Blog of Khlebalin Dmitriy

(Дорогу осилит идущий…)

VRRP Cisco.


В начале своего повествования, немного политинформации:

https://habr.com/ru/post/452490/

http://xgu.ru/wiki/VRRP_%D0%B2_Cisco

Набросаю схему:

Сконфигурим маршрутизаторы:

ISP:

ISP#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

ISP(config)#interface fastEthernet 0/0

ISP(config-if)#ip address 192.168.14.1 255.255.255.0

ISP(config-if)#no shutdown

ISP(config-if)#

*Mar  1 00:01:48.451: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up

*Mar  1 00:01:49.451: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up

ISP(config-if)#exit

ISP(config)#interface fastEthernet 0/1

ISP(config-if)#ip address 192.168.24.1 255.255.255.0

ISP(config-if)#no shutdown

*Mar  1 00:02:27.691: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up

*Mar  1 00:02:28.691: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up

ISP#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

ISP(config)#ip route 0.0.0.0 0.0.0.0 192.168.14.2 100

ISP(config)#end

ISP#

ISP#sh ip route

Codes: C — connected, S — static, R — RIP, M — mobile, B — BGP

D — EIGRP, EX — EIGRP external, O — OSPF, IA — OSPF inter area

N1 — OSPF NSSA external type 1, N2 — OSPF NSSA external type 2

E1 — OSPF external type 1, E2 — OSPF external type 2

i — IS-IS, su — IS-IS summary, L1 — IS-IS level-1, L2 — IS-IS level-2

ia — IS-IS inter area, * — candidate default, U — per-user static route

o — ODR, P — periodic downloaded static route

 

Gateway of last resort is 192.168.14.2 to network 0.0.0.0

 

C    192.168.14.0/24 is directly connected, FastEthernet0/0

C    192.168.24.0/24 is directly connected, FastEthernet0/1

S    192.168.1.0/24 is directly connected, FastEthernet0/1

S*   0.0.0.0/0 [100/0] via 192.168.14.2

ISP#sh run | i ip route

ip route 0.0.0.0 0.0.0.0 192.168.14.2 100

ISP(config)#ip route 192.168.1.0 255.255.255.0 192.168.24.2 200

## помимо статических маршрутов придется настроить IP SLA (благодарю Рому за помощь), чтобы роутер понимал, что маршрут уже «пал», и отправлял пакеты по другому живому маршруту (в Микроте это происходит автоматически).

https://wiki.merionet.ru/seti/21/nastrojka-static-route-tracking-s-pomoshhyu-ip-sla/

 

ISP(config)#ip sla 1

ISP(config-ip-sla)#icmp-e

ISP(config-ip-sla)#icmp-echo ?

Hostname or A.B.C.D  Destination IP address or hostname, broadcast disallowed

 

ISP(config-ip-sla)#icmp-echo 192.168.14.2

ISP(config-ip-sla-echo)#frequency 10

ISP(config-ip-sla-echo)#exit

ISP(config)#track

ISP(config)#track 1 ?

application  Application

interface    Select an interface to track

ip           IP protocol

list         Group objects in a list

rtr          Response Time Reporter (RTR) entry

stub-object  Stub tracking object

 

ISP(config)#track 1 ip ?

route  IP route

 

ISP(config)#track 1 rt

ISP(config)#track 1 rtr ?

<1-2147483647>  Entry number

 

ISP(config)#track 1 rtr 1 ?

reachability  Reachability

state         Return code state

<cr>

ISP(config)#track 1 rtr 1 reachability ?

<cr>

 

ISP(config)#track 1 rtr 1 reachability

ISP(config-track)#exit

ISP(config)#ip sla 1 ?

<cr>

 

ISP(config)#ip sla schedule ?

