Shulou(Shulou.com)06/01 Report--

Gateway redundancy protocol

HSRP-Cisco Private VRRP-Public Standard after the previous study, we have fully mastered the communication process in a network segment.

Familiar with how the switch works and how to distinguish between different broadcast domains on layer 2 devices-VLAN

And the simple communication between different VLAN, also have some understanding.

Communication between different VLAN, which we call routing, uses the concept of gateway.

In order to improve the stability of the network, we can deploy multiple gateways in the network.

When the terminal host is on the Internet, you can choose any one of them to access the external network.

If one gateway is down, you can choose another.

A backup can be formed between the two gateways.

Moreover, when the two gateway devices are intact, traffic can be carried out between the two devices.

Load balancing of.

However, the problem is that we need to configure two gateway IP addresses on one end host

However, this approach is not possible because each end device can only be configured with one gateway.

In this way, every time the gateway equipment breaks down, we have to notify the terminal staff to replace it ourselves.

Gateway IP address, this way for users, the feeling is very bad.

Therefore, we can use virtualization technology to make two gateway devices virtual into one gateway.

Then, when we configure the gateway IP address on each end device, we configure only this one

The IP address of the virtual gateway is fine.

Later, when the terminal accesses the external network, it can send packets directly to the IP address of the virtual gateway.

Just do it.

The protocol that can realize gateway virtualization, also known as "gateway redundancy" protocol, is divided into

Private protocol-HSRP (hot-standby routing protocol)

Public Protocol-VRRP (virtual route redundancy protocol)

HSRP

-define the dual-computer hot backup protocol

By running the protocol between multiple gateways, you can virtualize a "virtual gateway"

The virtual gateway has its own virtual IP address and virtual MAC address.

-device Rol

Active: a router participating in the hsrp protocol with an active device

This device is the device that is really used to forward Internet data.

Standby: a router participating in the hsrp protocol with a backup device

When the active device dies, the device is upgraded to the active device.

Used to forward data

-Election principles:

Compare the priorities and IP addresses of multiple gateways participating in the HSRP protocol

First of all, compare the priority. The default is 100. The bigger the better.

If the priority is the same, compare the IP address, the larger the better

-configuration commands:

-HSRP

R1:

Interface gi0/0/0

No shutdown

Ip address 192.168.10.201 255.255.255.0 / / configure the IP address of gateway 1

Standby 10 ip 192.168.10.254 / configure the IP address of the virtual gateway in vlan 10

Standby 10 priority 105 / / configure the HSRP priority of gateway 1 in vlan10

Standby 10 preempt / / enable the preemption function of gateway 1 in HSRP group 10

R2:

Interface gi0/0/0

No shutdown

Ip address 192.168.10.202 255.255.255.0

Standby 10 ip 192.168.10.254

Standby 10 preempt / (optional)

-We can configure groups of HSRP for HSRP. Different VLAN/ broadcast domains use different HSRP groups to configure virtual gateways. Thus, the virtual gateway can load balance the traffic based on HSRP group. For example: layer 3 switch as the gateway core switch of VLAN, SW1 as the primary gateway of VLAN 10 and VLAN 20, as the secondary gateway core switch of VLAN 30 and VLAN 40, SW2 as the primary gateway of VLAN 30 and VLAN 40, as the secondary gateway of VLAN 10 and VLAN 20 The priority of the primary gateway is 105 and the priority of the secondary gateway is the default 100 After the primary gateway fails, the backup gateway can be upgraded to the primary gateway after the primary gateway is repaired. You can also preempt the original primary gateway identity VLAN10 IP address plan: PC-1: 192.168.10.1 255.255.255.0 192.168.10.254 (virtual gateway IP address) gateway-1: 192.168.10.100 255.255.255.0 Gateway-2: 192.168.10.200 255.255.255.0 VLAN20 IP address planning: PC-2: 192.168.20.1 255.255.255.0 192.168.20.254 (virtual gateway IP address) gateway-1: 192.168. 20.100 255.255.255.0 Gateway-2: 192.168.20.200 255.255.255.0

The configuration ideas of the above cases:

1. Configure the terminal device vlan 10, PC-1: 192.168.10.1 pick 24, 192.168.10.254 vlan 20, PC-1: 192.168.20.1 pick 24 192.168.20.254 2, configure network devices-SW1 # create VLAN # configure port mode # put in the specified VLAN or make trunk # start routing # configure gateway port IP address # configure HSRP for gateway Configure it as the primary root of VLAN 10 and VLAN 20 # configure HSRP for the gateway, configure it as the secondary root of VLAN 30 and VLAN 30-SW2 # create VLAN # configure port mode # put it into the specified VLAN or make trunk # start routing function # configure gateway port IP address # configure HSRP for gateway Configure it as the secondary root of VLAN 10 and VLAN 20 # configure HSRP for the gateway Configure it as the primary root of VLAN 30 and VLAN 30-SW3 # create VLAN # configure interconnect port (access / trunk) 3, verify and test SW1/2: show vlan brief shwo interface trunk show standby-View HSRP configuration information debug ip icmp PC-1/2: ipconfig ping 192.168.x.x

HSRP- Cisco Private

Multiple groups are supported; all of them can be used for traffic load balancing based on groups. HSRP/VRRP, can not achieve gateway redundancy, but also can achieve load balancing. 100 files, 10 people-> 10 pieces per person (equivalent load balancing) 100 files, 5 people processing 80 files, 5 people processing 20 files -non-equal cost load balancer unique quintuple of a traffic: SMAC+DMAC-- SIP+DIP-- TCP/UDP+port based on MAC address load balancing SMAC DMAC based on IP address load balancing SIP DIP

Interface fas0/0

Standby 10 ip x.x.x.x

HSRP:

Active

Standby

Implement VRRP configuration on Cisco devices:

Configuration: interface fas0/0

Vrrp 10 ip x.x.x.x

Verify show vrrp

VRRP- public standard

Huawei equipment configuration

Interface gi0/0/0

Vrrp vrid 10 virtual-ip 192.168.10.250

Verify the command:

Display vrrp

-Optimization

Link tracking-Uplink tracking Technology

VRRP/HSRP master gateway, which can track the status of uplink

If the port down, you will actively lower your priority.

To ensure that the backup gateway can be upgraded to the main gateway immediately.

# configuration:

Interface vlanif 10

Vrrp vrid 10 track interface gi0/0/1 reduce 100

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.