基于VRRP的二层架构数据中心网络部署举例
适用产品和版本
- CloudEngine系列交换机V300R020C00或更高版本。
- 如果需要了解软件版本与交换机具体型号的配套信息,请查看硬件中心。
组网需求
在数据中心场景中,接入层交换机以双上行方式接入核心层。用户希望:
- 考虑到业务的可靠性,部署冗余链路,在一条上行链路断开的时候,流量能切换到另外一条上行链路转发。
- 避免冗余备份链路导致的环网问题,消除网络中的环路。
图1 基于VRRP的二层架构数据中心网络组网
| 设备 | VLAN及IP地址 | 接口 | 描述 |
|---|---|---|---|
| DeviceA | VLAN:2
IP地址:10.1.2.102/24 虚拟IP地址:10.1.2.100 |
100GE1/0/1 | TO-CE6800-DEVICEC |
| 100GE1/0/5 | TO-CE16800-DEVICEB | ||
| VLAN:3
IP地址:10.1.3.102/24 虚拟IP地址:10.1.3.100 |
100GE1/0/2 | TO-CE6800-DEVICED | |
| 100GE1/0/5 | TO-CE16800-DEVICEB | ||
| VLAN:4
IP地址:10.1.4.102/24 虚拟IP地址:10.1.4.100 |
100GE1/0/3 | TO-CE6800-DEVICEE | |
| 100GE1/0/5 | TO-CE16800-DEVICEB | ||
| VLAN:5
IP地址:10.1.5.102/24 虚拟IP地址:10.1.5.100 |
100GE1/0/4 | TO-CE6800-DEVICEF | |
| 100GE1/0/5 | TO-CE16800-DEVICEB | ||
| VLAN:6
IP地址:10.1.6.102/24 |
100GE1/0/6 | TO-DEVICEG | |
| DeviceB | VLAN:2
IP地址:10.1.2.103/24 虚拟IP地址:10.1.2.100 |
100GE1/0/4 | TO-CE6800-DEVICEC |
| 100GE1/0/5 | TO-CE16800-DEVICEA | ||
| VLAN:3
IP地址:10.1.3.103/24 虚拟IP地址:10.1.3.100 |
100GE1/0/3 | TO-CE6800-DEVICED | |
| 100GE1/0/5 | TO-CE16800-DEVICEA | ||
| VLAN:4
IP地址:10.1.4.103/24 虚拟IP地址:10.1.4.100 |
100GE1/0/2 | TO-CE6800-DEVICEE | |
| 100GE1/0/5 | TO-CE16800-DEVICEA | ||
| VLAN:5
IP地址:10.1.5.103/24 虚拟IP地址:10.1.5.100 |
100GE1/0/1 | TO-CE6800-DEVICEF | |
| 100GE1/0/5 | TO-CE16800-DEVICEA | ||
| VLAN:7
IP地址:10.1.7.103/24 |
100GE1/0/6 | TO-DEVICEH | |
| DeviceC | VLAN:2 | 100GE1/0/1 | TO-CE16800-DEVICEA |
| 100GE1/0/2 | TO-CE16800-DEVICEB | ||
| 100GE1/0/3 | TO-HOSTA | ||
| DeviceD | VLAN:3 | 100GE1/0/1 | TO-CE16800-DEVICEB |
| 100GE1/0/2 | TO-CE16800-DEVICEA | ||
| 100GE1/0/3 | TO-HOSTB | ||
| DeviceE | VLAN:4 | 100GE1/0/1 | TO-CE16800-DEVICEA |
| 100GE1/0/2 | TO-CE16800-DEVICEB | ||
| 100GE1/0/3 | TO-HOSTC | ||
| DeviceF | VLAN:5 | 100GE1/0/1 | TO-CE16800-DEVICEB |
| 100GE1/0/2 | TO-CE16800-DEVICEA | ||
| 100GE1/0/3 | TO-HOSTD |
操作步骤
- 配置MSTP基本功能(以DeviceA、DeviceB、DeviceC和DeviceD为例)
只要两台设备的以下配置相同,这两台设备就属于同一个MST域。
- MST域的域名。
- 多生成树实例和VLAN的映射关系。
- MST域的修订级别。
- 配置DeviceA、DeviceB、DeviceC、DeviceD到域名为RG1的域内,创建实例MSTI1和实例MSTI2
# 配置核心层设备DeviceA的MST域。
<HUAWEI> system-view [~HUAWEI] sysname DeviceA [*HUAWEI] commit [~DeviceA] stp region-configuration [~DeviceA-mst-region] region-name RG1 [*DeviceA-mst-region] instance 1 vlan 2 [*DeviceA-mst-region] instance 2 vlan 3 [*DeviceA-mst-region] commit [~DeviceA-mst-region] quit
# 配置核心层设备DeviceB的MST域。
<HUAWEI> system-view [~HUAWEI] sysname DeviceB [*HUAWEI] commit [~DeviceB] stp region-configuration [~DeviceB-mst-region] region-name RG1 [*DeviceB-mst-region] instance 1 vlan 2 [*DeviceB-mst-region] instance 2 vlan 3 [*DeviceB-mst-region] commit [~DeviceB-mst-region] quit
