- 项目拓扑与项目需求
项目需求
① 主链路为电信,电信链路出故障时,业务数据流量切换到联通链路
- 实验步骤
步骤1:设备重命名以及IP地址的配置
| 设备 | 接口编号 | IP地址 |
| AR1 | G0/0/0 | 10.0.13.1/24 |
| G0/0/1 | 10.0.14.1/24 | |
| AR2 | G0/0/0 | 10.0.23.2/24 |
| G0/0/1 | 10.0.14.2/24 | |
| AR3 | G0/0/0 | 10.0.13.3/24 |
| G0/0/1 | 10.0.23.3/24 | |
| G0/0/2 | 10.0.100.3/24 | |
| AR4 | G0/0/0 | 10.0.14.4/24 |
| G0/0/1 | 10.0.24.4/24 | |
| Loop back0 | 100.100.100.100/32 | |
| LSW1 | Vlanif1 | 10.0.100.1/24 |
内网配置IP地址与vlan划分规划:
| 设备 | 接口编号 | IP地址 | 链路类型 | 所属vlan/网关 |
| LSW1 | G0/0/0 | 10.1.1.254/24(vlanif10) | Trunk | / |
| G0/0/1 | 20.1.1.254/24(vlanif20) | Trunk | / | |
| LSW2 | G0/0/2 | / | Access | 20 |
| G0/0/3 | / | Trunk | / | |
| LSW3 | G0/0/2 | / | Access | 10 |
| G0/0/1 | / | Trunk | / | |
| PC1 | E0/0/1 | 10.1.1.1/24 | / | 10/vlanif10 |
| PC2 | E0/0/1 | 20.1.1.1/24 | / | 20/vlanif20 |
按照规划自行配置,不做赘述。
步骤2 :配置LSW1与AR3之间路由可达(静态路由),在R3上做双出口去往公网,其中电信为主链路,联通为备份链路。
- 配置静态路由,实现内网路由传到外网
LSW1的配置
[LSW1]ip route-static 0.0.0.0 0 10.0.100.3
AR3的配置
[AR3]ip route-static 10.1.1.0 24 10.0.100.1
[AR3]ip route-static 20.1.1.0 24 10.0.100.1
- 配置静态路由,实现一主一备
[AR3]ip route-static 0.0.0.0 0 10.0.13.1 description dianxin
[AR3]ip route-static 0.0.0.0 0 10.0.23.2 preference 61 description liantong
- 配置NAT,实现私网地址转换
[AR3-acl-basic-2000]rule permit source any
[AR3-GigabitEthernet0/0/0]nat outbound 2000
[AR3-GigabitEthernet0/0/1]nat outbound 2000
步骤3:运行OSPF实现公网互通
AR1的配置:
[AR1]ospf
[AR1-ospf-1]area 0
[AR1-ospf-1-0.0.0.0]network 10.0.14.0 0.0.0.255
[AR1-ospf-1-0.0.0.0]network 10.0.13.0 0.0.0.255
AR 1和AR 2自行配置,不做赘述。
步骤4:配置单臂回声(适用于AR1和SW4之间链路故障场景
(1)AR3的配置
[AR3]bfd //开启BFD
[AR3-bfd]quit
[AR3]bfd huawei bind peer-ip 10.0.13.1 interface g0/0/0 one-arm-echo//单臂回声
[AR3-bfd-session-huwei]//创建好了一个BFD会话
[AR3-bfd-session-huwei]discriminator local 1000//本端的BFD会话id
[AR3-bfd-session-huwei]commit//使能会话
查看会话建立情况:
[AR3-bfd-session-huwei]display bfd session all
--------------------------------------------------------------------------------
Local Remote PeerIpAddr State Type InterfaceName
--------------------------------------------------------------------------------
1000 - 10.0.13.1 Up S_IP_IF GigabitEthernet0/0/0
--------------------------------------------------------------------------------
Total UP/DOWN Session Number : 1/0
将AR1的G0/0/0接口关闭后查看会话表:
[AR3-bfd-session-huwei]display bfd session all
--------------------------------------------------------------------------------
Local Remote PeerIpAddr State Type InterfaceName
--------------------------------------------------------------------------------
1000 - 10.0.13.1 Down S_IP_IF GigabitEthernet0/0/0
--------------------------------------------------------------------------------
Total UP/DOWN Session Number : 0/1
可知会话状态为down,检测成功
(2)配置BFD与静态路由联动
[AR3]ip route-static 0.0.0.0 0 10.0.13.1 track bfd-session huawei
Info: Succeeded in modifying route.
