配置交换机双归接入IP 网络示例(V-STP 方式)(推荐)
如图4-23所示,通过配置M-LAG双归接入IP网络可以满足以下要求:
● 当一条接入链路发生故障时,流量可以快速切换到另一条链路,保证可靠性。
● 为了高效利用带宽,两条链路同时处于active状态,可实现使用负载分担的方式转发流量。
1.配置思路
采用如下的思路配置M-LAG双归接入IP网络:
1. 在Switch上配置上行接口绑定在一个Eth-Trunk中。
2. 分别在SwitchA和SwitchB上配置V-STP、DFS Group、peer-link和M-LAG接口。
3. 分别在SwitchA和SwitchB上配置VLANIF接口IP地址和MAC地址,作为接入设备的双活网关。
4. 分别在SwitchA、SwitchB和SwitchC上配置OSPF功能,保证三层互通。
说明:在V-STP场景下,为防止接口因生成树协议计算结果被阻塞,可以通过配置主接口实现三层互通或者去使能IP网络侧的生成树协议。
5. 分别在SwitchA和SwitchB上配置Monitor Link关联上行接口和下行接口,避免因上行链路故障导致用户侧流量无法转发而丢弃。
2.操作步骤
1.在Switch上配置上行接口绑定在一个Eth-Trunk中
<HUAWEI> system-view [~HUAWEI] sysname Switch [*HUAWEI] commit [~Switch] vlan batch 11 [*Switch] interface eth-trunk 20 [*Switch-Eth-Trunk20] mode lacp-static [*Switch-Eth-Trunk20] port link-type trunk [*Switch-Eth-Trunk20] port trunk allow-pass vlan 11 [*Switch-Eth-Trunk20] trunkport 10ge 1/0/1 to 1/0/4 [*Switch-Eth-Trunk20] quit [*Switch] commit
2.分别在SwitchA和SwitchB上配置V-STP、DFS Group、peer-link和M-LAG接口
1)配置SwitchA。
<HUAWEI> system-view [~HUAWEI] sysname SwitchA [*HUAWEI] commit [~SwitchA] stp mode rstp [~SwitchA] stp bridge-address 1-1-1 [*SwitchA] stp v-stp enable [*SwitchA] interface loopback 0 [*SwitchA-LoopBack0] ip address 10.1.1.1 32 [*SwitchA-LoopBack0] quit [*SwitchA] dfs-group 1 [*SwitchA-dfs-group-1] source ip 10.1.1.1 [*SwitchA-dfs-group-1] priority 150 [*SwitchA-dfs-group-1] quit [*SwitchA] interface eth-trunk 1 [*SwitchA-Eth-Trunk1] trunkport 10ge 1/0/4 [*SwitchA-Eth-Trunk1] trunkport 10ge 2/0/5 [*SwitchA-Eth-Trunk1] mode lacp-static [*SwitchA-Eth-Trunk1] peer-link 1 [*SwitchA-Eth-Trunk1] quit [*SwitchA] vlan batch 11 [*SwitchA] interface eth-trunk 10 [*SwitchA-Eth-Trunk10] mode lacp-static [*SwitchA-Eth-Trunk10] port link-type trunk [*SwitchA-Eth-Trunk10] port trunk allow-pass vlan 11 [*SwitchA-Eth-Trunk10] trunkport 10ge 1/0/2 [*SwitchA-Eth-Trunk10] trunkport 10ge 1/0/3 [*SwitchA-Eth-Trunk10] dfs-group 1 m-lag 1 [*SwitchA-Eth-Trunk10] quit [*SwitchA] commit
2)配置SwitchB
<HUAWEI> system-view [~HUAWEI] sysname SwitchB [*HUAWEI] commit [~SwitchB] stp mode rstp [~SwitchB] stp bridge-address 1-1-1 [*SwitchB] stp v-stp enable [*SwitchB] interface loopback 0 [*SwitchB-LoopBack0] ip address 10.1.1.2 32 [*SwitchB-LoopBack0] quit [*SwitchB] dfs-group 1 [*SwitchB-dfs-group-1] source ip 10.1.1.2 [*SwitchB-dfs-group-1] priority 120 [*SwitchB-dfs-group-1] quit [*SwitchB] interface eth-trunk 1 [*SwitchB-Eth-Trunk1] trunkport 10ge 1/0/4 [*SwitchB-Eth-Trunk1] trunkport 10ge 2/0/5 [*SwitchB-Eth-Trunk1] mode lacp-static [*SwitchB-Eth-Trunk1] peer-link 1 [*SwitchB-Eth-Trunk1] quit [*SwitchB] vlan batch 11 [*SwitchB] interface eth-trunk 10 [*SwitchB-Eth-Trunk10] mode lacp-static [*SwitchB-Eth-Trunk10] port link-type trunk [*SwitchB-Eth-Trunk10] port trunk allow-pass vlan 11 [*SwitchB-Eth-Trunk10] trunkport 10ge 1/0/2 [*SwitchB-Eth-Trunk10] trunkport 10ge 1/0/3 [*SwitchB-Eth-Trunk10] dfs-group 1 m-lag 1 [*SwitchB-Eth-Trunk10] quit [*SwitchB] commit