# 配置接入层设备DeviceC的MST域。
<HUAWEI> system-view [~HUAWEI] sysname DeviceC [*HUAWEI] commit [~DeviceC] stp region-configuration [~DeviceC-mst-region] region-name RG1 [*DeviceC-mst-region] instance 1 vlan 2 [*DeviceC-mst-region] instance 2 vlan 3 [*DeviceC-mst-region] commit [~DeviceC-mst-region] quit
# 配置接入层设备DeviceD的MST域。
<HUAWEI> system-view [~HUAWEI] sysname DeviceD [*HUAWEI] commit [~DeviceD] stp region-configuration [~DeviceD-mst-region] region-name RG1 [*DeviceD-mst-region] instance 1 vlan 2 [*DeviceD-mst-region] instance 2 vlan 3 [*DeviceD-mst-region] commit [~DeviceD-mst-region] quit
- 在域RG1内,配置MSTI1与MSTI2的根桥与备份根桥
- 配置MSTI1的根桥与备份根桥
# 配置核心层设备DeviceA为MSTI1的根桥。
[~DeviceA] stp instance 1 root primary [*DeviceA] commit
# 配置核心层设备DeviceB为MSTI1的备份根桥。
[~DeviceB] stp instance 1 root secondary [*DeviceB] commit
- 配置MSTI2的根桥与备份根桥
# 配置核心层设备DeviceB为MSTI2的根桥。
[~DeviceB] stp instance 2 root primary [*DeviceB] commit
# 配置核心层设备DeviceA为MSTI2的备份根桥。
[~DeviceA] stp instance 2 root secondary [*DeviceA] commit
- 配置MSTI1的根桥与备份根桥
- 配置实例MSTI1和MSTI2中将要被阻塞端口的路径开销值大于缺省值
- 端口路径开销值取值范围由路径开销计算方法决定,这里选择使用华为私有计算方法为例,配置实例MSTI1和MSTI2中将被阻塞端口的路径开销值为20000。
- 同一网络内所有交换设备的端口路径开销应使用相同的计算方法。
# 配置核心层设备DeviceA的端口路径开销的计算方法为华为私有计算方法。
[~DeviceA] stp pathcost-standard legacy [*DeviceA] commit
# 配置核心层设备DeviceB的端口路径开销的计算方法为华为的私有计算方法。
[~DeviceB] stp pathcost-standard legacy [*DeviceB] commit
# 配置接入层设备DeviceC的端口路径开销的计算方法为华为的私有计算方法,将端口100GE1/0/2在实例MSTI1中的路径开销值配置为20000。
[~DeviceC] stp pathcost-standard legacy [*DeviceC] interface 100ge 1/0/2 [*DeviceC-100GE1/0/2] description TO-CE16800-DEVICEB [*DeviceC-100GE1/0/2] stp instance 1 cost 20000 [*DeviceC-100GE1/0/2] commit [~DeviceC-100GE1/0/2] quit
# 配置接入层设备DeviceD的端口路径开销的计算方法为华为的私有计算方法,将端口100GE1/0/2在实例MSTI2中的路径开销值配置为20000。
[~DeviceD] stp pathcost-standard legacy [*DeviceD] interface 100ge 1/0/2 [*DeviceD-100GE1/0/2] description TO-CE16800-DEVICEA [*DeviceD-100GE1/0/2] stp instance 2 cost 20000 [*DeviceD-100GE1/0/2] commit [~DeviceD-100GE1/0/2] quit
- 使能MSTP,实现破除环路
设备上MSTP功能默认使能。
- 设备全局使能MSTP
# 在核心层设备DeviceA上启动MSTP。
[~DeviceA] stp enable [*DeviceA] commit
# 在核心层设备DeviceB上启动MSTP。
[~DeviceB] stp enable [*DeviceB] commit
# 在接入层设备DeviceC上启动MSTP。
[~DeviceC] stp enable [*DeviceC] commit
# 在接入层设备DeviceD上启动MSTP。
[~DeviceD] stp enable [*DeviceD] commit
- 将与Host相连的端口配置为边缘端口
# 配置接入层设备DeviceC端口100GE1/0/3为边缘端口。
[~DeviceC] interface 100ge 1/0/3 [~DeviceC-100GE1/0/3] description TO-HOSTA [*DeviceC-100GE1/0/3] stp edged-port enable [*DeviceC-100GE1/0/3] commit [~DeviceC-100GE1/0/3] quit
# 配置接入层设备DeviceD端口100GE1/0/3为边缘端口。
[~DeviceD] interface 100ge 1/0/3 [~DeviceD-100GE1/0/3] description TO-HOSTB [*DeviceD-100GE1/0/3] stp edged-port enable [*DeviceD-100GE1/0/3] commit [~DeviceD-100GE1/0/3] quit
- 设备全局使能MSTP
- 配置保护功能,如在各实例的根桥设备的指定端口配置根保护功能(以DeviceA、DeviceB、DeviceC和DeviceD为例)# 在核心层设备DeviceA端口100GE1/0/1上启动根保护。
