配置VRRP多网关负载分担
组网需求
在网关设备上配置VRRP主备备份功能,可以很方便的实现网关的冗余备份。为减轻主用设备对数据流量的承载压力,用户可以通过配置VRRP多网关负载分担实现上行流量的负载均衡。
如图1所示。DeviceD双归接入DeviceA和DeviceB,用户希望部分主机通过DeviceA进行数据转发,DeviceB作为备份;其余主机通过DeviceB进行数据转发,DeviceA作为备份。此时DeviceA和DeviceB即能相互备份,又能分担数据流量。
配置注意事项
DeviceA的接口100GE1/0/3和DeviceB的接口100GE1/0/3的IP地址必须在相同的网段内。
为了提升安全性,在配置该示例时推荐配置VRRP安全策略,详细配置方式请参见“举例:配置VRRP主备备份”。
操作步骤
- 配置DeviceA、DeviceB和DeviceC各接口的IP地址,并配置采用OSPF协议进行互连。DeviceD的配置详见配置脚本。
# 配置DeviceA。
<HUAWEI> system-view [~HUAWEI] sysname DeviceA [*HUAWEI] commit [~DeviceA] interface 100ge1/0/3 [~DeviceA-100GE1/0/3] undo portswitch [*DeviceA-100GE1/0/3] ip address 10.1.1.1 24 [*DeviceA-100GE1/0/3] quit [*DeviceA] interface 100ge1/0/1 [*DeviceA-100GE1/0/1] undo portswitch [*DeviceA-100GE1/0/1] ip address 192.168.1.1 24 [*DeviceA-100GE1/0/1] quit [*DeviceA] ospf 1 [*DeviceA-ospf-1] area 0 [*DeviceA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [*DeviceA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [*DeviceA-ospf-1-area-0.0.0.0] quit [*DeviceA-ospf-1] quit [*DeviceA] commit
# 配置DeviceB。
<HUAWEI> system-view [~HUAWEI] sysname DeviceB [*HUAWEI] commit [~DeviceB] interface 100ge1/0/3 [~DeviceB-100GE1/0/3] undo portswitch [*DeviceB-100GE1/0/3] ip address 10.1.1.2 24 [*DeviceB-100GE1/0/3] quit [*DeviceB] interface 100ge1/0/2 [*DeviceB-100GE1/0/2] undo portswitch [*DeviceB-100GE1/0/2] ip address 192.168.2.1 24 [*DeviceB-100GE1/0/2] quit [*DeviceB] ospf 1 [*DeviceB-ospf-1] area 0 [*DeviceB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [*DeviceB-ospf-1-area-0.0.0.0] network 192.168.2.0 0.0.0.255 [*DeviceB-ospf-1-area-0.0.0.0] quit [*DeviceB-ospf-1] quit [*DeviceB] commit
# 配置DeviceC。
<HUAWEI> system-view [~HUAWEI] sysname DeviceC [~DeviceC] interface 100ge1/0/1 [~DeviceC-100GE1/0/1] undo portswitch [*DeviceC-100GE1/0/1] ip address 192.168.1.2 24 [*DeviceC-100GE1/0/1] quit [*DeviceC] interface 100ge1/0/2 [*DeviceC-100GE1/0/2] undo portswitch [*DeviceC-100GE1/0/2] ip address 192.168.2.2 24 [*DeviceC-100GE1/0/2] quit [*DeviceC] interface 100ge1/0/3 [*DeviceC-100GE1/0/3] undo portswitch [*DeviceC-100GE1/0/3] ip address 172.16.1.1 24 [*DeviceC-100GE1/0/3] quit [*DeviceC] ospf 1 [*DeviceC-ospf-1] area 0 [*DeviceC-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [*DeviceC-ospf-1-area-0.0.0.0] network 192.168.2.0 0.0.0.255 [*DeviceC-ospf-1-area-0.0.0.0] network 172.16.1.0 0.0.0.255 [*DeviceC-ospf-1-area-0.0.0.0] quit [*DeviceC-ospf-1] quit [*DeviceC] commit
- 配置VRRP备份组。
# 在DeviceA的接口上创建备份组1和备份组2,配置DeviceA在备份组1中的优先级为120(作为Master设备),在备份组2中的优先级为缺省值100(作为Backup设备)。
[~DeviceA] interface 100ge1/0/3 [~DeviceA-100GE1/0/3] vrrp vrid 1 virtual-ip 10.1.1.111 [*DeviceA-100GE1/0/3] vrrp vrid 1 priority 120 [*DeviceA-100GE1/0/3] vrrp vrid 2 virtual-ip 10.1.1.112 [*DeviceA-100GE1/0/3] quit [*DeviceA] commit
# 在DeviceB的接口上创建备份组1和备份组2,配置DeviceB在备份组1中的优先级为缺省值100(作为Backup设备),在备份组2中的优先级为120(作为Master设备)。
[~DeviceB] interface 100ge1/0/3 [~DeviceB-100GE1/0/3] vrrp vrid 1 virtual-ip 10.1.1.111 [*DeviceB-100GE1/0/3] vrrp vrid 2 virtual-ip 10.1.1.112 [*DeviceB-100GE1/0/3] vrrp vrid 2 priority 120 [*DeviceB-100GE1/0/3] quit [*DeviceB] commit