<1-2147483647>  Entry number

ISP(config)#ip sla schedule 1 ?

ageout      How long to keep this Entry when inactive

life        Length of time to execute in seconds

recurring   Probe to be scheduled automatically every day

start-time  When to start this entry

<cr>

ISP(config)#ip sla schedule 1 st

ISP(config)#ip sla schedule 1 start-time no

ISP(config)#ip sla schedule 1 start-time now li

ISP(config)#ip sla schedule 1 start-time now life fo

ISP(config)#ip sla schedule 1 start-time now life forever

ISP(config)#exit

ISP#sh tra

*Mar  1 06:04:34.906: %SYS-5-CONFIG_I: Configured from console by console

ISP#sh track

Track 1

Response Time Reporter 1 reachability

Reachability is Down

1 change, last change 00:00:23

Latest operation return code: Unknown

ISP#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

ISP(config)#do sh run | i ip route

ip route 0.0.0.0 0.0.0.0 192.168.14.2 100

ip route 192.168.1.0 255.255.255.0 192.168.24.2 200

ISP(config)#no ip route 0.0.0.0 0.0.0.0 192.168.14.2 100

ISP(config)#ip route 192.168.1.0 255.255.255.0 192.168.14.2 100 tr

ISP(config)#ip route 192.168.1.0 255.255.255.0 192.168.14.2 100 track 1

ISP(config)#end

ISP#sh ip route

Codes: C — connected, S — static, R — RIP, M — mobile, B — BGP

D — EIGRP, EX — EIGRP external, O — OSPF, IA — OSPF inter area

N1 — OSPF NSSA external type 1, N2 — OSPF NSSA external type 2

E1 — OSPF external type 1, E2 — OSPF external type 2

i — IS-IS, su — IS-IS summary, L1 — IS-IS level-1, L2 — IS-IS level-2

ia — IS-IS inter area, * — candidate default, U — per-user static route

o — ODR, P — periodic downloaded static route

 

Gateway of last resort is not set

 

C    192.168.14.0/24 is directly connected, FastEthernet0/0

C    192.168.24.0/24 is directly connected, FastEthernet0/1

S    192.168.1.0/24 [200/0] via 192.168.24.2

 

ISP#sh ip sla ?

apm                     IP SLAs Application Performance Monitor

application             IP SLAs Application

authentication          IP SLAs Authentication Information

configuration           IP SLAs Configuration

enhanced-history        IP SLAs Enhanced History

group                   IP SLAs Group Scheduling/Configuration

history                 IP SLAs History

mpls-lsp-monitor        IP SLAs MPLS LSP Monitor

reaction-configuration  IP SLAs Reaction Configuration

reaction-trigger        IP SLAs Reaction Trigger

responder               IP SLAs Responder Information

statistics              IP SLAs Statistics

 

ISP#sh ip sla statistics

 

Round Trip Time (RTT) for       Index 1

Latest RTT: NoConnection/Busy/Timeout

Latest operation start time: *06:05:13.934 UTC Fri Mar 1 2002

Latest operation return code: Timeout

Number of successes: 0

Number of failures: 5

Operation time to live: Forever

ISP#wr

 

 MASTER:

MASTER#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

MASTER(config)#interface fastEthernet 0/0

MASTER(config-if)#ip address 192.168.14.2 255.255.255.0

MASTER(config-if)#no shutdown

MASTER(config-if)#

*Mar  1 00:04:13.747: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up

*Mar  1 00:04:14.747: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up

MASTER(config-if)#do ping 192.168.14.1

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.14.1, timeout is 2 seconds:

.!!!!

Success rate is 80 percent (4/5), round-trip min/avg/max = 8/15/24 ms

MASTER(config-if)#exit

MASTER(config)#interface fastEthernet 0/1

MASTER(config-if)#ip address 192.168.1.2 255.255.255.0

MASTER(config-if)#no shutdown

MASTER(config-if)#

*Mar  1 00:09:12.779: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up

*Mar  1 00:09:13.779: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up

MASTER(config-if)#vrrp 1 ip 192.168.1.1

MASTER(config-if)#

*Mar  1 00:09:48.647: %VRRP-6-STATECHANGE: Fa0/1 Grp 1 state Init -> Master

MASTER(config-if)#vrrp 1 priority 150

% Priority change will have no effect whilst interface is VRRP address owner

MASTER(config-if)#vrrp 1 authentication md5 key-string mykey

MASTER(config-if)#exit

MASTER(config)#ip route 0.0.0.0 0.0.0.0 FastEthernet0/0

MASTER(config)#exit

MASTER#wr

*Mar  1 00:10:33.103: %SYS-5-CONFIG_I: Configured from console by console

MASTER#wr

Building configuration…

[OK]