3)分别在SwitchA和SwitchB上配置VLANIF接口IP地址和MAC地址,作为接入设备的双活网关两端的虚拟IP和虚拟MAC配置要求完全一致,目的是为M-LAG提供相同的虚拟IP和虚拟MAC。
# 配置SwitchA。 [~SwitchA] interface vlanif 11 [*SwitchA-Vlanif11] ip address 10.2.1.1 24 [*SwitchA-Vlanif11] mac-address 0000-5e00-0101 [*SwitchA-Vlanif11] quit [*SwitchA] commit # 配置SwitchB。 [~SwitchB] interface vlanif 11 [*SwitchB-Vlanif11] ip address 10.2.1.1 24 [*SwitchB-Vlanif11] mac-address 0000-5e00-0101 [*SwitchB-Vlanif11] quit [*SwitchB] commit
4)分别在SwitchA、SwitchB和SwitchC上配置OSPF功能,保证三层互通
# 配置SwitchA。 [~SwitchA] interface 10ge 1/0/1 [~SwitchA-10GE1/0/1] undo portswitch [*SwitchA-10GE1/0/1] ip address 10.3.1.1 24 [*SwitchA-10GE1/0/1] quit [*SwitchA] ospf 1 [*SwitchA-ospf-1] area 0 [*SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.1 0.0.0.0 [*SwitchA-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255 [*SwitchA-ospf-1-area-0.0.0.0] network 10.3.1.0 0.0.0.255 [*SwitchA-ospf-1-area-0.0.0.0] quit [*SwitchA-ospf-1] quit [*SwitchA] commit # 配置SwitchB。 [~SwitchB] interface 10ge 1/0/1 [~SwitchB-10GE1/0/1] undo portswitch [*SwitchB-10GE1/0/1] ip address 10.4.1.1 24 [*SwitchB-10GE1/0/1] quit [*SwitchB] ospf 1 [*SwitchB-ospf-1] area 0 [*SwitchB-ospf-1-area-0.0.0.0] network 10.1.1.2 0.0.0.0 [*SwitchB-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255 [*SwitchB-ospf-1-area-0.0.0.0] network 10.4.1.0 0.0.0.255 [*SwitchB-ospf-1-area-0.0.0.0] quit [*SwitchB-ospf-1] quit [*SwitchB] commit # 配置SwitchC。 <HUAWEI> system-view [~HUAWEI] sysname SwitchC [*HUAWEI] commit [~SwitchC] interface 10ge 1/0/1 [~SwitchC-10GE1/0/1] undo portswitch [*SwitchC-10GE1/0/1] ip address 10.3.1.2 24 [*SwitchC-10GE1/0/1] quit [*SwitchC] interface 10ge 1/0/2 [*SwitchC-10GE1/0/2] undo portswitch [*SwitchC-10GE1/0/2] ip address 10.4.1.2 24 [*SwitchC-10GE1/0/2] quit [*SwitchC] ospf 1 [*SwitchC-ospf-1] area 0 [*SwitchC-ospf-1-area-0.0.0.0] network 10.3.1.0 0.0.0.255 [*SwitchC-ospf-1-area-0.0.0.0] network 10.4.1.0 0.0.0.255 [*SwitchC-ospf-1-area-0.0.0.0] quit [*SwitchC-ospf-1] quit [*SwitchC] commit
5)分别在SwitchA和SwitchB上配置Monitor Link关联上行接口和下行接口
# 配置SwitchA。 [~SwitchA] monitor-link group 1 [*SwitchA-mtlk-group1] port 10ge 1/0/1 uplink [*SwitchA-mtlk-group1] port eth-trunk 10 downlink 1 [*SwitchA-mtlk-group1] quit [*SwitchA] commit # 配置SwitchB。 [~SwitchB] monitor-link group 1 [*SwitchB-mtlk-group1] port 10ge 1/0/1 uplink [*SwitchB-mtlk-group1] port eth-trunk 10 downlink 1 [*SwitchB-mtlk-group1] quit [*SwitchB] commit
6)验证配置结果
执行命令display dfs-group,查看M-LAG的相关信息。
# 查看DFS Group编号为1的M-LAG信息。
[~SwitchA] display dfs-group 1 m-lag * : Local node Heart beat state : OK Node 1 * Dfs-Group ID : 1 Priority : 150 Address : ip address 10.1.1.1 State : Master Causation : - System ID : 0025-9e95-7c31 SysName : SwitchA Version : V100R006C00 Device Type : CE12800 Node 2 Dfs-Group ID : 1 Priority : 120 Address : ip address 10.1.1.2 State : Backup Causation : - System ID : 0025-9e95-7c11 SysName : SwitchB Version : V100R006C00 Device Type : CE12800
