How to use Huawei switches to implement DHCP + VRRP + MSTP (actual case) I. Topology Description: This is a topology of a real project, but lacks some security devices, however, it is sufficient for us to use a simulator to implement its important functions. The project uses HuaWei AR2240 as the core route, two HuaWei S9300 as the core switch, and the other is the access switch. The specific configuration is as follows. II. Specific configuration 1. Core route configuration <HXR> dis cu # sysname HXR # undo info-center enable # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default_admin local-user admin password cipher Fq2 | @ at % N! AjUn1vMEIBN #7 # local-user admin service-type http # firewall zone Local priority 16 # interface Ethernet0/0/0 ip address 202.102.224.4 255.255.255.0 # simulate public ip address # interface Ethernet0/0/1 description WAN # interface Serial0/0/0 link-protocol ppp # interface Serial0/0/1 link-protocol ppp # interface Serial0/0/2 link-protocol ppp # interface Serial0/0/3 link-protocol ppp # interface GigabitEthernet0/0/0 # interface GigabitEthernet0/0/0 # connect to HXA ip address 10.0.0.1 255.255.255.0 # interface GigabitEthernet0/0 ### connect to HXB ip address 10.0.1.1 255.255.0 # interface GigabitEthernet0/0/1 # wlan # interface NULL0 route-static 172.16.2.0 route 255.255.0 10.0.0.2 # return route ip route-static 172.16.2.0 route 255.255.0 10.0.1.2 # return route # user-interface con 0user-interface vty 0 4user-interface vty 16 20 # return <HXR> 2, HXA (configuration of core switch) HXA> dis cu # sysname HXA # undo info-center enable # vlan batch 2 to 5 100 # stp instance 0 root primary # MSTP configuration stp instance 1 root secondary # MSTP configuration # cluster enablentdp enablendp enable # drop illegal-mac alarm # dhcp enable # dhcp server database enable # diffserv domain default # stp region-configuration # MSTP configuration instance 1 vlan 4 to 5 active region-configuration # drop-profile default # vlan 100 description hulian # DHCP configuration ip pool vlan2 gateway-list 172.16.2.1 network 172.16.2.0 mask 255.255.255.0 excluded-ip-address 172.16.2.254 # ip pool vlan3 gateway- list multicast network 172.16.3.0 mask 255.255.255.0 excluded-ip-address provided # ip pool vlan4 gateway-list 172.16.4.1 network 172.16.4.0 mask 255.255.255.0 excluded-ip-address provided # ip pool vlan5 gateway-list 172.16.5.1 network bandwidth mask authorization 255.255.0 excluded-ip-address 172.16.5.254 # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default_admin local-user admin password simple admin local-user admin service-type http # interface Vlanif1 # interface Vlanif2 ip address 255.255.255.255.0 vrrp vrid 1 virtual-ip 172.16.2.1 vrrp vrid 1 priority 200 dhcp select global # interface Vlanif3 ip address 255.255.255.255.0 vrrp vrid 2 virtual-ip 172.16.3.1 vrrp vrid 2 priority 200 dhcp select global # interface Vlanif4 ip address 255.255.255.255.0 vrrp vrid 3 virtual-ip 172.16.4.1 dhcp select global # interface Vlanif5 ip address 255.255.255.255.0 vrrp vrid 4 virtual-ip 172.16.5.1 dhcp select global # interface Vlanif100 # Two-core heartbeat VLAN ip address 10.0.0.2 255.255.255.0 # interface MEth0/0/1 # interface Eth-Trunk0 # create a port aggregation port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface GigabitEthernet0/0/1 port link-type access port default vlan 100 # interface GigabitEthernet0/0/2 port link-type access # interface GigabitEthernet0/0/3 # interface GigabitEthernet0/0/4 # interface interfaces/0/5 # interface GigabitEthernet0/0/6 # interface GigabitEthernet0/0/7 # interface GigabitEthernet0/0/8 # interface extensions/0/9 # interface GigabitEthernet0/0/10 # interface GigabitEthernet0/0/11 # interface GigabitEthernet0/0/12 # interfaces/0/13 # interface GigabitEthernet0/0/14 # interface GigabitEthernet0/0/15 # interface GigabitEthernet0/0/16 # interface extensions/0/17 # interface GigabitEthernet0/0/18 # interface GigabitEthernet0/0/19 # interface GigabitEthernet0/0/20 # gigabitEthernet0/0/21 # port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface GigabitEthernet0/0/22 # port link-type trunk port connected to the Access Switch trunk allow-pass vlan 2 to 4094 # interface GigabitEthernet0/0 # Heartbeat port eth-trunk 0 # interface GigabitEthernet0/0/23 # Heartbeat port eth-trunk 0 # interface NULL0 # ip route -static 0.0.0.0 0.0.0.0 10.0.0.1ip route-static 0.0.0.0 0.0.0.0 10.0.1.1 # user-interface con 0user-interface vty 0 4 # return <HXA> 3. HXB (core B configuration) <HXB> dis cu # sysname HXB # undo info-center enable # vlan batch 2 to 5 101 # stp instance 0 root secondarystp instance 1 root primary # cluster enablentdp enablendp enable # drop illegal- mac alarm # dhcp enable # dhcp server database enable # diffserv domain default # drop-profile default # vlan 101 