其他分享
首页 > 其他分享> > 企业网-VRRP实现网关冗余2021-10-07

企业网-VRRP实现网关冗余2021-10-07

作者:互联网

1/问答题

企业网-VRRP实现网关冗余
image.png

实验作业:

原在mac gns3 IOU 配置拓扑结果如下所示:

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-Ifinlkcm-1633578878183)(/Users/aron/Pictures/gns3 iou.png)]

配置IP地址并测试连通性!

R1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#int lo1
R1(config-if)#ip add 8
*Oct  5 15:50:37.766: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to up
R1(config-if)#ip add 8.8.8.8 255.255.255.255
R1(config-if)#no sh
R1(config-if)#int e0/0
R1(config-if)#ip add 11.1.1.1 255.255.255.0
R1(config-if)#no sh
R1(config-if)#int e0/1
R1(config-if)#ip add 12.1.1.1 255.255.255.0
R1(config-if)#no sh
R1(config-if)#end

R1#show ip int br
Interface                  IP-Address      OK? Method Status                Protocol
Ethernet0/0                11.1.1.1        YES manual up                    up      
Ethernet0/1                12.1.1.1        YES manual up                    up      
Ethernet0/2                unassigned      YES NVRAM  administratively down down    
Ethernet0/3                unassigned      YES NVRAM  administratively down down    
Ethernet1/0                unassigned      YES NVRAM  administratively down down    
Ethernet1/1                unassigned      YES NVRAM  administratively down down    
Ethernet1/2                unassigned      YES NVRAM  administratively down down    
Ethernet1/3                unassigned      YES NVRAM  administratively down down    
Serial2/0                  unassigned      YES NVRAM  administratively down down    
Serial2/1                  unassigned      YES NVRAM  administratively down down    
Serial2/2                  unassigned      YES NVRAM  administratively down down    
Serial2/3                  unassigned      YES NVRAM  administratively down down    
Serial3/0                  unassigned      YES NVRAM  administratively down down    
Serial3/1                  unassigned      YES NVRAM  administratively down down    
Serial3/2                  unassigned      YES NVRAM  administratively down down    
Serial3/3                  unassigned      YES NVRAM  administratively down down    
Loopback1                  8.8.8.8         YES manual up                    up      
R1#
R1#

SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#int e0/2
SW1(config-if)#no switchport 
SW1(config-if)#ip add 11.1.1.2 255.255.255.0
SW1(config-if)#no sh
SW1(config-if)#exit
SW1(config)#exit


SW2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW2(config)#int e0/2
SW2(config-if)#no switchport 
SW2(config-if)#ip add 12.1.1.2 255.255.255.0



配置vlan:
SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#vtp mode server
Device mode already VTP Server for VLANS.
SW1(config)#vtp domain PL
SW1(config)#vtp password cisco
Setting device VTP password to cisco
SW1(config)#vlan 10
SW1(config-vlan)#name vlan_10
SW1(config-vlan)#exit
SW1(config)#vlan 20
SW1(config-vlan)#name vlan_20
SW1(config-vlan)#end

SW1#show vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Et0/3, Et1/0, Et1/1, Et1/2
                                                Et1/3, Et2/0, Et2/1, Et2/2
                                                Et2/3, Et3/0, Et3/1, Et3/2
                                                Et3/3
10   vlan_10                          active    
20   vlan_20                          active 

SW2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW2(config)#vtp mode client 
Setting device to VTP Client mode for VLANS.
SW2(config)#vtp domain PL
Domain name already set to PL.
SW2(config)#vtp password cisco
Setting device VTP password to cisco
SW2(config)#end 
SW2#
*Oct  5 15:56:41.155: %SYS-5-CONFIG_I: Configured from console by console
SW2#show vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Et0/3, Et1/0, Et1/1, Et1/2
                                                Et1/3, Et2/0, Et2/1, Et2/2
                                                Et2/3, Et3/0, Et3/1, Et3/2
                                                Et3/3
10   vlan_10                          active    
20   vlan_20                          active   

SW3#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW3(config)#vtp mode client 
Setting device to VTP Client mode for VLANS.
SW3(config)#vtp domain PL
Changing VTP domain name from NULL to PL
SW3(config)#vtp password cisco
Setting device VTP password to cisco
SW3(config)#end
SW3#show vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Et0/0, Et0/3, Et1/0, Et1/1
                                                Et1/2, Et1/3, Et2/0, Et2/1
                                                Et2/2, Et2/3, Et3/0, Et3/1
                                                Et3/2, Et3/3
10   vlan_10                          active    
20   vlan_20                          active 

 
 SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#int vlan 10
SW1(config-if)#ip add 172.16.10.251 255.255.255.0
SW1(config-if)#no sh
SW1(config-if)#int vlan 20
SW1(config-if)#ip add 172.16.20.251 255.255.255.0
SW1(config-if)#no sh
SW1(config-if)#end

