中小型公司局域網路由備份訪問外網路由配置(華為)
1.
配置思路:
1.先給PC機配置IP地址及子網掩碼;
PC1:192.168.10.1/24
PC2:192.168.20.1/24
PC3:192.168.10.2/24
PC4:192.168.20.2/24
2.給交換機SW3-SW4-SW5-SW6 創建vlan並把對應的端口加入vlan;
<Huawei>system-view
[SW3]vlan batch 10 20
[SW3]interface Ethernet0/0/1
[SW3-Ethernet0/0/1]port link-type access
[SW3-Ethernet0/0/1]port default vlan 10
[SW3-Ethernet0/0/1]quit
[SW3-Ethernet0/0/11]port link-type trunk
[SW3-Ethernet0/0/11]port trunk allow-pass vlan all
[SW3-Ethernet0/0/11]int gi0/0/13
[SW3-Ethernet0/0/13]port link-type access
[SW3-Ethernet0/0/13]undo port link-type
[SW3-Ethernet0/0/13]port link-type trunk
[SW3-Ethernet0/0/13]port trunk allow-pass vlan all
[SW3]q
< SW3>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( .cfg, .zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.
SW4
<Huawei>system-view
[SW4]vlan batch 10 20
[SW4]interface Ethernet0/0/1
[SW4-Ethernet0/0/1]port link-type access
[SW4-Ethernet0/0/1]port default vlan 20
[SW4-Ethernet0/0/1]int e0/0/11
[SW4-Ethernet0/0/11]port link-type trunk
[SW4-Ethernet0/0/11]port trunk allow-pass vlan all
[SW4-Ethernet0/0/11]int e0/0/14
[SW4-Ethernet0/0/14]port link-type trunk
[SW4-Ethernet0/0/14]port trunk allow-pass vlan all
[SW4-Ethernet0/0/14]quit
[SW4]q
<SW4>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( .cfg, .zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.
SW5
<Huawei>system-view
[Huawei]sysname SW5
[SW5]vlan batch 10 20
[SW5]interface Ethernet0/0/1
[SW5-Ethernet0/0/1]port link-type access
[SW5-Ethernet0/0/1]port default vlan 10
[SW5-Ethernet0/0/1]int e0/0/11
[SW5-Ethernet0/0/11]port link-type trunk
[SW5-Ethernet0/0/11]port trunk allow-pass vlan all
[SW5-Ethernet0/0/11]int e0/0/13
[SW5-Ethernet0/0/13]port link-type trunk
[SW5-Ethernet0/0/13]port trunk allow-pass vlan all
[SW5-Ethernet0/0/13]quit
[SW5]q
<SW5>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( .cfg, .zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.
SW6
<Huawei>system-view
[Huawei]sysname SW6
[SW6]vlan batch 10 20
[SW6]interface Ethernet0/0/1
[SW6-Ethernet0/0/1]port link-type access
[SW6-Ethernet0/0/1]port default vlan 20
[SW6-Ethernet0/0/1]int e0/0/11
[SW6-Ethernet0/0/11]port link-type trunk
[SW6-Ethernet0/0/11]port trunk allow-pass vlan all
[SW6-Ethernet0/0/11]int e0/0/14
[SW6-Ethernet0/0/14]port link-type trunk
[SW6-Ethernet0/0/14]port trunk allow-pass vlan all
[SW6-Ethernet0/0/14]quit
[SW6]q
<SW6>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( .cfg, .zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.
3.給SW1-SW2把對應的端口加入對應的VLAN;
<SW1>system-view
[SW1]vlan batch 10 20
[SW1]interface GigabitEthernet 0/0/1
[SW1-GigabitEthernet0/0/1]port link-type access
[SW1-GigabitEthernet0/0/1]port default vlan 10
[SW1-GigabitEthernet0/0/1]q
[SW1]interface GigabitEthernet 0/0/2
[SW1-GigabitEthernet0/0/2]port link-type access
[SW1-GigabitEthernet0/0/2]port default vlan 20
[SW1-GigabitEthernet0/0/2]q
[SW1]interface GigabitEthernet 0/0/3
[SW1-GigabitEthernet0/0/3]port link-type access
[SW1-GigabitEthernet0/0/3]port default vlan 10
[SW1-GigabitEthernet0/0/3]q
[SW1]interface GigabitEthernet 0/0/12
[SW1-GigabitEthernet0/0/12]port link-type trunk
[SW1-GigabitEthernet0/0/12]port trunk allow-pass vlan all
[SW1-GigabitEthernet0/0/12]q
[SW1]q
<SW1>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Now saving the current configuration to the slot 0.
Save the configuration successfully.
<SW2>system-view
[SW2]vlan batch 10 20
[SW2]interface GigabitEthernet 0/0/3
[SW2-GigabitEthernet0/0/3]port link-type access
[SW2-GigabitEthernet0/0/3]port default vlan 20
[SW2-GigabitEthernet0/0/3]q
[SW2]interface GigabitEthernet 0/0/2
[SW2-GigabitEthernet0/0/2]port link-type access
[SW2-GigabitEthernet0/0/2]port default vlan 10
[SW2-GigabitEthernet0/0/2]q
[SW2]interface GigabitEthernet 0/0/3
[SW2-GigabitEthernet0/0/1]port link-type access
[SW2-GigabitEthernet0/0/1]port default vlan 20
[SW2-GigabitEthernet0/0/1]q
[SW2]interface GigabitEthernet 0/0/12
[SW2-GigabitEthernet0/0/12]port link-type trunk
[SW2-GigabitEthernet0/0/12]port trunk allow-pass vlan all
[SW2-GigabitEthernet0/0/12]q
[SW2]q
<SW2>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N] y
Now saving the current configuration to the slot 0.
