配置交换机双归接入IP 网络示例(V-STP 方式)(推荐)

  如图4-23所示,通过配置M-LAG双归接入IP网络可以满足以下要求:

  ● 当一条接入链路发生故障时,流量可以快速切换到另一条链路,保证可靠性。

  ● 为了高效利用带宽,两条链路同时处于active状态,可实现使用负载分担的方式转发流量。

  华为M-LAG-4-冯金伟博客园 

1.配置思路

  采用如下的思路配置M-LAG双归接入IP网络:

  1. 在Switch上配置上行接口绑定在一个Eth-Trunk中。

  2. 分别在SwitchA和SwitchB上配置V-STP、DFS Group、peer-link和M-LAG接口。

  3. 分别在SwitchA和SwitchB上配置VLANIF接口IP地址和MAC地址,作为接入设备的双活网关。

  4. 分别在SwitchA、SwitchB和SwitchC上配置OSPF功能,保证三层互通。

    说明:在V-STP场景下,为防止接口因生成树协议计算结果被阻塞,可以通过配置主接口实现三层互通或者去使能IP网络侧的生成树协议。

  5. 分别在SwitchA和SwitchB上配置Monitor Link关联上行接口和下行接口,避免因上行链路故障导致用户侧流量无法转发而丢弃。

2.操作步骤

  1.在Switch上配置上行接口绑定在一个Eth-Trunk中  

<HUAWEI> system-view
[~HUAWEI] sysname Switch
[*HUAWEI] commit
[~Switch] vlan batch 11
[*Switch] interface eth-trunk 20
[*Switch-Eth-Trunk20] mode lacp-static
[*Switch-Eth-Trunk20] port link-type trunk
[*Switch-Eth-Trunk20] port trunk allow-pass vlan 11
[*Switch-Eth-Trunk20] trunkport 10ge 1/0/1 to 1/0/4
[*Switch-Eth-Trunk20] quit
[*Switch] commit

  2.分别在SwitchA和SwitchB上配置V-STP、DFS Group、peer-link和M-LAG接口

  1)配置SwitchA。  

<HUAWEI> system-view
[~HUAWEI] sysname SwitchA
[*HUAWEI] commit
[~SwitchA] stp mode rstp
[~SwitchA] stp bridge-address 1-1-1
[*SwitchA] stp v-stp enable
[*SwitchA] interface loopback 0
[*SwitchA-LoopBack0] ip address 10.1.1.1 32
[*SwitchA-LoopBack0] quit
[*SwitchA] dfs-group 1
[*SwitchA-dfs-group-1] source ip 10.1.1.1
[*SwitchA-dfs-group-1] priority 150
[*SwitchA-dfs-group-1] quit
[*SwitchA] interface eth-trunk 1
[*SwitchA-Eth-Trunk1] trunkport 10ge 1/0/4
[*SwitchA-Eth-Trunk1] trunkport 10ge 2/0/5
[*SwitchA-Eth-Trunk1] mode lacp-static
[*SwitchA-Eth-Trunk1] peer-link 1
[*SwitchA-Eth-Trunk1] quit
[*SwitchA] vlan batch 11
[*SwitchA] interface eth-trunk 10
[*SwitchA-Eth-Trunk10] mode lacp-static
[*SwitchA-Eth-Trunk10] port link-type trunk
[*SwitchA-Eth-Trunk10] port trunk allow-pass vlan 11
[*SwitchA-Eth-Trunk10] trunkport 10ge 1/0/2
[*SwitchA-Eth-Trunk10] trunkport 10ge 1/0/3
[*SwitchA-Eth-Trunk10] dfs-group 1 m-lag 1
[*SwitchA-Eth-Trunk10] quit
[*SwitchA] commit

  2)配置SwitchB  

<HUAWEI> system-view
[~HUAWEI] sysname SwitchB
[*HUAWEI] commit
[~SwitchB] stp mode rstp
[~SwitchB] stp bridge-address 1-1-1
[*SwitchB] stp v-stp enable
[*SwitchB] interface loopback 0
[*SwitchB-LoopBack0] ip address 10.1.1.2 32
[*SwitchB-LoopBack0] quit
[*SwitchB] dfs-group 1
[*SwitchB-dfs-group-1] source ip 10.1.1.2
[*SwitchB-dfs-group-1] priority 120
[*SwitchB-dfs-group-1] quit
[*SwitchB] interface eth-trunk 1
[*SwitchB-Eth-Trunk1] trunkport 10ge 1/0/4
[*SwitchB-Eth-Trunk1] trunkport 10ge 2/0/5
[*SwitchB-Eth-Trunk1] mode lacp-static
[*SwitchB-Eth-Trunk1] peer-link 1
[*SwitchB-Eth-Trunk1] quit
[*SwitchB] vlan batch 11
[*SwitchB] interface eth-trunk 10
[*SwitchB-Eth-Trunk10] mode lacp-static
[*SwitchB-Eth-Trunk10] port link-type trunk
[*SwitchB-Eth-Trunk10] port trunk allow-pass vlan 11
[*SwitchB-Eth-Trunk10] trunkport 10ge 1/0/2
[*SwitchB-Eth-Trunk10] trunkport 10ge 1/0/3
[*SwitchB-Eth-Trunk10] dfs-group 1 m-lag 1
[*SwitchB-Eth-Trunk10] quit
[*SwitchB] commit

