a0J-12.png "height =" 144 "/>

3) Check the VRRP status of R1:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-30360 "border =" 0 "alt =" wps_clip_image-30360 "src =" http://www.bkjia.com/uploads/allimg/131227/01460a3F-13.png "height =" 321 "/>

4) Check the VRRP status of R2:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-10504 "border =" 0 "alt =" wps_clip_image-10504 "src =" http://www.bkjia.com/uploads/allimg/131227/0146093431-14.png "height =" 321 "/>

<2> after the R1 link is disconnected:

1) VLAN10 PC 1 Host ping VLAN20 PC 4 HOST:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-21007 "border =" 0 "alt =" wps_clip_image-21007 "src =" http://www.bkjia.com/uploads/allimg/131227/01460941D-15.png "height =" 221 "/>

2) view the link path:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-28137 "border =" 0 "alt =" wps_clip_image-28137 "src =" http://www.bkjia.com/uploads/allimg/131227/014609C00-16.png "height =" 143 "/>

3) Check the VRRP status of R2:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-3515 "border =" 0 "alt =" wps_clip_image-3515 "src =" http://www.bkjia.com/uploads/allimg/131227/0146094455-17.png "height =" 315 "/>

<3> after the R2 link is disconnected:

1) VLAN10 PC 1 Host ping VLAN20 PC 4 HOST:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-27543 "border =" 0 "alt =" wps_clip_image-27543 "src =" http://www.bkjia.com/uploads/allimg/131227/0146094a8-18.png "height =" 218 "/>

2) view the link path:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-5049 "border =" 0 "alt =" wps_clip_image-5049 "src =" http://www.bkjia.com/uploads/allimg/131227/01460930V-19.png "height =" 144 "/>

3) Check the VRRP status of R1:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-10524 "border =" 0 "alt =" wps_clip_image-10524 "src =" http://www.bkjia.com/uploads/allimg/131227/0146092L3-20.png "height =" 325 "/>

Iii. Case 1

1. Experiment description:

A company uses the networks provided by two ISP carriers to connect to the Internet. To achieve high availability of the company's Lan, the Spanning Tree and VRRP technology are used, in addition, our users can access the Internet and perform business operations normally.

2. Experiment topology:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-1740 "border =" 0 "alt =" wps_clip_image-1740 "src =" http://www.bkjia.com/uploads/allimg/131227/0146092495-21.png "height =" 404 "/>

3. experiment environment:

Xiaofan simulator;

2 Cisco routers, 3640)

Two CISCO switches, 3640)

Two PCs are simulated using two routers)

4. Lab requirements:

Implement inter-vlan communication;

To achieve high router utilization, set different roles of the router in each VRRP group;

The two vswitches use port combinations for communication;

5. Experiment steps:

1) Configure R1:

Router (config) # int eth 0/0. 10! Enter the Ethernet Sub-interface

Router (config-subif) # encapsulation dot1Q 10! Encapsulation Protocol and vlan Division

Router (config-subif) # ip add 192.168.10.1 255.255.255.0! Configure the sub-interface ip Address

Router (config-subif) # standby 10 ip address 192.168.10.254! Configure virtual ip

Router (config-subif) # standby 10 priority 120! Configure the priority of vrrp group 10

Router (config-subif) # standby 10 preempt! Set to preemption Mode

Router (config-subif) # exit

Router (config) # int eth 0/0. 20

Router (config-subif) # encapsulation dot1Q 20! Encapsulation Protocol and vlan Division

Router (config-subif) # ip add 192.168.20.1 255.255.255.0! Configure the sub-interface ip Address

Router (config-subif) # standby 20 ip address 192.168.255.254! Configure virtual ip

Router (config-subif) # exit

Router (config )#

2) Configure R2:

Router (config) # int eth 0/0. 10

Router (config-subif) # encapsulation dot1Q 10! Encapsulation Protocol and vlan Division

Router (config-subif) # ip add 192.168.10.2 255.255.255.0! Configure the sub-interface ip Address

Router (config-subif) # standby 10 ip address 192.168.10.254! Configure virtual ip

Router (config-subif) # exit

Router (config) # int eth 0/0. 20

Router (config-subif) # encapsulation dot1Q 20! Encapsulation Protocol and vlan Division

Router (config-subif) # ip add 192.168.20.2 255.255.255.0! Configure the sub-interface ip Address

Router (config-subif) # standby 20 ip address 192.168.255.254! Configure virtual ip

Router (config-subif) # standby 20 priority 120! Configure vrrp group 20 priority

Router (config-subif) # standby 20 preempt! Set to preemption Mode

Router (config-subif) # exit

Router (config )#

Router (config )#

3) Configure SW1:

Router # conf t

Enter configuration commands, one per line. End with CNTL/Z.