[~DeviceA] interface 100ge 1/0/1 [~DeviceA-100GE1/0/1] description TO-CE6800-DEVICEC [*DeviceA-100GE1/0/1] stp root-protection [*DeviceA-100GE1/0/1] commit [~DeviceA-100GE1/0/1] quit
# 在核心层设备DeviceB端口100GE1/0/3上启动根保护。
[~DeviceB] interface 100ge 1/0/3 [~DeviceB-100GE1/0/3] description TO-CE6800-DEVICED [*DeviceB-100GE1/0/3] stp root-protection [*DeviceB-100GE1/0/3] commit [~DeviceB-100GE1/0/3] quit
- 配置处于环网中的设备的二层转发功能(以DeviceA、DeviceB、DeviceC和DeviceD为例)
- 在交换设备DeviceA、DeviceB、DeviceC上创建VLAN2~3
# 在核心层设备DeviceA上创建VLAN2~3。
[~DeviceA] vlan batch 2 to 3# 在核心层设备DeviceB上创建VLAN2~3。
[~DeviceB] vlan batch 2 to 3# 在接入层设备DeviceC上创建VLAN2。
[~DeviceC] vlan batch 2# 在接入层设备DeviceD上创建VLAN3。
[~DeviceD] vlan batch 3 - 将交换设备上接入环路中的端口加入VLAN
# 将核心层设备DeviceA端口100GE1/0/1加入VLAN。
[~DeviceA] interface 100ge 1/0/1 [~DeviceA-100GE1/0/1] port link-type trunk [*DeviceA-100GE1/0/1] port trunk allow-pass vlan 2 [*DeviceA-100GE1/0/1] undo port trunk allow-pass vlan 1 [*DeviceA-100GE1/0/1] commit [~DeviceA-100GE1/0/1] quit
# 将核心层设备DeviceA端口100GE1/0/2加入VLAN。
[~DeviceA] interface 100ge 1/0/2 [~DeviceA-100GE1/0/2] description TO-CE6800-DEVICED [*DeviceA-100GE1/0/2] port link-type trunk [*DeviceA-100GE1/0/2] port trunk allow-pass vlan 3 [*DeviceA-100GE1/0/2] undo port trunk allow-pass vlan 1 [*DeviceA-100GE1/0/2] commit [~DeviceA-100GE1/0/2] quit
# 将核心层设备DeviceA端口100GE1/0/5加入VLAN。
[~DeviceA] interface 100ge 1/0/5 [~DeviceA-100GE1/0/5] description TO-CE16800-DEVICEB [*DeviceA-100GE1/0/5] port link-type trunk [*DeviceA-100GE1/0/5] port trunk allow-pass vlan 2 to 3 [*DeviceA-100GE1/0/5] undo port trunk allow-pass vlan 1 [*DeviceA-100GE1/0/5] commit [~DeviceA-100GE1/0/5] quit
# 将核心层设备DeviceB端口100GE1/0/3加入VLAN。
[~DeviceB] interface 100ge 1/0/3 [~DeviceB-100GE1/0/3] port link-type trunk [*DeviceB-100GE1/0/3] port trunk allow-pass vlan 3 [*DeviceB-100GE1/0/3] undo port trunk allow-pass vlan 1 [*DeviceB-100GE1/0/3] commit [~DeviceB-100GE1/0/3] quit
# 将核心层设备DeviceB端口100GE1/0/4加入VLAN。
[~DeviceB] interface 100ge 1/0/4 [~DeviceB-100GE1/0/4] description TO-CE6800-DEVICEC [*DeviceB-100GE1/0/4] port link-type trunk [*DeviceB-100GE1/0/4] port trunk allow-pass vlan 2 [*DeviceB-100GE1/0/4] undo port trunk allow-pass vlan 1 [*DeviceB-100GE1/0/4] commit [~DeviceB-100GE1/0/4] quit
# 将核心层设备DeviceB端口100GE1/0/5加入VLAN。
[~DeviceB] interface 100ge 1/0/5 [~DeviceB-100GE1/0/5] description TO-CE16800-DEVICEA [*DeviceB-100GE1/0/5] port link-type trunk [*DeviceB-100GE1/0/5] port trunk allow-pass vlan 2 to 3 [*DeviceB-100GE1/0/5] undo port trunk allow-pass vlan 1 [*DeviceB-100GE1/0/5] commit [~DeviceB-100GE1/0/5] quit