检查配置结果
# 在DeviceA和DeviceB上查看VRRP备份组的状态信息。
<DeviceA> display vrrp verbose 100GE1/0/3 | Virtual Router 1 State : Master Virtual IP : 10.1.1.1 Master IP : 10.1.1.1 PriorityRun : 120 PriorityConfig : 120 MasterPriority : 120 Preempt : YES Delay Time : 0s Remain : -- Hold Multiplier : 4 TimerRun : 1s TimerConfig : 1s Auth Type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config Type : Normal Create Time : 2020-12-29 05:41:23 Last Change Time : 2020-12-29 05:41:33 100GE1/0/3| Virtual Router 2 State : Backup Virtual IP : 10.1.1.112 Master IP : 10.1.1.2 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 120 Preempt : YES Delay Time : 0s Remain : -- Hold Multiplier : 4 TimerRun : 1s TimerConfig : 1s Auth Type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config Type : Normal Create Time : 2020-12-29 05:41:23 Last Change Time : 2020-12-29 05:41:33
<DeviceB> display vrrp verbose 100GE1/0/3 | Virtual Router 1 State : Backup Virtual IP : 10.1.1.111 Master IP : 10.1.1.1 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 120 Preempt : YES Delay Time : 0s Remain : -- Hold Multiplier : 4 TimerRun : 1s TimerConfig : 1s Auth Type : NONE Virtual MAC : 0000-5e00-0102 Check TTL : YES Config Type : Normal Create Time : 2020-12-29 05:41:23 Last Change Time : 2020-12-29 05:41:33 100GE1/0/3 | Virtual Router 2 State : Master Virtual IP : 10.1.1.112 Master IP : 10.1.1.2 PriorityRun : 120 PriorityConfig : 120 MasterPriority : 120 Preempt : YES Delay Time : 0s Remain : -- Hold Multiplier : 4 TimerRun : 1s TimerConfig : 1s Auth Type : NONE Virtual MAC : 0000-5e00-0102 Check TTL : YES Config Type : Normal Create Time : 2020-12-29 05:41:23 Last Change Time : 2020-12-29 05:41:33
可以看到DeviceA分别作为备份组1的Master设备和备份组2的Backup设备,DeviceB分别作为备份组1的Backup设备和备份组2的Master设备。
配置脚本
-
# sysname DeviceA # interface 100GE1/0/1 undo portswitch ip address 192.168.1.1 255.255.255.0 # interface 100GE1/0/3 undo portswitch ip address 10.1.1.1 255.255.255.0 vrrp vrid 1 virtual-ip 10.1.1.111 vrrp vrid 1 priority 120 vrrp vrid 2 virtual-ip 10.1.1.112 # ospf 1 area 0.0.0.0 network 192.168.1.0 0.0.0.255 network 10.1.1.0 0.0.0.255 # return
- DeviceB
# sysname DeviceB # interface 100GE1/0/2 undo portswitch ip address 192.168.2.1 255.255.255.0 # interface 100GE1/0/3 undo portswitch ip address 10.1.1.2 255.255.255.0 vrrp vrid 1 virtual-ip 10.1.1.111 vrrp vrid 2 virtual-ip 10.1.1.112 vrrp vrid 2 priority 120 # ospf 1 area 0.0.0.0 network 192.168.2.0 0.0.0.255 network 10.1.1.0 0.0.0.255 # return
- DeviceC
# sysname DeviceC # interface 100GE1/0/1 undo portswitch ip address 192.168.1.2 255.255.255.0 # interface 100GE1/0/2 undo portswitch ip address 192.168.2.2 255.255.255.0 # interface 100GE1/0/3 undo portswitch ip address 172.16.1.1 255.255.255.0 # ospf 1 area 0.0.0.0 network 192.168.1.0 0.0.0.255 network 192.168.2.0 0.0.0.255 network 172.16.1.0 0.0.0.255 # return
-
# sysname DeviceD # vlan batch 10 # interface 100GE1/0/1 port default vlan 10 # interface 100GE1/0/2 port default vlan 10 # return