  3)分别在SwitchA和SwitchB上配置VLANIF接口IP地址和MAC地址,作为接入设备的双活网关两端的虚拟IP和虚拟MAC配置要求完全一致,目的是为M-LAG提供相同的虚拟IP和虚拟MAC。

# 配置SwitchA。
[~SwitchA] interface vlanif 11
[*SwitchA-Vlanif11] ip address 10.2.1.1 24
[*SwitchA-Vlanif11] mac-address 0000-5e00-0101
[*SwitchA-Vlanif11] quit
[*SwitchA] commit
# 配置SwitchB。
[~SwitchB] interface vlanif 11
[*SwitchB-Vlanif11] ip address 10.2.1.1 24
[*SwitchB-Vlanif11] mac-address 0000-5e00-0101
[*SwitchB-Vlanif11] quit
[*SwitchB] commit

  4)分别在SwitchA、SwitchB和SwitchC上配置OSPF功能,保证三层互通  

# 配置SwitchA。
[~SwitchA] interface 10ge 1/0/1
[~SwitchA-10GE1/0/1] undo portswitch
[*SwitchA-10GE1/0/1] ip address 10.3.1.1 24
[*SwitchA-10GE1/0/1] quit
[*SwitchA] ospf 1
[*SwitchA-ospf-1] area 0
[*SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.1 0.0.0.0
[*SwitchA-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255
[*SwitchA-ospf-1-area-0.0.0.0] network 10.3.1.0 0.0.0.255
[*SwitchA-ospf-1-area-0.0.0.0] quit
[*SwitchA-ospf-1] quit
[*SwitchA] commit
# 配置SwitchB。
[~SwitchB] interface 10ge 1/0/1
[~SwitchB-10GE1/0/1] undo portswitch
[*SwitchB-10GE1/0/1] ip address 10.4.1.1 24
[*SwitchB-10GE1/0/1] quit
[*SwitchB] ospf 1
[*SwitchB-ospf-1] area 0
[*SwitchB-ospf-1-area-0.0.0.0] network 10.1.1.2 0.0.0.0
[*SwitchB-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255
[*SwitchB-ospf-1-area-0.0.0.0] network 10.4.1.0 0.0.0.255
[*SwitchB-ospf-1-area-0.0.0.0] quit
[*SwitchB-ospf-1] quit
[*SwitchB] commit
# 配置SwitchC。
<HUAWEI> system-view
[~HUAWEI] sysname SwitchC
[*HUAWEI] commit
[~SwitchC] interface 10ge 1/0/1
[~SwitchC-10GE1/0/1] undo portswitch
[*SwitchC-10GE1/0/1] ip address 10.3.1.2 24
[*SwitchC-10GE1/0/1] quit
[*SwitchC] interface 10ge 1/0/2
[*SwitchC-10GE1/0/2] undo portswitch
[*SwitchC-10GE1/0/2] ip address 10.4.1.2 24
[*SwitchC-10GE1/0/2] quit
[*SwitchC] ospf 1
[*SwitchC-ospf-1] area 0
[*SwitchC-ospf-1-area-0.0.0.0] network 10.3.1.0 0.0.0.255
[*SwitchC-ospf-1-area-0.0.0.0] network 10.4.1.0 0.0.0.255
[*SwitchC-ospf-1-area-0.0.0.0] quit
[*SwitchC-ospf-1] quit
[*SwitchC] commit

  5)分别在SwitchA和SwitchB上配置Monitor Link关联上行接口和下行接口  

# 配置SwitchA。
[~SwitchA] monitor-link group 1
[*SwitchA-mtlk-group1] port 10ge 1/0/1 uplink
[*SwitchA-mtlk-group1] port eth-trunk 10 downlink 1
[*SwitchA-mtlk-group1] quit
[*SwitchA] commit
# 配置SwitchB。
[~SwitchB] monitor-link group 1
[*SwitchB-mtlk-group1] port 10ge 1/0/1 uplink
[*SwitchB-mtlk-group1] port eth-trunk 10 downlink 1
[*SwitchB-mtlk-group1] quit
[*SwitchB] commit

  6)验证配置结果

  执行命令display dfs-group,查看M-LAG的相关信息。

  # 查看DFS Group编号为1的M-LAG信息。

[~SwitchA] display dfs-group 1 m-lag
* : Local node
Heart beat state : OK
Node 1 *
Dfs-Group ID : 1
Priority : 150
Address : ip address 10.1.1.1
State : Master
Causation : -
System ID : 0025-9e95-7c31
SysName : SwitchA
Version : V100R006C00
Device Type : CE12800
Node 2
Dfs-Group ID : 1
Priority : 120
Address : ip address 10.1.1.2
State : Backup
Causation : -
System ID : 0025-9e95-7c11
SysName : SwitchB
Version : V100R006C00
Device Type : CE12800

  # 查看SwitchA上的M-LAG信息。  

[~SwitchA] display dfs-group 1 node 1 m-lag brief
* - Local node
M-Lag ID Interface Port State Status Consistency-check
1 Eth-Trunk 10 Up active(*)-active --
Failed reason:
1 -- Relationship between vlan and port is inconsistent
2 -- STP configuration under the port is inconsistent
3 -- STP port priority configuration is inconsistent
4 -- LACP mode of M-LAG is inconsistent
5 -- M-LAG configuration is inconsistent
6 -- The number of M-LAG members is inconsistent

  # 查看SwitchB上的M-LAG信息。  

[~SwitchB] display dfs-group 1 node 2 m-lag brief
* - Local node
M-Lag ID Interface Port State Status Consistency-check
1 Eth-Trunk 10 Up active-active(*) --
Failed reason:
1 -- Relationship between vlan and port is inconsistent
2 -- STP configuration under the port is inconsistent
3 -- STP port priority configuration is inconsistent
4 -- LACP mode of M-LAG is inconsistent
5 -- M-LAG configuration is inconsistent
6 -- The number of M-LAG members is inconsistent

  通过以上显示信息可以看到,“Heart beat state”的状态是“OK”,表明心跳状态正常;SwitchA作为Node 1,优先级为150,“State”的状态是“Master”;SwitchB作为Node 2,优先级为120,“State”的状态是“Backup”。

  同时“Causation”的状态是“-”,Node 1的“Port State”状态为“Up”,Node 2的“Port State”状态为“Up”,且Node 1和Node 2的M-LAG状态均为“active”,表明M-LAG的配置正确。

3.配置文件

  1)SwitchA的配置文件  

sysname SwitchA
#
dfs-group 1
priority 150
source ip 10.1.1.1
#
vlan batch 11
#
stp mode rstp
stp bridge-address 0001-0001-0001
stp v-stp enable
#
interface Vlanif11
ip address 10.2.1.1 255.255.255.0
mac-address 0000-5e00-0101
#
interface Eth-Trunk1
mode lacp-static
peer-link 1
#
interface Eth-Trunk10
port link-type trunk
port trunk allow-pass vlan 11
mode lacp-static
dfs-group 1 m-lag 1
#
interface 10GE1/0/1
undo portswitch
ip address 10.3.1.1 255.255.255.0
#
interface 10GE1/0/2
eth-trunk 10
#
interface 10GE1/0/3
eth-trunk 10
#
interface 10GE1/0/4
eth-trunk 1
interface 10GE2/0/5
eth-trunk 1
#
interface LoopBack0
ip address 10.1.1.1 255.255.255.255
#
monitor-link group 1
port 10GE1/0/1 uplink
port Eth-Trunk10 downlink 1
#
ospf 1
area 0.0.0.0
network 10.1.1.1 0.0.0.0
network 10.2.1.0 0.0.0.255
network 10.3.1.0 0.0.0.255
# return

  2)SwitchC的配置文件  

sysname SwitchC
#
interface 10GE1/0/1
undo portswitch
ip address 10.3.1.2 255.255.255.0
#
interface 10GE1/0/2
undo portswitch
ip address 10.4.1.2 255.255.255.0
#
ospf 1
area 0.0.0.0
network 10.3.1.0 0.0.0.255
network 10.4.1.0 0.0.0.255
# return

  3)Switch的配置文件  

sysname Switch
#
vlan batch 11
#
interface Eth-Trunk20
port link-type trunk
port trunk allow-pass vlan 11
mode lacp-static
#
interface 10GE1/0/1
eth-trunk 20
#
interface 10GE1/0/2
eth-trunk 20
#
interface 10GE1/0/3
eth-trunk 20
#
interface 10GE1/0/4
eth-trunk 20
# return

4.监控M-LAG 运行状况 

  display m-lag troubleshooting { history | current }:查看M-LAG发生故障的原因。该命令最多显示最近100次故障的原因。

  reset m-lag troubleshooting history :清除设备上已有的M-LAG历史故障原因信息。

看看天上,于是我去了满是风雪的地方