# 将接入层设备DeviceC端口100GE1/0/1加入VLAN。
[~DeviceC] interface 100ge 1/0/1 [~DeviceC-100GE1/0/1] description TO-CE16800-DEVICEA [*DeviceC-100GE1/0/1] port link-type trunk [*DeviceC-100GE1/0/1] port trunk allow-pass vlan 2 [*DeviceC-100GE1/0/1] undo port trunk allow-pass vlan 1 [*DeviceC-100GE1/0/1] commit [~DeviceC-100GE1/0/1] quit
# 将接入层设备DeviceC端口100GE1/0/2加入VLAN。
[~DeviceC] interface 100ge 1/0/2 [~DeviceC-100GE1/0/2] port link-type trunk [*DeviceC-100GE1/0/2] port trunk allow-pass vlan 2 [*DeviceC-100GE1/0/2] undo port trunk allow-pass vlan 1 [*DeviceC-100GE1/0/2] commit [~DeviceC-100GE1/0/2] quit
# 将接入层设备DeviceC端口100GE1/0/3加入VLAN。
[~DeviceC] interface 100ge 1/0/3 [~DeviceC-100GE1/0/3] port link-type access [*DeviceC-100GE1/0/3] port default vlan 2 [*DeviceC-100GE1/0/3] commit [~DeviceC-100GE1/0/3] quit
# 将接入层设备DeviceD端口100GE1/0/1加入VLAN。
[~DeviceD] interface 100ge 1/0/1 [~DeviceD-100GE1/0/1] description TO-CE16800-DEVICEB [*DeviceD-100GE1/0/1] port link-type trunk [*DeviceD-100GE1/0/1] port trunk allow-pass vlan 3 [*DeviceD-100GE1/0/1] undo port trunk allow-pass vlan 1 [*DeviceD-100GE1/0/1] commit [~DeviceD-100GE1/0/1] quit
# 将接入层设备DeviceD端口100GE1/0/2加入VLAN。
[~DeviceD] interface 100ge 1/0/2 [~DeviceD-100GE1/0/2] port link-type trunk [*DeviceD-100GE1/0/2] port trunk allow-pass vlan 3 [*DeviceD-100GE1/0/2] undo port trunk allow-pass vlan 1 [*DeviceD-100GE1/0/2] commit [~DeviceD-100GE1/0/2] quit
# 将接入层设备DeviceD端口100GE1/0/3加入VLAN。
[~DeviceD] interface 100ge 1/0/3 [~DeviceD-100GE1/0/3] port link-type access [*DeviceD-100GE1/0/3] port default vlan 3 [*DeviceD-100GE1/0/3] commit [~DeviceD-100GE1/0/3] quit
- 在交换设备DeviceA、DeviceB、DeviceC上创建VLAN2~3
- 配置设备间的网络互连# 配置设备各接口的IP地址,以核心层设备DeviceA为例。其他设备的配置与之类似,详见配置脚本。
[~DeviceA] vlan batch 6 [*DeviceA] interface 100ge 1/0/6 [*DeviceA-100GE1/0/6] description TO-DEVICEG [*DeviceA-100GE1/0/6] port link-type trunk [*DeviceA-100GE1/0/6] port trunk allow-pass vlan 6 [*DeviceA-100GE1/0/6] undo port trunk allow-pass vlan 1 [*DeviceA-100GE1/0/6] quit [*DeviceA] interface vlanif 2 [*DeviceA-Vlanif2] ip address 10.1.2.102 24 [*DeviceA-Vlanif2] quit [*DeviceA] interface vlanif 3 [*DeviceA-Vlanif3] ip address 10.1.3.102 24 [*DeviceA-Vlanif3] quit [*DeviceA] interface vlanif 4 [*DeviceA-Vlanif4] ip address 10.1.4.102 24 [*DeviceA-Vlanif4] quit [*DeviceA] interface vlanif 5 [*DeviceA-Vlanif5] ip address 10.1.5.102 24 [*DeviceA-Vlanif5] quit [*DeviceA] interface vlanif 6 [*DeviceA-Vlanif6] ip address 10.1.6.102 24 [*DeviceA-Vlanif6] quit [*DeviceA] commit
# 配置核心层设备和出口路由器之间采用OSPF协议进行互连。以核心层设备DeviceA为例,其他设备的配置与之类似,详见配置脚本。
[~DeviceA] ospf 1 [*DeviceA-ospf-1] area 0 [*DeviceA-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255 [*DeviceA-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255 [*DeviceA-ospf-1-area-0.0.0.0] network 10.1.4.0 0.0.0.255 [*DeviceA-ospf-1-area-0.0.0.0] network 10.1.5.0 0.0.0.255 [*DeviceA-ospf-1-area-0.0.0.0] network 10.1.6.0 0.0.0.255 [*DeviceA-ospf-1-area-0.0.0.0] quit [*DeviceA-ospf-1] quit [*DeviceA] commit
