Home > Cloud Computing > Cloud Security

Use vrrp to achieve traffic distribution and backup between routers! (H3C)

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

1. Job Requirements:

  • Vro Backup Using vrrp
  • Achieve traffic distribution between two routers to improve efficiency)
  • Improve security by using Channel Technology

2. Topology

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image002 "border =" 0 "alt =" clip_image002 "height =" 511 "src =" http://img1.51cto.com/attachment/201208/17/5635432_1345174491I7yv.jpg "/>

3. device description:

Router: H3C Quidway R2621 R9 R6)

Switch: H3C Quidway S2000 (L2 Switch S2)

H3C Quidway S3526E (L3 switch S1)

4. Device Configuration

4.1 basic configuration:

Vrorr9:

[Router] sysname R9

[R9] int e1.10

[R9-Ethernet1.10] vlan-type dot1q vid 10 // tag

[R9-Ethernet1.10] ip add 192.168.10.1 255.255.255.0 // with ip

// The order of the two steps cannot be reversed!

[R9-Ethernet1.10] int e1.20

[R9-Ethernet1.20] vlan-type dot1q vid 20

[R9-Ethernet1.20] ip add 192.168.20.1 24

Router R6:

[R6] int e1.10

[R6-Ethernet1.10] vlan-type dot1q vid 10

[R6-Ethernet1.10] ip add 192.168.10.2 24

[R6-Ethernet1.10] int e1.20

[R6-Ethernet1.20] vlan-type dot1q vid 20

[R6-Ethernet1.20] ip add 192.168.20.2 24

Switch s1:

[Quidway] sysname s1

[S1] int e0/24

[S1-Ethernet0/24] port link-type trunk // trunk link

[S1-Ethernet0/24] port trunk permit vlan all // by default, only vlan1 is allowed, so here

Please wait ...................................... ..... done.

[S1-Ethernet0/24] vlan 10

[S1-vlan10] port e0/3 to e0/5 // divided port

[S1-vlan10] vlan 20

[S1-vlan20] port e0/10 to e 0/15

[S1] int e0/1

[S1-Ethernet0/1] port link-type trunk

[S1-Ethernet0/1] port trunk permit vlan all

[S1-Ethernet0/1] dis int e0/1

Ethernet0/1 current state: UP

IP Sending Frames 'format is PKTFMT_ETHNT_2, Hardware address is 00e0-fc0e-b624

The Maximum Transmit Unit is 1500

Media type is twisted pair, loopback not set

Port hardware type is 100_BASE_TX

100Mbps-speed mode, full-duplex mode

Link speed type is autonegotiation, link duplex type is autonegotiation

Flow-control is not enabled

Port-flow-constrain has not been configured completely

The Maximum Frame Length is 1536

Broadcast MAX-ratio: 100%

PVID: 1

Mdi type: auto

Port link-type: trunk

VLAN passing: 1 (default vlan), 10, 20

VLAN allowed: 1 (default vlan), 2-4094

Trunk port encapsulation: IEEE 802.1q

Vswitch s2:

[S2] int e1/0/24

[S2-Ethernet1/0/24] port link-type trunk

[S2-Ethernet1/0/24] port trunk permit vlan all

Please wait ...................................... ..... done.

[S2-Ethernet1/0/24] vlan 10

[S2-vlan10] port e1/0/3 to e1/0/5

[S2-vlan10] vlan 20

[S2-vlan20] port e1/0/10 to e1/0/15

[S2] int e1/0/1

[S2-Ethernet1/0/1] port link-type trunk

[S2-Ethernet1/0/1] port trunk permit vlan all

Please wait ...................................... ..... done.

[S2-Ethernet1/0/1] dis int e1/0/1

Ethernet1/0/1 current state: UP

IP Sending Frames 'format is PKTFMT_ETHNT_2, Hardware address is 000f-e274-2158

Media type is twisted pair, loopback not set

Port hardware type is 100_BASE_TX

100Mbps-speed mode, full-duplex mode

Link speed type is autonegotiation, link duplex type is autonegotiation

Flow-control is not enabled

The Maximum Frame Length is 1536

Broadcast MAX-ratio: 100%

PVID: 1

Mdi type: normal

Port link-type: trunk

VLAN passing: 1 (default vlan), 10, 20

VLAN permitted: 1 (default vlan), 2-4094

Trunk port encapsulation: IEEE 802.1q

Test availability:

[R9] ping 192.168.10.2

PING 192.168.10.2: 56 data bytes, press CTRL_C to break

Reply from 192.168.10.2: bytes = 56 Sequence = 0 ttl = 255 time = 2 MS

Reply from 192.168.10.2: bytes = 56 Sequence = 1 ttl = 255 time = 2 MS

[R9] ping 192.168.20.2

PING 192.168.20.2: 56 data bytes, press CTRL_C to break

Reply from 192.168.20.2: bytes = 56 Sequence = 0 ttl = 255 time = 2 MS

Reply from 192.168.20.2: bytes = 56 Sequence = 1 ttl = 255 time = 2 MS

Before configuring the channel: ensure that the two lines are trunk links!

4.2 Channel Configuration:

Add a link:

[S1-Ethernet0/22] int e0/2

[S1-Ethernet0/2] port link-type trunk

[S1-Ethernet0/2] port trunk permit vlan all

Please wait ...................................... ..... done

[S2] int e1/0/2

[S2-Ethernet1/0/2] port link-type trunk

[S2-Ethernet1/0/2] port trunk permit vlan al

Channel bundle Configuration:

// S3526E

[S1] link-aggregation eth0/1 to eth0/2 both

The value range must be 1 9 17 consecutive bundling, and others cannot.