Save the configuration successfully.
4.給路由器配置VRRP虛擬網關及備份網關. 鏈路的負載均衡 (例如AR1掛掉以後可以通過AR2與外部相連不影響正常工作)
<R1>system-view
[R1]interface GigabitEthernet 0/0/0
[R1-GigabitEthernet0/0/0]vrrp vrid 10 virtual-ip 192.168.10.254
[R1-GigabitEthernet0/0/0]vrrp vrid 10 priority 250
[R1-GigabitEthernet0/0/0]vrrp vrid 10 track interface GigabitEthernet0/0/0 reduced 200
[R1-GigabitEthernet0/0/0]quit
[R1]interface GigabitEthernet 0/0/1
[R1-GigabitEthernet0/0/1]vrrp vrid 20 virtual-ip 192.168.20.254
[R1-GigabitEthernet0/0/1]vrrp vrid 20 priority 50
[R1-GigabitEthernet0/0/1]vrrp vrid 20 track interface GigabitEthernet0/0/1] increased 100
[R1-GigabitEthernet0/0/1]quit
R2
<Huawei>system-view
[R2]interface GigabitEthernet 0/0/0
[R2-GigabitEthernet0/0/0]vrrp vrid 20 virtual-ip 192.168.20.254
[R2-GigabitEthernet0/0/0]vrrp vrid 20 priority 100
[R2-GigabitEthernet0/0/0]vrrp vrid 20 track interface GigabitEthernet 0/0/2 increased 50
[R2-GigabitEthernet0/0/0]quit
[R2]interface GigabitEthernet 0/0/1
[R2-GigabitEthernet0/0/1]vrrp vrid 10 virtual-ip 192.168.10.254
[R2-GigabitEthernet0/0/1]vrrp vrid 10 priority 100
[R2-GigabitEthernet0/0/1]vrrp vrid 10 track interface GigabitEthernet 0/0/2 increased 50
[R2-GigabitEthernet0/0/1]quit
<Huawei>system-view
[R3]interface GigabitEthernet 0/0/1
[R3-GigabitEthernet0/0/1]vrrp vrid 20 virtual-ip 192.168.20.254
[R3-GigabitEthernet0/0/1]vrrp vrid 20 priority 250
[R3-GigabitEthernet0/0/1]vrrp vrid 20 track interface GigabitEthernet 0/0/2 reduced 200
[R3]interface GigabitEthernet 0/0/0
[R3-GigabitEthernet0/0/0]vrrp vrid 10 virtual-ip 192.168.10.254
[R3-GigabitEthernet0/0/0]vrrp vrid 10 priority 80
[R3-GigabitEthernet0/0/0]vrrp vrid 10 track interface GigabitEthernet 0/0/2 increased 20
[R3-GigabitEthernet0/0/0]quit
說明: vlan 10的主網關在AR1上,vlan10的副網關同時在AR2和AR3上,vlan20的主網關在AR3上 ,同時AR1和AR2都具備vlan20的副網關,AR2同時具備vkan10和vlan20的副網關 ;
列如:
AR1掛掉了,那麽PC1和PC2在AR2和AR3上都可以通過;
5.給連接外網交換機的路由器端口配置IP地址讓內網可以訪問外網;
AR1:
<Huawei>system-view
[R1]itnerface ethernet 0/0/2
[R1-GigabitEthernet0/0/2]ip address 192.168.30.1 255.255.255.0
[R1-GigabitEthernet0/0/2]quit
[R1]ospf 1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 192.168.30.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 192.168.10.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 192.168.20.0 0.0.0.255
SW7:
<Huawei>system-view
[SW7]vlan batch 30 40
[SW7]interface ethernet 0/0/1
[SW7-Ethernet0/0/1]port link-type access
[SW7-Ethernet0/0/1]port default vlan 30
[SW7-Ethernet0/0/1]q
[SW7]interface Vlanif 30
[SW7-Vlanif30]ip address 192.168.30.2 255.255.255.0
[SW7-Vlanif30]q
[SW7]inteface ethernet 0/0/4
[SW7-Ethernet0/0/4]port link-type access
[SW7-Ethernet0/0/4]port default vlan 40
[SW7-Ethernet0/0/4]q
[SW7]interface Vlanif 40
[SW7-Vlanif40]ip address 192.168.40.1 255.255.255.0
[SW7]ospf 1
[SW7-ospf-1] area 0
[SW7-ospf-1-area-0.0.0.0]network 192.168.30.2 0.0.0.0
[SW7-ospf-1-area-0.0.0.0]network 192.168.40.1 0.0.0.0
R4:
<Huawei>system-view
[R4]itnerface gi 0/0/1
[R4-GigabitEthernet0/0/1]ip address 192.168.40.2 255.255.255.0
[R4-GigabitEthernet0/0/1]q
[R4]interface GigabitEthernet 0/0/0
[R4-GigabitEthernet0/0/0]ip address 192.168.50.254 255.255.255.0
[R4]ospf1
[R4-ospf-1] area 0
[R4-ospf-1-area-0.0.0.0]network 192.168.40.2 0.0.0.0
[R4-ospf-1-area-0.0.0.0]network 192.168.50.254 0.0.0.0
6:給Server1配置地址;
server1:
IP:192.168.50.1 255.255.255.0 網關:192.168.50.254
在PC1進行測試:
AR2 和 AR3 同理 ;就不做過多操作了。
中小型公司局域網路由備份訪問外網路由配置(華為)