- 配置VRRP备份组# 在核心层设备DeviceA和DeviceB上创建VRRP备份组1,配置DeviceA的优先级为120,抢占延时为20秒,作为Master设备;DeviceB的优先级为缺省值,作为Backup设备。
- DeviceA
[~DeviceA] interface vlanif 2 [~DeviceA-Vlanif2] vrrp vrid 1 virtual-ip 10.1.2.100 [*DeviceA-Vlanif2] vrrp vrid 1 priority 120 [*DeviceA-Vlanif2] vrrp vrid 1 preempt timer delay 20 [*DeviceA-Vlanif2] commit [~DeviceA-Vlanif2] quit
- DeviceB
[~DeviceB] interface vlanif 2 [~DeviceB-Vlanif2] vrrp vrid 1 virtual-ip 10.1.2.100 [*DeviceB-Vlanif2] commit [~DeviceB-Vlanif2] quit
# 在核心层设备DeviceA和DeviceB上创建VRRP备份组2,配置DeviceB的优先级为120,抢占延时为20秒,作为Master设备;DeviceA的优先级为缺省值,作为Backup设备。
- DeviceB
[~DeviceB] interface vlanif 3 [~DeviceB-Vlanif3] vrrp vrid 2 virtual-ip 10.1.3.100 [*DeviceB-Vlanif3] vrrp vrid 2 priority 120 [*DeviceB-Vlanif3] vrrp vrid 2 preempt timer delay 20 [*DeviceB-Vlanif3] commit [~DeviceB-Vlanif3] quit
- DeviceA
[~DeviceA] interface vlanif 3 [~DeviceA-Vlanif3] vrrp vrid 2 virtual-ip 10.1.3.100 [*DeviceA-Vlanif3] commit [~DeviceA-Vlanif3] quit
# 在核心层设备DeviceA和DeviceB上创建VRRP备份组3,配置DeviceA的优先级为120,抢占延时为20秒,作为Master设备;DeviceB的优先级为缺省值,作为Backup设备。
- DeviceA
[~DeviceA] interface vlanif 4 [~DeviceA-Vlanif4] vrrp vrid 3 virtual-ip 10.1.4.100 [*DeviceA-Vlanif4] vrrp vrid 3 priority 120 [*DeviceA-Vlanif4] vrrp vrid 3 preempt timer delay 20 [*DeviceA-Vlanif4] commit [~DeviceA-Vlanif4] quit
- DeviceB
[~DeviceB] interface vlanif 4 [~DeviceB-Vlanif4] vrrp vrid 3 virtual-ip 10.1.4.100 [*DeviceB-Vlanif4] commit [~DeviceB-Vlanif4] quit
# 在核心层设备DeviceA和DeviceB上创建VRRP备份组4,配置DeviceB的优先级为120,抢占延时为20秒,作为Master设备;DeviceA的优先级为缺省值,作为Backup设备。
- DeviceB
[~DeviceB] interface vlanif 5 [~DeviceB-Vlanif5] vrrp vrid 4 virtual-ip 10.1.5.100 [*DeviceB-Vlanif5] vrrp vrid 4 priority 120 [*DeviceB-Vlanif5] vrrp vrid 4 preempt timer delay 20 [*DeviceB-Vlanif5] commit [~DeviceB-Vlanif5] quit
- DeviceA
[~DeviceA] interface vlanif 5 [~DeviceA-Vlanif5] vrrp vrid 4 virtual-ip 10.1.5.100 [*DeviceA-Vlanif5] commit [~DeviceA-Vlanif5] quit
# 配置主机HostA的缺省网关为备份组1的虚拟IP地址10.1.2.100,配置主机HostB的缺省网关为备份组2的虚拟IP地址10.1.3.100,配置主机HostC的缺省网关为备份组3的虚拟IP地址10.1.4.100,配置主机HostD的缺省网关为备份组4的虚拟IP地址10.1.5.100。
- DeviceA
检查配置结果
- 完成上述配置后,在核心层设备DeviceA上执行display vrrp命令,可以看到DeviceA在备份组1中作为Master设备,在备份组2中作为Backup设备。
