一、MSTP+VRRP技术简介
MSTP(Multi- Service Transport Platform)是多业务转发平台的简称,可以用于解决网络二层环路问题,并在构建生成树时引入了实例的概念,每个实例与若干VLAN相连,网络中可以为每个实例单独构建一颗独立的生成树,这样不同VLAN用户通过时可以走不同的路径,从而充分利用带宽。
使用MSTP可以实现链路冗余和不同VLAN之间的负载均衡,但网络中还存在一个单点故障,就是每个VLAN只有一个网关,一旦网关发生故障,用户将无法访问外部网络。为解决这一故障,我们可以使用VRRP技术(VRRP技术),实现网关的冗余备份,防止单点故障的发生。
二、实验部分
实验拓扑
2.配置步骤
(1).基础配置:
SW:
[SW]vlan 10 20 //创建vlan 10,vlan 20[SW]int range g1/0/1 g1/0/2 //进入接口组[SW-if-range]port link-type trunk //配置接口类型为trunk[SW-if-range]port trunk permit vlan 10 20 //允许vlan 10,vlan 20通过[SW-if-range]int g1/0/3 //进入接口[SW-GigabitEthernet1/0/3]port link-type access //配置接口类型为access[SW-GigabitEthernet1/0/3]port access vlan 10 //把端口加入vlan 10[SW-GigabitEthernet1/0/3]int g1/0/4 //进入接口[SW-GigabitEthernet1/0/4]port link-type access //配置接口类型为access[SW-GigabitEthernet1/0/4]port access vlan 20 //把端口划入vlan 20[SW-GigabitEthernet1/0/4]quit //返回系统视图CORE1:
[CORE1]vlan 10 20 //创建vlan10,vlan20[CORE1]int vlan 10 //进入vlanif 10[CORE1-Vlan-interface10]ip add 192.168.10.1 24 //配置ip [CORE1-Vlan-interface10]int vlan 20 //进入vlanif 20[CORE1-Vlan-interface20]ip add 192.168.20.1 24 //配置ip[CORE1-Vlan-interface20]int g1/0/3 //进入接口[CORE1-GigabitEthernet1/0/3]port link-type trunk //配置接口类型为trunk[CORE1-GigabitEthernet1/0/3]port trunk permit vlan 10 20 //允许vlan 10,vlan20通过[CORE1-GigabitEthernet1/0/3]quit //返回系统视图CORE2:
[CORE2]vlan 10 20 //创建vlan 10,vlan 20[CORE2]int vlan 10 //进入vlanif 10[CORE2-Vlan-interface10]ip add 192.168.10.2 24 //配置ip[CORE2-Vlan-interface10]int vlan 20 //进入vlanif 20[CORE2-Vlan-interface20]ip add 192.168.20.2 24 //配置ip[CORE2-Vlan-interface20]int g1/0/3 //进入接口[CORE2-GigabitEthernet1/0/3]port link-type trunk //配置接口类型为trunk[CORE2-GigabitEthernet1/0/3]port trunk permit vlan 10 20 //允许vlan 10,vlan 20通过[CORE2-GigabitEthernet1/0/3]quit //返回系统视图PC1:
PC2:
(2).配置MSTP:
SW:
[SW]stp region-configuration //进入MST域视图[SW-mst-region]region-name test //配置MST域的域名为test,缺省为设备MAC地址[SW-mst-region]revision-level 15 //配置MSTP的修订级别,缺省为0[SW-mst-region]instance 1 vlan 10 //配置vlan映射表,把vlan 10映射到实例1[SW-mst-region]instance 2 vlan 20 //配置vlan映射表,把vlan 20映射到实例2[SW-mst-region]active region-configuration //激活MST域的配置[SW-mst-region]quit //返回系统视图CORE1:
[CORE1]stp region-configuration //进入MST域视图[CORE1-mst-region]region-name test //配置MST域的域名为test,缺省为设备MAC地址 [CORE1-mst-region]revision-level 15 //配置MSTP的修订级别,缺省为0[CORE1-mst-region]instance 1 vlan 10 //配置vlan映射表,把vlan 10映射到实例1[CORE1-mst-region]instance 2 vlan 20 //配置vlan映射表,把vlan 20映射到实例2[CORE1-mst-region]active region-configuration //激活MST域的配置[CORE1-mst-region]quit //返回系统视图[CORE1]stp instance 1 root primary //配置为实例1的根桥[CORE1]stp instance 2 root secondary //配置为实例2的备份根桥CORE2:
[CORE2]stp region-configuration //进入MST域视图[CORE2-mst-region]region-name test //配置MST域的域名为test,缺省为设备MAC地址[CORE2-mst-region]revision-level 15 //配置MSTP的修订级别,缺省为0[CORE2-mst-region]instance 1 vlan 10 //配置vlan映射表,把vlan 10映射到实例1[CORE2-mst-region]instance 2 vlan 20 //配置vlan映射表,把vlan 20映射到实例2[CORE2-mst-region]active region-configuration //激活MST域的配置[CORE2-mst-region]quit //返回系统视图[CORE2]stp instance 1 root secondary //配置为实例1的备份根桥[CORE2]stp instance 2 root primary //配置为实例2的根桥(3).配置VRRP心跳线链路聚合:
