热备份路由器协议HSRP和虚拟路由器冗余协议VRRP
HSRP:
该协议中含有多台路由器,对应一个HSRP组。该组中只有一个路由器承担转发用户流量的职责,这就是活动路由器。当活动路由器失效后,备份路由器将承担该职责,成为新的活动路由器。这就是热备份的原理。
我们通过一个小案例说明它的热备份原理。
案例拓扑:
实验原理:
R1作为vlan10用户的的主路由器,即vlan10用户访问inter网时,数据都走r1通过,当r1坏掉时,vlan10用户的数据可以通过r2访问internet
R2作为vlan20用户的的主路由器,即vlan20用户访问inter网时,数据都走r2通过,当r2坏掉时,vlan20用户的数据可以通过r1访问internet
当然我们还可以在sw1和sw2之间做端口聚合,再做一次备份
参考配置:
r1# show run
Building configuration...
Current configuration : 1199 bytes
!
version 12.4
!
hostname r1
!
interface FastEthernet0/0
ip address 1.1.1.1 255.255.255.0
ip nat outside(作为nat的外部端口)
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet1/0
no ip address
ip nat inside(nat的内部端口)
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet1/0.10(划分子接口)
encapsulation dot1Q 10(封装dot1q)
ip address 192.168.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly
standby 10 ip 192.168.10.254
standby 10 priority 120(作为vlan10的主路由器)
standby 10 preempt
standby 10 track FastEthernet0/0 30(在fa0/0上做端口监听,若出现故障优先级减30)
!
interface FastEthernet1/0.20(划分子接口)
encapsulation dot1Q 20(封装dot1q)
ip address 192.168.20.1 255.255.255.0
ip nat inside
ip virtual-reassembly
standby 20 ip 192.168.20.254(r1为vlan20的备份路由器)
!
ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 1.1.1.2
!
ip nat inside source list 1 interface FastEthernet0/0 overload(nat端口复用)
!
access-list 1 permit any
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
!
End
r2#show run
Building configuration...
Current configuration : 1209 bytes
!
version 12.4
!
hostname r2
!
interface FastEthernet0/0
no ip address
ip nat inside(nat内部端口)
ip virtual-reassembly
shutdown
duplex auto
speed auto
!
interface FastEthernet0/0.10(划分子接口)
encapsulation dot1Q 10(封装dot1q)
ip address 192.168.10.2 255.255.255.0
ip nat inside
ip virtual-reassembly
standby 10 ip 192.168.10.254(r2作为vlan10的备份路由)
!
interface FastEthernet0/0.20(划分子接口)
encapsulation dot1Q 20(封装dot1q)
ip address 192.168.20.2 255.255.255.0
ip nat inside
ip virtual-reassembly
standby 20 ip 192.168.20.254
standby 20 priority 120(r2作为vlan10的主路由)
standby 20 preempt
standby 20 track FastEthernet1/0 30(在fa1/0上监听当路由器出现故障优先级降低30)
!
interface FastEthernet1/0
ip address 2.2.2.1 255.255.255.0
ip nat outside(nat外部端口)
ip virtual-reassembly
duplex auto
speed auto
!
ip route 0.0.0.0 0.0.0.0 2.2.2.2
!
ip nat inside source list 1 interface FastEthernet1/0 overload(nat端口复用)
!
access-list 1 permit any
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
End
sw1#show run
Building configuration...
Current configuration : 1060 bytes
!
version 12.4
hostname sw1
interface FastEthernet0/1
switchport mode trunk
!
interface FastEthernet0/10
switchport access vlan 10
!
interface FastEthernet0/14
switchport access vlan 20
!
interface FastEthernet0/15
switchport mode trunk
!
interface Vlan10
no ip address
!
interface Vlan20
no ip address
End
sw2#show run
Building configuration...
Current configuration : 987 bytes
!
version 12.4
hostname sw2
interface FastEthernet0/0
switchport mode trunk
!
interface FastEthernet0/10
switchport access vlan 10
!
interface FastEthernet0/14
switchport access vlan 20
!
interface FastEthernet0/15
switchport mode trunk
!
interface Vlan1
no ip address
!
interface Vlan10
no ip address
!
interface Vlan20
no ip address
end
isp#show run
Building configuration...
Current configuration : 669 bytes
!
version 12.4
hostname isp
!
interface Loopback1
ip address 3.3.3.3 255.255.255.0
!
interface FastEthernet0/0
ip address 1.1.1.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet10
ip address 2.2.2.2 255.255.255.0
duplex auto
speed auto
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
End