<DeviceA> display vrrp verbose Vlanif2 | Virtual Router 1 State : Master Virtual IP : 10.1.2.100 Master IP : 10.1.2.102 PriorityRun : 120 PriorityConfig : 120 MasterPriority : 120 Preempt : YES Delay Time : 20 s Remain : -- TimerRun : 1 s TimerConfig : 1 s Auth Type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config Type : Normal Create Time : 2022-05-11 11:39:18 Last Change Time : 2022-05-26 11:38:58 Vlanif3 | Virtual Router 2 State : Backup Virtual IP : 10.1.3.100 Master IP : 10.1.3.103 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 120 Preempt : YES Delay Time : 0 s Remain : -- TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0102 Check TTL : YES Config Type : Normal Create Time : 2022-05-11 11:40:18 Last Change Time : 2022-05-26 11:48:58 - 在核心层设备DeviceB上执行display vrrp命令,可以看到DeviceB在备份组1中作为Backup设备,在备份组2中作为Master设备。
<DeviceB> display vrrp verbose Vlanif2 | Virtual Router 1 State : Backup Virtual IP : 10.1.2.100 Master IP : 10.1.2.102 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 120 Preempt : YES Delay Time : 0 s Remain : -- TimerRun : 1 s TimerConfig : 1 s Auth Type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config Type : Normal Create Time : 2022-05-11 11:39:18 Last Change Time : 2022-05-26 11:38:58 Vlanif3 | Virtual Router 2 State : Master Virtual IP : 10.1.3.100 Master IP : 10.1.3.103 PriorityRun : 120 PriorityConfig : 120 MasterPriority : 120 Preempt : YES Delay Time : 20 s Remain : -- TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0102 Check TTL : YES Config Type : Normal Create Time : 2022-05-11 11:40:18 Last Change Time : 2022-05-26 11:48:58
配置脚本
- 核心层设备DeviceA的配置脚本
# sysname DeviceA # vlan batch 2 to 6 # stp instance 1 root primary stp instance 2 root secondary stp instance 3 root primary stp instance 4 root secondary stp pathcost-standard legacy # stp region-configuration region-name RG1 instance 1 vlan 2 instance 2 vlan 3 instance 3 vlan 4 instance 4 vlan 5 # interface Vlanif2 ip address 10.1.2.102 255.255.255.0 vrrp vrid 1 virtual-ip 10.1.2.100 vrrp vrid 1 priority 120 vrrp vrid 1 preempt timer delay 20 # interface Vlanif3 ip address 10.1.3.102 255.255.255.0 vrrp vrid 2 virtual-ip 10.1.3.100 # interface Vlanif4 ip address 10.1.4.102 255.255.255.0 vrrp vrid 3 virtual-ip 10.1.4.100 vrrp vrid 3 priority 120 vrrp vrid 3 preempt timer delay 20 # interface Vlanif5 ip address 10.1.5.102 255.255.255.0 vrrp vrid 4 virtual-ip 10.1.5.100 # interface Vlanif6 ip address 10.1.6.102 255.255.255.0 # interface 100GE1/0/1 description TO-CE6800-DEVICEC port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 2 stp root-protection # interface 100GE1/0/2 description TO-CE6800-DEVICED port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 3 # interface 100GE1/0/3 description TO-CE6800-DEVICEE port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 4 stp root-protection # interface 100GE1/0/4 description TO-CE6800-DEVICEF port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 5 # interface 100GE1/0/5 description TO-CE16800-DEVICEB port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 2 to 5 # interface 100GE1/0/6 description TO-DEVICEG port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 6 # ospf 1 area 0.0.0.0 network 10.1.2.0 0.0.0.255 network 10.1.3.0 0.0.0.255 network 10.1.4.0 0.0.0.255 network 10.1.5.0 0.0.0.255 network 10.1.6.0 0.0.0.255 # return
- 核心层设备DeviceB的配置脚本