# 查看SwitchA上的M-LAG信息。
[~SwitchA] display dfs-group 1 node 1 m-lag brief * - Local node M-Lag ID Interface Port State Status Consistency-check 1 Eth-Trunk 10 Up active(*)-active -- Failed reason: 1 -- Relationship between vlan and port is inconsistent 2 -- STP configuration under the port is inconsistent 3 -- STP port priority configuration is inconsistent 4 -- LACP mode of M-LAG is inconsistent 5 -- M-LAG configuration is inconsistent 6 -- The number of M-LAG members is inconsistent
# 查看SwitchB上的M-LAG信息。
[~SwitchB] display dfs-group 1 node 2 m-lag brief * - Local node M-Lag ID Interface Port State Status Consistency-check 1 Eth-Trunk 10 Up active-active(*) -- Failed reason: 1 -- Relationship between vlan and port is inconsistent 2 -- STP configuration under the port is inconsistent 3 -- STP port priority configuration is inconsistent 4 -- LACP mode of M-LAG is inconsistent 5 -- M-LAG configuration is inconsistent 6 -- The number of M-LAG members is inconsistent
通过以上显示信息可以看到,“Heart beat state”的状态是“OK”,表明心跳状态正常;SwitchA作为Node 1,优先级为150,“State”的状态是“Master”;SwitchB作为Node 2,优先级为120,“State”的状态是“Backup”。
同时“Causation”的状态是“-”,Node 1的“Port State”状态为“Up”,Node 2的“Port State”状态为“Up”,且Node 1和Node 2的M-LAG状态均为“active”,表明M-LAG的配置正确。
3.配置文件
1)SwitchA的配置文件
sysname SwitchA # dfs-group 1 priority 150 source ip 10.1.1.1 # vlan batch 11 # stp mode rstp stp bridge-address 0001-0001-0001 stp v-stp enable # interface Vlanif11 ip address 10.2.1.1 255.255.255.0 mac-address 0000-5e00-0101 # interface Eth-Trunk1 mode lacp-static peer-link 1 # interface Eth-Trunk10 port link-type trunk port trunk allow-pass vlan 11 mode lacp-static dfs-group 1 m-lag 1 # interface 10GE1/0/1 undo portswitch ip address 10.3.1.1 255.255.255.0 # interface 10GE1/0/2 eth-trunk 10 # interface 10GE1/0/3 eth-trunk 10 # interface 10GE1/0/4 eth-trunk 1 interface 10GE2/0/5 eth-trunk 1 # interface LoopBack0 ip address 10.1.1.1 255.255.255.255 # monitor-link group 1 port 10GE1/0/1 uplink port Eth-Trunk10 downlink 1 # ospf 1 area 0.0.0.0 network 10.1.1.1 0.0.0.0 network 10.2.1.0 0.0.0.255 network 10.3.1.0 0.0.0.255 # return
2)SwitchC的配置文件
sysname SwitchC # interface 10GE1/0/1 undo portswitch ip address 10.3.1.2 255.255.255.0 # interface 10GE1/0/2 undo portswitch ip address 10.4.1.2 255.255.255.0 # ospf 1 area 0.0.0.0 network 10.3.1.0 0.0.0.255 network 10.4.1.0 0.0.0.255 # return
3)Switch的配置文件
sysname Switch # vlan batch 11 # interface Eth-Trunk20 port link-type trunk port trunk allow-pass vlan 11 mode lacp-static # interface 10GE1/0/1 eth-trunk 20 # interface 10GE1/0/2 eth-trunk 20 # interface 10GE1/0/3 eth-trunk 20 # interface 10GE1/0/4 eth-trunk 20 # return
4.监控M-LAG 运行状况
display m-lag troubleshooting { history | current }:查看M-LAG发生故障的原因。该命令最多显示最近100次故障的原因。
reset m-lag troubleshooting history :清除设备上已有的M-LAG历史故障原因信息。
看看天上,于是我去了满是风雪的地方