And the port must be full-duplex, MB!

// S2000

[S2] link-aggregation group 1 mode manual

[S2-Ethernet1/0/22] int e1/0/1

[S2-Ethernet1/0/1] port link-aggregation group 1

[S2] int e1/0/2

[S2-Ethernet1/0/2] port link-aggregation group 1

Set full duplex and speed

[S1] int e0/1

[S1-Ethernet0/1] duplex full

[S1-Ethernet0/1] speed 100

[S1] int e0/2

[S1-Ethernet0/2] duplex?

Auto Enable port's duplex negotiation automatically

Full Full-duplex

Half Half-duplex

[S1-Ethernet0/2] duplex full

[S1-Ethernet0/2] speed 100

[S2-Ethernet1/0/1] duplex full // This end can be automatically negotiated!

[S2-Ethernet1/0/1] speed 100

[S2-Ethernet1/0/1] int e1/0/2

[S2-Ethernet1/0/2] duplex full

[S2-Ethernet1/0/2] speed 100

Test: unplugging any line between s1 and s2 does not affect normal communication!

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image004 "border =" 0 "alt =" clip_image004 "height =" 44 "src =" http://img1.51cto.com/attachment/201208/17/5635432_1345174504PjWJ.jpg "/>

4.3 vrrp (Virtual redundancy Routing Protocol)

[R6] vrrp ping-enable// The command must be executed first; otherwise, the ping command cannot be used later.

Ping vrrp enable

[R9] int e1.10

[R9-Ethernet1.10] vrrp vrid?

INTEGER <1-255> Virtual router ID

[R9-Ethernet1.10] vrrp vrid 10 virtual-ip 192.168.10.254 // with virtual gateway pointing

[R9-Ethernet1.10] int e1.20

[R9-Ethernet1.20] vrrp vrid 20 virtual-ip 192.168.255.254

[R6] vrrp ping-enable

Ping vrrp enable

[R6] int e1.10

[R6-Ethernet1.10] vrrp vrid 10 virtual-ip 192.168.10.254

[R6-Ethernet1.10] vrrp vrid 10 priority 80

[R6-Ethernet1.10] int e1.20

[R6-Ethernet1.20] vrrp vrid 20 virtual-ip 192.168.255.254

[R6-Ethernet1.20] vrrp vrid 20 priority 80 // tune priority

5. test:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image006 "border =" 0 "alt =" clip_image006 "height =" 292 "src =" http://www.bkjia.com/uploads/allimg/131227/0GF114K-2.jpg "/>

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image008 "border =" 0 "alt =" clip_image008 "height =" 250 "src =" http://www.bkjia.com/uploads/allimg/131227/0GF16107-3.jpg "/>

[R6] dis vrrp

Ethernet1.20 | Virtual Router 20

State: Backup

Virtual IP: 192.168.255.254

Priority: 80

Preempt: YES Delay Time: 0

Timer: 1

Auth Type: NO

Ethernet1.10 | Virtual Router 10

State: Backup

Virtual IP: 192.168.10.254

Priority: 80

Preempt: YES Delay Time: 0

Timer: 1

Auth Type: NO

[R9] dis vrrp

Ethernet1.20 | Virtual Router 20

State: Master

Virtual IP: 192.168.255.254

Priority: 100

Preempt: YES Delay Time: 0

Timer: 1

Auth Type: NO

Ethernet1.10 | Virtual Router 10

State: Master

Virtual IP: 192.168.10.254

Priority: 100

Preempt: YES Delay Time: 0

Timer: 1

Auth Type: NO

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image010 "border =" 0 "alt =" clip_image010 "height =" 167 "src =" http://www.bkjia.com/uploads/allimg/131227/0GF163K-4.jpg "/>

All traffic is concentrated on one vro! R9 (R6 as backup)

 

Shunting Configuration:

[R6] int e1.20

[R6-Ethernet1.20] vrrp vrid 20 priority 120

[R6-Ethernet1.20] quit

[R6] dis vrrp

Ethernet1.20 | Virtual Router 20

State: Master

Virtual IP: 192.168.255.254

Priority: 120

Preempt: YES Delay Time: 0 // default permission contention

Timer: 1

Auth Type: NO

Ethernet1.10 | Virtual Router 10

State: Backup

Virtual IP: 192.168.10.254

Priority: 80

Preempt: YES Delay Time: 0

Timer: 1

Auth Type: NO

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image012 "border =" 0 "alt =" clip_image012 "height =" 172 "src =" http://www.bkjia.com/uploads/allimg/131227/0GF13J4-5.jpg "/>

Traffic is distributed across two Routers

After plugging any line in the intermediate channel: channel function)

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image014 "border =" 0 "alt =" clip_image014 "height =" 279 "src =" http://www.bkjia.com/uploads/allimg/131227/0GF12415-6.jpg "/>

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image016 "border =" 0 "alt =" clip_image016 "height =" 373 "src =" http://www.bkjia.com/uploads/allimg/131227/0GF111I-7.jpg "/>

This article is from the "Smile" blog, please be sure to keep this source http://guojiping.blog.51cto.com/5635432/965540

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
avaya routers and switches how to use wireshark to monitor network traffic how to use veeam backup cisco routers and switches models and how to use packaging and distribution how to use rsync to backup
Related Article
Cloud security to achieve effective prevention of the future ...
Focus on three major cloud security areas, you know?
Decrypting Cisco type 5 password hashes
Using redis to write webshell

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More