# sysname DeviceB # vlan batch 2 to 5 7 # stp instance 1 root secondary stp instance 2 root primary stp instance 3 root secondary stp instance 4 root primary stp pathcost-standard legacy # stp region-configuration region-name RG1 instance 1 vlan 2 instance 2 vlan 3 instance 3 vlan 4 instance 4 vlan 5 # interface Vlanif2 ip address 10.1.2.103 255.255.255.0 vrrp vrid 1 virtual-ip 10.1.2.100 # interface Vlanif3 ip address 10.1.3.103 255.255.255.0 vrrp vrid 2 virtual-ip 10.1.3.100 vrrp vrid 2 priority 120 vrrp vrid 2 preempt timer delay 20 # interface Vlanif4 ip address 10.1.4.103 255.255.255.0 vrrp vrid 3 virtual-ip 10.1.4.100 # interface Vlanif5 ip address 10.1.5.103 255.255.255.0 vrrp vrid 4 virtual-ip 10.1.5.100 vrrp vrid 4 priority 120 vrrp vrid 4 preempt timer delay 20 # interface Vlanif7 ip address 10.1.7.103 255.255.255.0 # interface 100GE1/0/1 description TO-CE6800-DEVICEF port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 5 stp root-protection # interface 100GE1/0/2 description TO-CE6800-DEVICEE port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 4 # interface 100GE1/0/3 description TO-CE6800-DEVICED port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 3 stp root-protection # interface 100GE1/0/4 description TO-CE6800-DEVICEC port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 2 # interface 100GE1/0/5 description TO-CE16800-DEVICEA port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 2 to 5 # interface 100GE1/0/6 description TO-CE16800-DEVICEH port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 7 # ospf 1 area 0.0.0.0 network 10.1.2.0 0.0.0.255 network 10.1.3.0 0.0.0.255 network 10.1.4.0 0.0.0.255 network 10.1.5.0 0.0.0.255 network 10.1.7.0 0.0.0.255 # return
- 接入层设备DeviceC的配置脚本
# sysname DeviceC # vlan batch 2 # stp pathcost-standard legacy # stp region-configuration region-name RG1 instance 1 vlan 2 instance 2 vlan 3 instance 3 vlan 4 instance 4 vlan 5 # interface 100GE1/0/1 description TO-CE16800-DEVICEA port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 2 # interface 100GE1/0/2 description TO-CE16800-DEVICEB port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 2 stp instance 1 cost 20000 # interface 100GE1/0/3 description TO-HOSTA port default vlan 2 stp edged-port enable # return
- 接入层设备DeviceD的配置脚本