将AR1的G0/0/0接口down掉:
PC>ping 100.100.100.100
Ping 100.100.100.100: 32 data bytes, Press Ctrl_C to break
From 100.100.100.100: bytes=32 seq=1 ttl=252 time=46 ms
From 100.100.100.100: bytes=32 seq=2 ttl=252 time=94 ms
From 100.100.100.100: bytes=32 seq=3 ttl=252 time=47 ms
From 100.100.100.100: bytes=32 seq=4 ttl=252 time=94 ms
From 100.100.100.100: bytes=32 seq=5 ttl=252 time=78 ms
--- 100.100.100.100 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 46/71/94 ms
可知网络联通性正常
跟踪流量路线:
PC>tracert 100.100.100.100
traceroute to 100.100.100.100, 8 hops max
(ICMP), press Ctrl+C to stop
1 10.1.1.254 63 ms 31 ms 47 ms
2 * * *
3 *10.0.23.2 78 ms 62 ms
4 100.100.100.100 63 ms 62 ms 63 ms
可知PC访问外网走联通链路,实现链路切换
步骤5:配置NQA(适用于AR1与AR4之间链路故障场景)
(1)AR3的配置
[AR3]ip route-static 0.0.0.0 0 10.0.13.1
Info: Succeeded in modifying route.
[AR3]undo bfd huawei //删除BFD会话
[AR3]nqa test-instance 1 1
[AR3-nqa-1-1]test-type icmp
[AR3-nqa-1-1]source-address ipv4 10.0.13.3
[AR3-nqa-1-1]destination-address ipv4 100.100.100.100
[AR3-nqa-1-1]frequency 10 //执行的时间间隔
[AR3-nqa-1-1]timeout 1 //配置NQA测试样例自动执行测试的时间间隔
[AR3-nqa-1-1]interval seconds 1 //配置测试报文的发送间隔
[AR3-nqa-1-1]start now //开始运行
(2)NQA与静态路由联动配置
[AR3]ip route-static 0.0.0.0 0 10.0.13.1 track nqa 1 1
Info: Succeeded in modifying route.
将AR1的G0/0/1接口shutdown 查看nqa 运行结果:
[AR3]display nqa results
查看路由表:
[AR3]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 17 Routes : 16
Destination/Mask Proto Pre Cost Flags NextHop Interface
0.0.0.0/0 Static 61 0 RD 10.0.23.2 GigabitEthernet
0/0/1
由表可知链路已切换
测试外网连通性:
PC>ping 100.100.100.100
Ping 100.100.100.100: 32 data bytes, Press Ctrl_C to break
From 100.100.100.100: bytes=32 seq=1 ttl=252 time=125 ms
From 100.100.100.100: bytes=32 seq=2 ttl=252 time=47 ms
From 100.100.100.100: bytes=32 seq=3 ttl=252 time=47 ms
From 100.100.100.100: bytes=32 seq=4 ttl=252 time=94 ms
From 100.100.100.100: bytes=32 seq=5 ttl=252 time=78 ms
--- 100.100.100.100 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 47/78/125 ms
![[C]精炼分析状态机FSM](https://img-blog.csdnimg.cn/5248d45d6a5548c68ac4147a9b2927c9.jpeg)