SW2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW2(config)#int vlan 10
SW2(config-if)#no sh
SW2(config-if)#ip add 172.16.10.252 255.255.255.0
SW2(config-if)#no sh
SW2(config-if)#int vlan 20
SW2(config-if)#ip add 172.16.20.252 255.255.255.0
SW2(config-if)#no sh

1、配置SW1、SW2、SW3之间的Trunk链路;

配置trunk链路:

SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#int range e0/0 - 1
SW1(config-if-range)#switchport trunk encapsulation dot1q 
SW1(config-if-range)#switchport mode trunk 
SW1(config-if-range)#

SW2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW2(config)#int range e0/0 - 1
SW2(config-if-range)#switchport trunk encapsulation dot1q 
SW2(config-if-range)#switchport mode trunk 
SW2(config-if-range)#

SW3#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW3(config)#int range e0/1 - 2
SW3(config-if-range)#switchport trunk encapsulation dot1q 
SW3(config-if-range)#switchport mode trunk 
SW3(config-if-range)#


2、配置SW1、SW2、R1之间的OSPF协议,要求SW1和SW2能够PING通8.8.8.8;

配置OSPF:

R1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#router ospf 100
R1(config-router)#router-id 1.1.1.1
R1(config-router)#network 8.8.8.8 0.0.0.0 area 0
R1(config-router)#network 11.1.1.0 0.0.0.255 area 0
R1(config-router)#network 12.1.1.0 0.0.0.255 area 0
R1(config-router)#


SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config-if)#int e0/2
SW1(config-if)#no switchport
SW1(config-if)#ip add 11.1.1.2 255.255.255.0
SW1(config-if)#router ospf 100
SW1(config-router)#router-id 2.2.2.2
SW1(config-router)# network 11.1.1.0 0.0.0.255 area 0
SW1(config-router)# network 172.16.10.0 0.0.0.255 area 0
SW1(config-router)# network 172.16.20.0 0.0.0.255 area 0
SW1(config-router)#end
SW1#show ip route
SW1#ping 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
SW1#




SW2(config-if-range)#int e0/2
SW2(config-if)#no switchport 
SW2(config-if)#ip add 12.1.1.2 255.255.255.0
SW2(config-if)#router ospf 100
SW2(config-router)#router-id 3.3.3.3
SW2(config-router)#network 12.1.1.0 0.0.0.255 area 0
SW2(config-router)#network 172.16.10.0 0.0.0.255 area 0
SW2(config-router)#network 172.16.20.0 0.0.0.255 area 0
SW2(config-router)#end


SW2#show ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      8.0.0.0/32 is subnetted, 1 subnets
O        8.8.8.8 [110/11] via 12.1.1.1, 00:00:23, Ethernet0/2
      11.0.0.0/24 is subnetted, 1 subnets
O        11.1.1.0 [110/11] via 172.16.10.251, 00:00:01, Vlan10
SW2#ping 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
SW2#




3、SW1和SW2之间配置VRRP协议,根据拓扑要求设置虚拟网关地址;

配置vlan 10的vrrp协议:
SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#int vlan 10
SW1(config-if)#vrrp 10 ip 172.16.10.254
SW1(config-if)#vrrp 10 priority 200  
SW1(config-if)#vrrp 10 preempt 
SW1(config-if)#vrrp 10 track 1 decrement 150
SW1(config-if)#exit
SW1(config)#track 1 interface e0/0 line-protocol           
SW1(config-track)#exit

SW2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW2(config)#int vlan 10
SW2(config-if)#vrrp 10 ip 172.16.10.254
SW2(config-if)#vrrp 10 priority 150
SW2(config-if)#vrrp 10 preempt 
SW2(config-if)#vrrp 10 track 1 decrement 150
SW2(config-if)#exit
SW2(config)#track 1 interface e0/0 line-protocol 
SW2(config-track)#end


配置vlan 20 的vrrp协议:
SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#int vlan 20
SW1(config-if)#vrrp 20 ip 172.16.20.254           
SW1(config-if)#vrrp 20 priority 150
SW1(config-if)#vrrp 20 preempt 
SW1(config-if)#vrrp 20 track 1 decrement 150
SW1(config-if)#end
SW1#
*Oct  5 16:12:59.012: %SYS-5-CONFIG_I: Configured from console by console
SW1#show vrrp br
Interface          Grp Pri Time  Own Pre State   Master addr     Group addr
Vl10               10  200 3218       Y  Master  172.16.10.251   172.16.10.254  
Vl20               20  150 3414       Y  Backup  172.16.20.252   172.16.20.254  
SW1#

