VRRP原理与配置

发表于 更新于 分类于 阅读次数: Waline: 本文字数: 4.2k 阅读时长 ≈ 4 分钟
  • vrrp能够在不改变组网的情况下,将多台路由器虚拟成一个虚拟路由器,通过配置虚拟路由器的IP地址为默认网关,实现网关的备份。
  • vrrp协议(virtual router redundancy protocol,虚拟路由器冗余协议),由IETF标准RFC2338定义。
  • 协议版本:VRRPv2仅适用于IPV4网络。VRRPv3适用于IPV4和IPV6两种网络。
  • vrrp组成员角色:主(master)路由器,备份(backup)路由器,虚拟(virtual)路由器。

vrrp三种状态

  • Initialize(初始状态):所有路由器都从初始状态开始,即进程启动后进入此状态。
  • Backup(备份状态):接收主路由器发送的vrrp组播通告,由此判断主路由器的状态;丢弃发送到虚拟路由器的mac地址和IP地址的数据包;不响应对虚拟IP地址的ARP请求。
  • Master(主状态):定期发送vrrp组播通告;相应对虚拟IP地址的ARP请求;转发目的地址是虚拟Mac地址的IP数据包。

vrrp计时器

  • vrrp通告的发送时间默认为1s。
  • master_down_interval时间:即备份路由器一段时间没有收到主路由器的vrrp通告,则认为主路由器异常,自身成为主路由器。
  • master_down_interval时间是3倍的vrrp通告发送时间再加上一个偏移时间。

vrrp端口跟踪

  • 上行端口不可用时,vrrp优先级降低。
  • 主路由器可以根据线路情况自动调整。

vrrp认证

认证方式:

1
2
3
无认证
简单(明文)认证
MD5(加密)认证

下面是一个简单的实验

  • sw1的配置
1
2
3
4
5
6
7
8
9
10
11
12
13
14
[huawei] vlan 2 
[Huawei-Vlanif2] ip address 192.168.20.1 30
[Huawei-Vlanif1] ip address 192.168.10.1 255.255.255.0
[Huawei-Vlanif1] vrrp vrid 1 virtual-ip 192.168.10.254
[Huawei-Vlanif1] vrrp vrid 1 priority 200
[Huawei-Vlanif1] vrrp vrid 1 preempt-mode timer delay 20
[Huawei-Vlanif1] vrrp vrid 1 track interface GigabitEthernet0/0/2 reduced 100
[Huawei-Vlanif1] interface GigabitEthernet0/0/1
[Huawei-GigabitEthernet0/0/1] port link-type trunk
[Huawei-GigabitEthernet0/0/1] port trunk allow-pass vlan all
[Huawei-GigabitEthernet0/0/1] interface GigabitEthernet0/0/2
[Huawei-GigabitEthernet0/0/2] port link-type access
[Huawei-GigabitEthernet0/0/2] port default vlan 2
[Huawei-GigabitEthernet0/0/2] ip route-static 0.0.0.0 0.0.0.0 192.168.20.2
  • sw2的配置
1
2
3
4
5
6
7
8
9
10
11
12
[huawei] vlan 2 
[Huawei-Vlanif2] ip address 192.168.30.1 30
[Huawei-Vlanif1] ip address 192.168.10.253 255.255.255.0
[Huawei-Vlanif1] vrrp vrid 1 virtual-ip 192.168.10.254
[Huawei-Vlanif1] vrrp vrid 1 priority 150
[Huawei-Vlanif1] interface GigabitEthernet0/0/1
[Huawei-GigabitEthernet0/0/1] port link-type trunk
[Huawei-GigabitEthernet0/0/1] port trunk allow-pass vlan all
[Huawei-GigabitEthernet0/0/1] interface GigabitEthernet0/0/2
[Huawei-GigabitEthernet0/0/2] port link-type access
[Huawei-GigabitEthernet0/0/2] port default vlan 2
[Huawei-GigabitEthernet0/0/2] ip route-static 0.0.0.0 0.0.0.0 192.168.30.2
  • r1的配置
1
2
3
4
5
6
7
8
[huawei] interface GigabitEthernet0/0/0
[Huawei-GigabitEthernet0/0/0] ip address 192.168.20.2 255.255.255.252
[Huawei-GigabitEthernet0/0/0] interface GigabitEthernet0/0/1
[Huawei-GigabitEthernet0/0/1] ip address 192.168.30.2 255.255.255.252 
[Huawei-GigabitEthernet0/0/1] interface LoopBack0
[Huawei-LoopBack0] ip address 10.10.10.200 255.255.255.0 
[huawei] ip route-static 192.168.10.0 255.255.255.0 192.168.20.1
[huawei] ip route-static 192.168.10.0 255.255.255.0 192.168.30.1 preference 100
  • 查看vrrp信息

sw1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
[Huawei]dis vrrp
  Vlanif1  Virtual Router 1
    State : Master
    Virtual IP : 192.168.10.254
    Master IP : 192.168.10.1
    PriorityRun : 200
    PriorityConfig : 200
    MasterPriority : 200
    Preempt : YES   Delay Time : 20 s
    TimerRun : 1 s
    TimerConfig : 1 s
    Auth type : NONE
    Virtual MAC : 0000-5e00-0101
    Check TTL : YES
    Config type : normal-vrrp
    Track IF : GigabitEthernet0/0/2   Priority reduced : 100
    IF state : UP
    Create time : 2019-08-12 11:20:09 UTC-08:00
    Last change time : 2019-08-12 18:33:42 UTC-08:00

sw2

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
[Huawei]dis vrrp
  Vlanif1  Virtual Router 1
    State : Backup
    Virtual IP : 192.168.10.254
    Master IP : 192.168.10.1
    PriorityRun : 150
    PriorityConfig : 150
    MasterPriority : 200
    Preempt : YES   Delay Time : 0 s
    TimerRun : 1 s
    TimerConfig : 1 s
    Auth type : NONE
    Virtual MAC : 0000-5e00-0101
    Check TTL : YES
    Config type : normal-vrrp
    Create time : 2019-08-12 11:30:17 UTC-08:00
    Last change time : 2019-08-12 18:33:43 UTC-08:00

R1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
[Huawei]dis ip routing-table 
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
         Destinations : 14       Routes : 14

Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface

     10.10.10.0/24  Direct  0    0           D   10.10.10.200    LoopBack0
   10.10.10.200/32  Direct  0    0           D   127.0.0.1       LoopBack0
   10.10.10.255/32  Direct  0    0           D   127.0.0.1       LoopBack0
      127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0
      127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0
127.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0
   192.168.10.0/24  Static  60   0          RD   192.168.20.1    GigabitEthernet
0/0/0
   192.168.20.0/30  Direct  0    0           D   192.168.20.2    GigabitEthernet
0/0/0
   192.168.20.2/32  Direct  0    0           D   127.0.0.1       GigabitEthernet
0/0/0
   192.168.20.3/32  Direct  0    0           D   127.0.0.1       GigabitEthernet
0/0/0
   192.168.30.0/30  Direct  0    0           D   192.168.30.2    GigabitEthernet
0/0/1
   192.168.30.2/32  Direct  0    0           D   127.0.0.1       GigabitEthernet
0/0/1
   192.168.30.3/32  Direct  0    0           D   127.0.0.1       GigabitEthernet
0/0/1
255.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0