description hulian # ip pool vlan2 gateway-list 172.16.2.1 network 172.16.2.0 mask limit 255.0 excluded-ip- address subnet # ip pool vlan3 gateway-list 172.16.3.1 network 172.16.3.0 mask 255.255.255.0 excluded-ip-address subnet # ip pool vlan4 gateway-list 172.16.4.1 network 172.16.4.0 mask 255.255.255.0 excluded-ip-address subnet # ip pool vlan5 gateway-list 172.16.5.1 network 172.16.5.0 mask 255.255.255.0 excluded-ip-address 172.16.5.254 # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default_admin local-user admin password simple admin local-user admin service-type http # interface Vlanif1 # interface Vlanif2 ip address 255.255.255.255.0 vrrp vrid 1 virtual-ip 172.16.2.1 dhcp select global # interface Vlanif3 ip address 172.16.3.253 255.255.255.0 vrrp vrid 2 virtual -ip 172.16.3.1 dhcp select global # interface Vlanif4 ip address 255.255.255.255.0 vrrp vrid 3 virtual-ip 172.16.4.1 vrrp vrid 3 priority 200 dhcp select global # interface Vlanif5 ip address 255.255.255.255.0 vrrp vrid 4 virtual- ip 172.16.5.1 vrrp vrid 4 priority 200 dhcp select global # interface Vlanif101 ip address 10.0.1.2 255.255.255.0 # interface MEth0/0/1 # interface Eth-Trunk0 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface GigabitEthernet0/0/1 # interface GigabitEthernet0/0/2 port link-type access port default vlan 101 # interface GigabitEthernet0/0/3 # interface GigabitEthernet0/0/4 # interface GigabitEthernet0/0/5 # interface GigabitEthernet0/0/6 # interfaces/0/7 # interface GigabitEthernet0/0/8 # interface GigabitEthernet0/0/9 # interface GigabitEthernet0/0/10 # interface extensions/0/11 # interface GigabitEthernet0/0/12 # interface GigabitEthernet0/0/13 # interface GigabitEthernet0/0/14 # response/0/15 # interface GigabitEthernet0/0/16 # interface GigabitEthernet0/0/17 # interface GigabitEthernet0/0/18 # interface GigabitEthernet0/0/19 # interface GigabitEthernet0/0/20 # interface response/0/21 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface GigabitEthernet0/0/22 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface GigabitEthernet0/0/23 eth-trunk 0 # interface GigabitEthernet0/0/24 eth-trunk 0 # interface NULL0 # ip route-static 0.0.0.0 0.0.0.0 10.0.1.1ip route-static 0.0.0.0 0.0.0.0 10.0.0.1 # user-interface con 0user-interface vty 0 4 # return <HXB> 4, JR01 (Access vswitch 01 configuration) <JR01> dis cu # sysname JR01 # undo info-center enable # vlan batch 2 to 5 # cluster enablentdp enablendp enable # drop illegal-mac alarm # diffserv domain default # drop-profile default # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default_admin local-user admin password simple admin local-user admin service-type http # interface Vlanif1 # interface MEth0/ 0/1 # interface Ethernet0/0/1 port link-type access port default vlan 2 # interface Ethernet0/0/2 port link-type access port default vlan 4 # interface Ethernet0/0/3 # interface Ethernet0/0/4 # interface Ethernet0/0/5 # interface Ethernet0/0/6 # interface Ethernet0/0/7 # interface Ethernet0/0/8 # interface Ethernet0/0/9 # interface Ethernet0/0/10 # interface Ethernet0/0/11 # interface Ethernet0/0/12 # interface Ethernet0/0/13 # interface Ethernet0/0/14 # interface Ethernet0/0/15 # interface Ethernet0/0/16 # interface Ethernet0/0/17 # interface Ethernet0/0/18 # interface Ethernet0/0/19 # interface Ethernet0/0/20 # interface Ethernet0/0/21 # interface Ethernet0/0/22 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface NULL0 # user-interface con 0user-interface vty 0 4 # return <JR01> 5. JR02 (access switch 02 configuration) <JR02> dis cu # sysname JR02 # undo info-center enable # vlan batch 2 to 5 # cluster enablentdp enablendp enable # drop illegal-mac alarm # dhcp server database enable # diffserv domain default # drop-profile default # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default_admin local-user admin password simple admin local-user admin service-type http # interface vlanif1 # interface MEth0/0/1 # interface Ethernet0/0/1 port link-type access port default vlan 5 # interface Ethernet0/0/2 port link-type access port default vlan 3 # interface Ethernet0/0/3 # interface Ethernet0/0/4 # interface Ethernet0/0/5 # interface Ethernet0/0/6 # interface Ethernet0/0/7 # interface Ethernet0/0/8 # interface Ethernet0/0/9 # interface Ethernet0/0/10 # interface Ethernet0/0/11 # interface Ethernet0/0/12 # interface Ethernet0/0/13 # interface Ethernet0/0/14 # interface Ethernet0/0/15 # interface Ethernet0/0/16 # interface Ethernet0/0/17 # interface Ethernet0/0/18 # interface Ethernet0/0/19 # interface Ethernet0/0/20 # interface Ethernet0/0/21 # interface Ethernet0/0/22 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface GigabitEthernet0/0/2 port link -type trunk port trunk allow-pass vlan 2 to 4094 # interface NULL0 # user-interface con 0user-interface vty 0 4 # return