SW2#conf t 
Enter configuration commands, one per line.  End with CNTL/Z.
SW2(config)#int vlan 20
SW2(config-if)#vrrp 20 ip 172.16.20.254
SW2(config-if)#vrrp 20 priority 200
SW2(config-if)#vrrp 20 preempt 
SW2(config-if)#vrrp 20 track 1 decrement 150
SW2(config-if)#end
SW2#
*Oct  5 16:13:52.343: %SYS-5-CONFIG_I: Configured from console by console
SW2#show vrrp br
Interface          Grp Pri Time  Own Pre State   Master addr     Group addr
Vl10               10  150 3414       Y  Backup  172.16.10.251   172.16.10.254  
Vl20               20  200 3218       Y  Master  172.16.20.252   172.16.20.254  
SW2#



4、为PC1和PC2配置所在网段的ip地址例如172.16.10.1和172.16.20.1;根据VRRP配置设置默认网关;

SW3上划分接口所属的vlan
SW3#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW3(config)#int e1/1
SW3(config-if)#switchport access vlan 10
SW3(config-if)#no sh
SW3(config-if)#int e1/2
SW3(config-if)#switchport access vlan 20
SW3(config-if)#no sh
SW3(config-if)#

配置所在网段的ip地址例如172.16.10.1和172.16.20.1;根据VRRP配置设置默认网关;
PC1> ip 172.16.10.1 255.255.255.0 172.16.10.251 
Checking for duplicate address...
PC1 : 172.16.10.1 255.255.255.0 gateway 172.16.10.251

PC1> ping 8.8.8.8

84 bytes from 8.8.8.8 icmp_seq=1 ttl=254 time=1.526 ms
84 bytes from 8.8.8.8 icmp_seq=2 ttl=254 time=2.081 ms
84 bytes from 8.8.8.8 icmp_seq=3 ttl=254 time=1.675 ms
84 bytes from 8.8.8.8 icmp_seq=4 ttl=254 time=2.581 ms
p84 bytes from 8.8.8.8 icmp_seq=5 ttl=254 time=2.422 ms
^H^H^H^H
PC1> ping 172.16.10.254

84 bytes from 172.16.10.254 icmp_seq=1 ttl=255 time=1.414 ms
84 bytes from 172.16.10.254 icmp_seq=2 ttl=255 time=1.616 ms
84 bytes from 172.16.10.254 icmp_seq=3 ttl=255 time=1.109 ms
84 bytes from 172.16.10.254 icmp_seq=4 ttl=255 time=1.171 ms
84 bytes from 172.16.10.254 icmp_seq=5 ttl=255 time=1.245 ms

PC1> ip 172.16.10.1 255.255.255.0 172.16.10.254 
Checking for duplicate address...
PC1 : 172.16.10.1 255.255.255.0 gateway 172.16.10.254

PC1> ping 8.8.8.8

84 bytes from 8.8.8.8 icmp_seq=1 ttl=254 time=3.428 ms
84 bytes from 8.8.8.8 icmp_seq=2 ttl=254 time=2.933 ms
84 bytes from 8.8.8.8 icmp_seq=3 ttl=254 time=3.495 ms
84 bytes from 8.8.8.8 icmp_seq=4 ttl=254 time=3.497 ms
84 bytes from 8.8.8.8 icmp_seq=5 ttl=254 time=3.075 ms

PC1> ping 172.16.10.254                        

84 bytes from 172.16.10.254 icmp_seq=1 ttl=255 time=1.613 ms
84 bytes from 172.16.10.254 icmp_seq=2 ttl=255 time=1.874 ms
84 bytes from 172.16.10.254 icmp_seq=3 ttl=255 time=0.885 ms
84 bytes from 172.16.10.254 icmp_seq=4 ttl=255 time=1.237 ms
84 bytes from 172.16.10.254 icmp_seq=5 ttl=255 time=1.666 ms


PC2> ip 172.16.20.1 255.255.255.0 172.16.20.254
Checking for duplicate address...
PC2 : 172.16.20.1 255.255.255.0 gateway 172.16.20.254



[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-Sk9ttcD8-1633578878184)(/Users/aron/Library/Application Support/typora-user-images/image-20211006002708943.png)]

实验时会出现一些错误:

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-jA8BXR7Z-1633578878185)(/Users/aron/Library/Application Support/typora-user-images/image-20211004235011133.png)]

5、通过关闭SW1或SW2交换机,验证网关冗余切换效果。

查看切换的冗余效果:

show vrrp br

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-FwA9olti-1633578878186)(/Users/aron/Library/Application Support/typora-user-images/image-20211006001606577.png)]

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-jIoMrhEu-1633578878187)(/Users/aron/Library/Application Support/typora-user-images/image-20211006002501293.png)]

---------

【作业要求】
1、用GNS3搭建拓扑,并根据要求完成项目;
2、将整个GNS3项目文件打包为压缩包,并以附件上传,压缩包的名称规范为“姓名-VRRP综合实验”。

编写实验报告,将整个作业过程中的涉及的步骤、效果、思路等整理为Word或PDF或PPT文档并上传,文档名称为"姓名-作业名称"。*

标签:10,网关,07,8.8,vlan,172.16,SW1,SW2,config
来源: https://blog.csdn.net/m0_47210241/article/details/120634496