Router (config )#

Router (config )#

Router (config) # no ip routing! Disable Routing

Router (config )#

Router (config) # exit

Router # vlan database! Access the vlan Database

Router (vlan) # vlan 10! Create vlan10

VLAN 10 added:

Name: VLAN0010

Router (vlan) # vlan 20! Create vlan20

VLAN 20 added:

Name: VLAN0020

Router (vlan) # exit

APPLY completed.

Exiting ....

Router # confi t

Enter configuration commands, one per line. End with CNTL/Z.

Router (config) # int range f0/6-10

Router (config-if-range) # switchport access vlan 10! Divide interfaces into vlan10

Router (config-if-range) # exit

Router (config) # int range f0/11-15

Router (config-if-range) # switchport access vlan 20! Divide interfaces into vlan20

Router (config-if-range) # exit

Router (config )#

Router (config) # int fa0/0

Router (config-if) # switchport mode trunk! Set to trunk Port

Router (config-if) # exit

Router (config )#

Router (config) # int fa0/1

Router (config-if) # switchport mode trunk! Set to trunk Port

Router (config-if) # channel-group 1 mode on! Add a port to aggregation Group 1

Creating a port-channel interface Port-channel1

Router (config-if) # exit

Router (config) # int fa0/2

Router (config-if) # switchport mode trunk

Router (config-if) # channel-group 1 mode on! Add a port to aggregation Group 1

Router (config-if) # exit

4) Configure SW2:

Router # conf t

Enter configuration commands, one per line. End with CNTL/Z.

Router (config) # no ip routing

Router (config )#

Router (config) # exit

Router # vlan database! Access the vlan Database

Router (vlan) # vlan 10! Create vlan10

VLAN 10 added:

Name: VLAN0010

Router (vlan) # vlan 20! Create vlan20

VLAN 20 added:

Name: VLAN0020

Router (vlan) # exit

APPLY completed.

Exiting ....

Router # confi t

Enter configuration commands, one per line. End with CNTL/Z.

Router (config) # int range f0/6-10

Router (config-if-range) # switchport access vlan 10! Divide interfaces into vlan10

Router (config-if-range) # exit

Router (config) # int range f0/11-15

Router (config-if-range) # switchport access vlan 20! Divide interfaces into vlan20

Router (config-if-range) # exit

Router (config )#

Router (config) # int fa0/0

Router (config-if) # switchport mode trunk! Set to trunk Port

Router (config-if) # exit

Router (config )#

Router (config) # int fa0/1

Router (config-if) # switchport mode trunk! Set to trunk Port

Router (config-if) # channel-group 1 mode on! Add a port to aggregation Group 1

Creating a port-channel interface Port-channel1

Router (config-if) # exit

Router (config) # int fa0/2

Router (config-if) # switchport mode trunk! Add a port to aggregation Group 1

Router (config-if) # channel-group 1 mode on

Router (config-if )#

6. Verification test:

1) connectivity test between PC1 and PC4:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-26934 "border =" 0 "alt =" wps_clip_image-26934 "src =" http://www.bkjia.com/uploads/allimg/131227/0146091218-22.png "height =" 87 "/>

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-24561 "border =" 0 "alt =" wps_clip_image-24561 "src =" http://www.bkjia.com/uploads/allimg/131227/0146093564-23.png "height =" 104 "/>

2) communication path between PC1 and PC4:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-31084 "border =" 0 "alt =" wps_clip_image-31084 "src =" http://www.bkjia.com/uploads/allimg/131227/0146096256-24.png "height =" 152 "/>

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-10856 "border =" 0 "alt =" wps_clip_image-10856 "src =" http://www.bkjia.com/uploads/allimg/131227/0146095020-25.png "height =" 148 "/>

3) When R1 fails:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-31702 "border =" 0 "alt =" wps_clip_image-31702 "src =" http://www.bkjia.com/uploads/allimg/131227/01460954A-26.png "height =" 153 "/>

4) When R2 fails:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" wps_clip_image-1111 "border =" 0 "alt =" wps_clip_image-1111 "src =" http://www.bkjia.com/uploads/allimg/131227/0146091A1-27.png "height =" 171 "/>

Iv. Experiment summary:

Make sure to set the switchport mode of aggregatePort to the trunk mode. Otherwise, the default mode is access.

We can achieve Load Balancing when we run the data, but we cannot do it when we run the data, so we configure the routing priority.

This article is from the "cexpert" blog, please be sure to keep this source http://cexpert.blog.51cto.com/5251990/965287