# sysname DeviceD # vlan batch 3 # stp pathcost-standard legacy # stp region-configuration region-name RG1 instance 1 vlan 2 instance 2 vlan 3 instance 3 vlan 4 instance 4 vlan 5 # interface 100GE1/0/1 description TO-CE16800-DEVICEB port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 3 # interface 100GE1/0/2 description TO-CE16800-DEVICEA port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 3 stp instance 2 cost 20000 # interface 100GE1/0/3 description TO-HOSTB port default vlan 3 stp edged-port enable # return
- 接入层DeviceE的配置脚本
# sysname DeviceE # vlan batch 4 # stp pathcost-standard legacy # stp region-configuration region-name RG1 instance 1 vlan 2 instance 2 vlan 3 instance 3 vlan 4 instance 4 vlan 5 # interface 100GE1/0/1 description TO-CE16800-DEVICEA port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 4 # interface 100GE1/0/2 description TO-CE16800-DEVICEB port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 4 stp instance 1 cost 20000 # interface 100GE1/0/3 description TO-HOSTC port default vlan 4 stp edged-port enable # return
- 接入层DeviceF的配置脚本
# sysname DeviceF # vlan batch 5 # stp pathcost-standard legacy # stp region-configuration region-name RG1 instance 1 vlan 2 instance 2 vlan 3 instance 3 vlan 4 instance 4 vlan 5 # interface 100GE1/0/1 description TO-CE16800-DEVICEB port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 5 # interface 100GE1/0/2 description TO-CE16800-DEVICEA port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 5 stp instance 2 cost 20000 # interface 100GE1/0/3 description TO-HOSTD port default vlan 5 stp edged-port enable # return
版权声明:
作者:SE_YT
链接:https://www.cnesa.cn/2785.html
来源:CNESA
文章版权归作者所有,未经允许请勿转载。
THE END
0
二维码
打赏
海报
基于VRRP的二层架构数据中心网络部署举例
适用产品和版本
CloudEngine系列交换机V300R020C00或更高版本。
如果需要了解软件版本与交换机具体型号的配套信息,请查看硬件中心。
组网需求
在数据中心场景中,接入层交换机以双上行方式接入核心层。用户希望:
考虑到业务的可靠性,部署冗余链路,在一条上行链路断开的时候,流量能切换到另外一条上行链路转发。
避免冗余备份链路导致的环网问题,消除网络中的环路。
图1 基于VRRP的二层架构数据中心网络组网
表1 数据准备表
设备
VLAN及IP地址
接口
描述
DeviceA
VLAN:2
IP地址:10.1.2.102/24
虚拟IP地址:10.1.2.100
100GE1/0/1
TO-CE6800-DEVICEC
100GE1/0/5
TO-CE16800-DEVICEB
VLAN:3
IP地址:10.1.3.102/24
虚拟IP地址:10.1.3.100
100GE1/0/2
TO-CE6800-DEVICED
100GE1/0/5
TO-CE16800-DEVICEB
VLAN:4
IP地址:10.1.4.102/24
虚拟IP地址:10.1.4.100
100GE1/0/3
TO-CE6800-DEVICEE
100GE1/0/5
TO-CE16800-DEVICEB
VLAN:5
IP地址:10.1.5.102/24
虚拟IP地址:10.1.5.100
100GE1/0/4
TO-CE6800-DEVICEF
100GE1/0/5
TO-CE16800-DEVICEB
VLAN:6
IP地址:10.1.6.102/24
100GE1/0/6
TO-DEVICEG
DeviceB
VLAN:2
IP地址:10.1.2.103/24
虚拟IP地址:10.1.2.100
100GE1/0/4
TO-CE6800-DEVICEC
100GE1/0/5
TO-CE16800-DEVICEA
VLAN:3
IP地址:10.1.3.103/24
虚拟IP地址:10.1.3.100
100GE1/0/3
TO-CE6800-DEVICED
100GE1/0/5
TO-CE16800-DEVICEA
VLAN:4
IP地址:10.1.4.103/24
虚拟IP地址:10.1.4.100
100GE1/0/2
TO-CE6800-DEVICEE
100GE1/0/5
TO-CE16800-DEVICEA
VLAN:5
IP地址:10.1.5.103/24
虚拟IP地址:10.1.5.100
100GE1/0/1
TO-CE6800-DEVICEF
100GE1/0/5
TO-CE16800-DEVICEA
VLAN:7
IP地址:10.1.7.103/24
100GE1/0/6
TO-DEVICEH
……
共有 0 条评论