CORE1:
[CORE1]int Bridge-Aggregation 1 //创建聚合组1[CORE1-Bridge-Aggregation1]port link-type trunk //配置链路类型为trunk[CORE1-Bridge-Aggregation1]port trunk permit vlan 10 20 //允许vlan 10,vlan 20通过[CORE1-Bridge-Aggregation1]quit //返回系统视图[CORE1]int range g1/0/2 g1/0/4 //进入接口组[CORE1-if-range]port link-type trunk //配置链路类型为trunK[CORE1-if-range]port trunk permit vlan 10 20 //允许vlan 10,vlan 20通过 [CORE1-if-range]port link-aggregation group 1 //加入聚合组1CORE2:
[CORE2]int Bridge-Aggregation 1 //创建聚合组1[CORE2-Bridge-Aggregation1]port link-type trunk //配置链路类型为trunk[CORE2-Bridge-Aggregation1]port trunk permit vlan 10 20 //允许vlan 10,vlan 20通过[CORE2-Bridge-Aggregation1]quit //返回系统视图[CORE2]int range g1/0/2 g1/0/4 //进入接口组[CORE2-if-range]port link-type trunk //配置链路类型为trunk[CORE2-if-range]port trunk permit vlan 10 20 //允许vlan 10,vlan 20通过[CORE2-if-range]port link-aggregation group 1 //加入聚合组1[CORE2-if-range]quit //返回系统视图(4).配置VRRP:
CORE1:
[CORE1]int vlan 10 //进入vlanif 10[CORE1-Vlan-interface10]vrrp vrid 10 virtual-ip 192.168.10.254 //创建vrid为10的vrrp组,配置虚拟ip为192.168.10.254[CORE1-Vlan-interface10]vrrp vrid 10 priority 120 //配置该接口vrrp优先级为120,保证被选举为主[CORE1-Vlan-interface10]int vlan 20 //进入vlanif 20[CORE1-Vlan-interface20]vrrp vrid 20 virtual-ip 192.168.20.254 //创建vrid为20的vrrp组,配置虚拟ip为192.168.20.254 [CORE1-Vlan-interface20]quit //返回系统视图CORE2:
[CORE2]int vlan 10 //创建vlan 10[CORE2-Vlan-interface10]vrrp vrid 10 virtual-ip 192.168.10.254 //创建vrid为10的vrrp组,配置虚拟ip为192.168.10.254[CORE2-Vlan-interface10]int vlan 20 //进入vlanif 20[CORE2-Vlan-interface20]vrrp vrid 20 virtual-ip 192.168.20.254 //创建vrid为20的vrrp组,配置虚拟ip为192.168.20.254 [CORE2-Vlan-interface20]vrrp vrid 20 priority 120 //配置该接口vrrp优先级为120,保证被选举为主[CORE2-Vlan-interface20]quit //返回系统视图(4).配置Track模块 :
CORE1:
[CORE1]track 1 int g1/0/1 //配置track1,监视g1/0/1接口[CORE1-track-1]int vlan 10 //进入vlanif 10[CORE1-Vlan-interface10]vrrp vrid 10 track 1 priority reduced 30 //调用track1,设置优先级减少30[CORE1-Vlan-interface10]quit //返回系统视图[CORE1]track 2 int g1/0/1 //配置track2,监视g1/0/1接口[CORE1-track-1]int vlan 20 //进入vlanif 20[CORE1-Vlan-interface20]vrrp vrid 20 track 2 priority reduced 30 //调用track2,设置优先级减少30[CORE1-Vlan-interface20]quit //返回系统视图CORE2:
[CORE2]track 1 int g1/0/1 //配置track1,监视g1/0/1接口[CORE2-track-1]int vlan 10 //进入vlanif 10[CORE2-Vlan-interface10]vrrp vrid 10 track 1 priority reduced 30 //调用track1,设置优先级减少30[CORE2-Vlan-interface10]quit //返回系统视图[CORE2]track 2 int g1/0/1 //配置track2,监视g1/0/1接口[CORE2-track-1]int vlan 20 //进入vlanif 20[CORE2-Vlan-interface20]vrrp vrid 20 track 2 priority reduced 30 //调用track2,设置优先级减少30[CORE2-Vlan-interface20]quit //返回系统视图三、结果检验
在SW上使用display stp brief查看stp状态:
使用display vrrp查看VRRP状态:
断开CORE1的上行链路,再查看VRRP:
可以看到,CORE1由vlan10的Master变为了Backup,且优先级都减少了30。
实验结束,感谢观看。
来源地址:https://blog.csdn.net/m0_56348450/article/details/130125267