MASTER#show vrrp

FastEthernet0/1 — Group 1

State is Master

Virtual IP address is 192.168.1.1

Virtual MAC address is 0000.5e00.0101

Advertisement interval is 1.000 sec

Preemption enabled

Priority is 150

Authentication MD5, key-string «mykey»

Master Router is 192.168.1.2 (local), priority is 150

Master Advertisement interval is 1.000 sec

Master Down interval is 3.414 sec

 

SLAVE:

SLAVE#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

SLAVE(config)#interface fastEthernet 0/0

SLAVE(config-if)#ip address 192.168.1.3 255.255.255.0

SLAVE(config-if)#no shutdown

SLAVE(config-if)#

*Mar  1 02:36:04.147: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up

*Mar  1 02:36:05.147: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up

SLAVE(config-if)#do ping 192.168.1.200

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.1.200, timeout is 2 seconds:

.!!!!

Success rate is 80 percent (4/5), round-trip min/avg/max = 4/13/28 ms

SLAVE(config-if)#exit

SLAVE(config)#interface fastEthernet 0/1

SLAVE(config-if)#ip address 192.168.24.2 255.255.255.0

SLAVE(config-if)#do ping 192.168.24.1

SLAVE(config-if)#no shutdown

SLAVE(config-if)#

*Mar  1 02:37:44.151: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up

*Mar  1 02:37:45.151: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up

SLAVE(config-if)#do ping 192.168.24.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.24.1, timeout is 2 seconds:

.!!!!

Success rate is 80 percent (4/5), round-trip min/avg/max = 16/20/24 ms

SLAVE(config-if)#exit

SLAVE(config)#ip route 0.0.0.0 0.0.0.0 FastEthernet0/1

SLAVE(config)#interface fastEthernet 0/0

SLAVE(config-if)#vrrp 1 ip 192.168.1.1

SLAVE(config-if)#

*Mar  1 02:39:57.963: %VRRP-6-STATECHANGE: Fa0/0 Grp 1 state Init -> Backup

SLAVE(config-if)#

*Mar  1 02:40:01.575: %VRRP-6-STATECHANGE: Fa0/0 Grp 1 state Backup -> Master

SLAVE(config-if)#vrrp 1 authentication md5 key-string mykey

SLAVE(config-if)#

*Mar  1 02:40:28.827: %VRRP-6-STATECHANGE: Fa0/0 Grp 1 state Master -> Backup

SLAVE(config-if)#exit

SLAVE(config)#exit

SLAVE#

*Mar  1 02:40:46.535: %SYS-5-CONFIG_I: Configured from console by console

SLAVE#wr

Building configuration…

[OK]

SLAVE#

SLAVE#show vrrp

FastEthernet0/0 — Group 1

State is Backup

Virtual IP address is 192.168.1.1

Virtual MAC address is 0000.5e00.0101

Advertisement interval is 1.000 sec

Preemption enabled

Priority is 100

Authentication MD5, key-string «mykey»

Master Router is 192.168.1.2, priority is 150

Master Advertisement interval is 1.000 sec

Master Down interval is 3.609 sec (expires in 3.245 sec)

 

«Тушим» мастер маршрутизатор.

Видим, что слейв теперь стал мастером.

Это говорит нам о том, что VRRP отрабатывает.

Трассировки теперь также идут нормально, значит маршруты тоже «отруливаются» правильно.

Всем хорошей работы!!!

19.11.2019 - Posted by | Network and Wi-fi: cisco, mikrotik, huawei, tp-link, d-link, zyxel и другое...

Sorry, the comment form is closed at this time.

%d такие блоггеры, как: