标签:冗余

CCIE试验备考之冗余备份(IRDP)

No Comments CISCO认证 ,

冗余备份特性
能够提供冗余备份的机制:
1. IRDP,ICMP Router Discovery Protocol(ICMP路由发现协议)
2. HSRP,Hot Standby Router Potocol(热备份路由协议)
3. VRRP,Virtual Router Redundancy Potocol(虚拟路由冗余协议)
4. GLBP,Gateway Load Balancing Protocol(网关负载协议)
5. Cisco-SLB,Cisco Server Load Balancing
第一部分 IRDP
在ICMP路由器发现协议IRDP中,支持IRDP的主机会动态地发现用于访问非本地网络的路由器。IRDP支持主机发现路由器。路由器发现数据包会在主机(IRDP服务器)和cisco路由器(IRDP客户端)之间交换。软件还会窃听RIP和IGRP路由更新,并从更新中推断出路由器的位置,而主机并不会真正的检查和存储路由设备发出的完整的路由表,只是记录下来哪些系统在发送这样的数据而已。
在使用一组cisco路由器的LAN网段中,可以任意组合配置RIP、IGRP和IRDP3种协议。Cisco推荐尽可能地使用IRDP,因为他支持设定每台路由器的优先级和超时时间
通过发现的每台设备都会成为候选的缺省网关,然后对候选表进行扫描,并在下列3种情况下选择一个新的优先级最高的路由器:
1) 当发现了比当前缺省路由器优先级最高的路由器时(每5分钟扫描一次候选路由表)
2) 认为当前路由器出现了故障时
3) 由于大量的重传,某个TCP连接操时,IRDP会清空ARP缓存和ICMP重定向缓存的内容,并在查找到达目的端的路由时使用新的缺省路由器
运行IRDP时,主机会加入“全部设备”IP组播组(224.0.0.1)并开始监听IRDP客户端(路由器)发送该组的路由器通告。为了减少接口初始化的延迟时,主机也可以发送路由器请求消息到”全部路由器”IP组播地址(224.0.0.2),路由器会发出“路由器通告”进行响应,保证了主机能立即发现缺省网关。
通告每隔7-10分钟发送一次,而默认的生命周期为30分钟。IRDP有两个独立的时间间隔:最小的和最大的通告间隔。所有主动提供的通告的发送间隔都在这两个值指定的范围之内。

配置方法:
第一步:接口模式下使能IRDP
            ip irdp
第二步:指定优先级别
            ip irdp preference 优先级别
            缺省的优先级别为0,值越大优先级别越高
其他配置:
A) 通常情况下,对通告是进行广播,要让IRDP使用到224.0.0.1的组播来代替广播,可以使用命令:接口模式下
        ip irdp multicast
B) 修改生命周期holdtime
        ip irdp holdtime 秒数
        秒数为4-9000,默认为1800秒,30分钟
C) 修改最大通告时间
         ip irdp maxadvertinterval 秒数
         秒数为4-1800秒,默认为600秒
D) 修改最小通告时间
         ip irdp minadvertinterval 秒数
         秒数为3-1800秒,默认为450秒

案例:
R1#config termi
R1(config)#int e0
R1(config-if)#ip address 192.168.1.1 255.255.255.0
R1(config-if)#ip irdp preference 2147483647
R1(config-if)#no shut
R1#show ip irdp e0
Ethernet0 has router discovery enabled
Advertisements will occur between every 450 and 600 seconds.
Advertisements are sent with broadcasts.
Advertisements are valid for 1800 seconds.
Default preference will be 2147483647.
——————————————————————–
R2(config)#inter e0
R2(config-if)#ip addr 192.168.1.2 255.255.255.0
R2(config-if)#ip irdp preference -2147483647
R2(config-if)#no shut
r2#show ip irdp e0
Ethernet0 has router discovery enabled
Advertisements will occur between every 450 and 600 seconds.
Advertisements are sent with broadcasts.
Advertisements are valid for 1800 seconds.
Default preference will be -2147483647.
———————————————————————
我们应用R3作为一个dhcp服务器,配置两个默认网关
r3(config)#ip dhcp pool cisco
r3(dhcp-config)#network 192.168.1.0 255.255.255.0
r3(dhcp-config)#default-router 192.l168.1.1 192.168.1.2
———————————————————————
路由器4作为客户端进行检测
r4(config)#interface e0
r4(config-if)#ip address dhcp
———————————————————————
我们模拟将r1停止
r4检测
*Mar      1 09:46:43.421: ICMP: rdp advert rcvd type 9, code 0, from 192.168.1.2
*Mar      1 09:47:01.421: ICMP: rdp advert rcvd type 9, code 0, from 192.168.1.2
*Mar      1 09:47:15.421: ICMP: rdp advert rcvd type 9, code 0, from 192.168.1.2
*Mar      1 09:47:34.421: ICMP: rdp advert rcvd type 9, code 0, from 192.168.1.2
r2上
*Mar      1 05:03:58.378: ICMP: src=192.168.1.2, dst=255.255.255.255, irdp advertisement sent
*Mar      1 05:03:58.382: IRDP: entries=1, size=2, lifetime=30, bytes=36
*Mar      1 05:03:58.382: IRDP: address=192.168.1.2 preference=0
案例:
CCIE-LAB(V142)
题目要求:
在VLANC上的主机不想配置第二个网关,不允许使用HSRP,使得VLANC的主机优选R6的E0端口地址为首选网关,其次选R5的Fa0/0端口地址为最后网关。
VLAN C       R5-F0/0        R6-EO
配置:
R6
       configure terminal
       interface e0
ip irdp
ip irdp preference 2147483647
R5
       configure terminal
       interface f0/0
ip irdp
ip irdp preference -2147483647

6509双引擎冗余配置

No Comments CISCO , ,

#version 6.3(1)
!
set password $2$hodC$6G9acb2epHleGd7Hy6qA8.
set enablepass $2$.dxG$ujEuGXH9VoewvKJeTqN.D. 给交换机设置使能口令
!
#system
set system name switch 设置交换机名字
set system highavailability enable 实现高性能热备
!
#!
#vtp
set vtp domain net 设置VTP 域名
set vlan 1 name default type ethernet mtu 1500 said 100001 state active
set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active
set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state active stp ibm
set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state active stp ibm
set vlan 10,20,30,40-41,50,60,70,80
set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state active mode srb aremaxhop 7 stemaxhop 7 backupcrf off
!
#ip
set interface sc0 20 10.35.50.253/255.255.255.0 10.35.50.255 设置交换机ip地址
需要根据交换机ip地址属于那个vlan来确定ip地址的vlan号
set ip route 0.0.0.0/0.0.0.0 10.35.50.254 设置交换机静态路由
set ip alias default 0.0.0.0
set ip alias apple 10.35.50.251 设置地址映射
举例:原来telnet 10.35.50.251 .现在可以直接telnet apple 。作用一样。
set ip alias apple2 10.35.50.250
!
#set boot command
set boot config-register 0x2
set boot system flash bootflash:cat6000-sup2.6-3-1.bin 设置启动交换机时加载系统操作系统。
!
#port channel
#module 1 : 2-port 1000BaseX Supervisor
!
#module 2 : 2-port 1000BaseX Supervisor
!
#module 3 : 8-port 1000BaseX Ethernet
set vlan 20 3/1-6 把端口划分进具体vlan里面,根据网络设计方案具体确定端口用户属于那个vlan
set vlan 60 3/7-8
set port name 3/1 ibmweb link 给端口命名,方便管理
!
#module 4 : 48-port 10/100BaseTX Ethernet
set vlan 20 4/5-48
set vlan 70 4/1-4
set trunk 4/5 on dot1q 1-1005,1025-4094 设置交换机间链路 干道(trunk)(此端口与2950交换机相连)
set port channel 4/5-6 mode off
!
#module 5 empty
!
#module 6 : 48-port 10/100BaseTX Ethernet
set vlan 20 6/1-48
set spantree portfast 6/6-12 enable 设置速端口 (减少收敛时间)
!
#module 7 empty
!
#module 8 : 48-port 10/100BaseTX Ethernet
set vlan 20 8/1-48
!
#module 9 empty
!
#module 15 : 1-port Multilayer Switch Feature Card
!
#module 16 : 1-port Multilayer Switch Feature Card
end
两个引擎模块上各有一个msfc2 模块互为热备且转发路由互为负载均衡。MSFC2多层交换模块提供交换机vlan间路由。
引擎一上msfc2配置(r1):
操作系统为cisco ios 12.1
Current configuration : 3422 bytes
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname r1 设置路由器主机名
!
boot system flash bootflash:c6msfc2-psv-mz.121-8a.E5 载入操作系统
enable secret 5 $1$gZQ6$pGpbM7yPeCoyTw1oGI9L/0 设置口令
!
username lxd password 7 060A1725
ip subnet-zero
!
!
interface Vlan10 进入vlan10接口
ip address 10.35.50.61 255.255.255.192 配置vlan10 ip地址
no ip redirects
standby priority 150 preempt 设置热备份路由权限(数字越高越大)
standby name webserver 设置端口名字
standby ip 10.35.50.62 设置虚拟网关IP地址
!
interface Vlan20
ip address 10.35.50.125 255.255.255.192
no ip redirects
standby priority 150 preempt
standby name txk
standby ip 10.35.50.126
!
interface Vlan30
ip address 10.35.50.189 255.255.255.192
no ip redirects
standby priority 150 preempt
standby name zhiandadui
standby ip 10.35.50.190
!
interface Vlan35
ip address 10.35.50.253 255.255.255.192
no ip redirects
standby priority 150 preempt
standby name wangguanzhongxin
standby ip 10.35.50.254
!
interface Vlan50
ip address 10.35.51.29 255.255.255.224
no ip redirects
standby priority 50 preempt
standby name julingdao
standby ip 10.35.51.30
!
interface Vlan51
ip address 10.35.51.61 255.255.255.224
no ip redirects
standby priority 50 preempt
standby name zhenfawei
standby ip 10.35.51.62
!
interface Vlan53
ip address 10.35.51.125 255.255.255.192
no ip redirects
standby priority 50 preempt
standby name xinjingdadui
standby ip 10.35.51.126
!
interface Vlan55
ip address 10.35.51.253 255.255.255.128
no ip redirects
standby priority 50 preempt
standby name office
standby ip 10.35.51.254
!
interface Vlan56
ip address 10.35.52.125 255.255.255.128
no ip redirects
standby priority 50 preempt
standby name 110
standby ip 10.35.52.126
!
interface Vlan57
ip address 10.35.52.157 255.255.255.224
no ip redirects
standby priority 50 preempt
standby name zhanbaoke
standby ip 10.35.52.158
!
interface Vlan58
ip address 10.35.52.189 255.255.255.224
no ip redirects
standby priority 50 preempt
standby name bagongshi
standby ip 10.35.52.190
!
interface Vlan59
ip address 10.35.52.221 255.255.255.224
no ip redirects
standby priority 50 preempt
standby name zhenzhizhu
standby ip 10.35.52.222
!
interface Vlan60
ip address 10.35.55.125 255.255.255.128
no ip redirects
standby priority 150 preempt
standby name sunserver
standby ip 10.35.55.126
!
interface Vlan70
ip address 10.35.55.250 255.255.255.128
no ip redirects
standby priority 50 preempt
standby name huaweirouter
standby ip 10.35.55.254
!
interface Vlan80
ip address 10.35.59.125 255.255.255.128
no ip redirects
standby priority 50 preempt
standby name chuoguanshu
standby ip 10.35.59.126
!
router ospf 100 打开ospf路由进程,进程号为100
log-adjacency-changes
network 10.35.50.0 0.0.0.63 area 2 对网段发布启用ospf协议,区域号为2
network 10.35.50.64 0.0.0.63 area 2
network 10.35.50.128 0.0.0.63 area 2
network 10.35.50.192 0.0.0.63 area 2
network 10.35.51.0 0.0.0.31 area 2
network 10.35.51.32 0.0.0.31 area 2
network 10.35.51.64 0.0.0.63 area 2
network 10.35.51.0 0.0.0.127 area 2
network 10.35.51.128 0.0.0.127 area 2
network 10.35.52.0 0.0.0.127 area 2
network 10.35.52.128 0.0.0.31 area 2
network 10.35.52.160 0.0.0.31 area 2
network 10.35.52.192 0.0.0.31 area 2
network 10.35.55.0 0.0.0.127 area 2
network 10.35.55.128 0.0.0.127 area 2
network 10.35.59.0 0.0.0.127 area 2
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.35.55.253 设置默认路由
no ip http server
!
snmp-server community jyganet RO
!
!
line con 0
line vty 0 4 设置telnet 口令
password 7 082D544A
login local
!
end
引擎二上msfc2配置(r2):
操作系统为cisco ios 12.1
version 12.1
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname 6509r2
!
boot system flash bootflash:c6msfc2-psv-mz.121-8a.E5
enable secre