1.基本概念

VRRP(Virtual Router Redundancy protocol,虚拟路由冗余协议）

VRRP能够在不改变组网的情况下，将多台路由器虚拟成一个虚拟路由器，通过配置虚拟路由器的IP地址为默认网关，实现网关的备份。

VRRP协议版本为VRRPv2（常用）和VRRPv3，VRRPv2仅适用于IPv4网络，VRROv3适用于IPv4和IPv6网络。

VRRP协议只有一种报文：Advertisement报文，其目的IP地址是224.0.0.18，目的MAC地址是01-00-5e-00-00-12，协议号是112；VRRP根据优先级，选举出master，承担网关功能；

VRRP的角色：①Master：负责应答对虚拟地址的ARP请求，转发发往虚拟网关的数据包。②Backup:负责在master故障后，接替master的工作。

VRRP设计方案注意事项：Master应该与STP的根桥保持一致，否则导致次优路径 

2.实验内容

配置两个VLAN,VLAN 10和VLAN 20,LSW1为接入层交换机，LSW2和LSW3为汇聚层交换机,LSW4为核心层交换机，全网运行OSPF，LSW2和LSW3上配置vrrp,实现PC1和PC3的通信。

 实验拓扑

3.实验配置 

进行基础的VLAN配置 

[sw1]int g0/0/1
[sw1-GigabitEthernet0/0/1]p l a 
[sw1-GigabitEthernet0/0/1]p d v 10
[sw1-GigabitEthernet0/0/1]int g0/0/2
[sw1-GigabitEthernet0/0/2]p l a
[sw1-GigabitEthernet0/0/2]p d v 20
[sw1-GigabitEthernet0/0/2]int g0/0/3
[sw1-GigabitEthernet0/0/3]p l t
[sw1-GigabitEthernet0/0/3]p t a v 10 20
[sw1-GigabitEthernet0/0/3]int g0/0/4
[sw1-GigabitEthernet0/0/4]p l t
[sw1-GigabitEthernet0/0/4]p t a v 10 20

[sw2]int g0/0/1
[sw2-GigabitEthernet0/0/1]p l t 
[sw2-GigabitEthernet0/0/1]p t a v 10 20
[sw2-GigabitEthernet0/0/1]int g0/0/3
[sw2-GigabitEthernet0/0/3]p l t
[sw2-GigabitEthernet0/0/3]p t a v 10 20

[sw3]int g0/0/1
[sw3-GigabitEthernet0/0/1]p l t 
[sw3-GigabitEthernet0/0/1]p t a v 10 20
[sw3-GigabitEthernet0/0/1]int g0/0/3
[sw3-GigabitEthernet0/0/3]p l t 
[sw3-GigabitEthernet0/0/3]p t a v 10 20
 

查看STP信息 

 由上图可知，g0/0/3为根端口，LSW2为根桥

进行MSTP配置

[sw1]stp mode mstp
[sw1]stp region-configuration
[sw1-mst-region]region-name wakin
[sw1-mst-region]revision-level 1
[sw1-mst-region]instance 1 vlan 10
[sw1-mst-region]instance 2 vlan 20
[sw1-mst-region]active region-configuration

[sw2]stp region-configuration
[sw2-mst-region]region-name wakin
[sw2-mst-region]revision-level 1
[sw2-mst-region]instance 1 vlan 10
[sw2-mst-region]instance 2 vlan 20

[sw2-mst-region]active region-configuration
 

[sw3]stp region-configuration
[sw3-mst-region]region-name wakin
[sw3-mst-region]revision-level 1
[sw3-mst-region]instance 1 vlan 10
[sw3-mst-region]instance 2 vlan 20
[sw3-mst-region]active region-configuration

配置实例 

[sw2]stp instance 1 root primary
[sw2]stp instance 2 root sec

[sw3]stp instance 2 root primary
[sw3]stp instance 1 root sec

查看SW2和SW3上的STP信息 

配置VRRP

[sw2]int vlanif 10
[sw2-Vlanif10]ip add 192.168.10.2 24
[sw2-Vlanif10]vrrp vrid 10 virtual-ip 192.168.10.254

[sw2-Vlanif10]vrrp vrid 10 prio 200
[sw2-Vlanif10]int vlanif 20
[sw2-Vlanif20]ip add 192.168.20.2 24
[sw2-Vlanif20]vrrp vrid 20 virtual-ip 192.168.20.254
[sw2-Vlanif20]q

[sw3]int vlanif 10
[sw3-Vlanif10]ip add 192.168.10.3 24
[sw3-Vlanif10]vrrp vrid 10 virtual-ip 192.168.10.254
[sw3-Vlanif10]int vlanif 20
[sw3-Vlanif20]ip add 192.168.20.3 24
[sw3-Vlanif20]vrrp vrid 20 virtual-ip 192.168.20.254
[sw3-Vlanif20]vrrp vrid 20 pri 200

查看vrrp信息，SW2的VRID 10为master,VRID 20为BACKUP，SW3相反。

 配置DHCP

 获取PC1和PC2的IP地址

[sw2]dhcp enable
[sw2]int vlanif 10
[sw2-Vlanif10]dhcp select interface
[sw2-Vlanif10]int vlanif 20
[sw2-Vlanif20]dhcp select interface
 

[sw3]dhcp enable
[sw3]int vlanif 10
[sw3-Vlanif10]dhcp select interface
[sw3-Vlanif10]int vlanif 20
[sw3-Vlanif20]dhcp select interface
 

上图为PC2的IP信息 

网关应该是192.168.20.254，但是查询ip显示的是192.168.253,所以不能用接口地址池 ,要用全局地址池。接下来进行释放操作，把地址释放了。

 删除基于接口的地址池

[sw2]int vlanif 10
[sw2-Vlanif10]undo dhcp select interface
[sw2-Vlanif10]int vlanif 20
[sw2-Vlanif20]undo dhcp select interface
 

[sw3]int vlanif 10
[sw3-Vlanif10]undo dhcp select interface
[sw3-Vlanif10]int vlanif 20
[sw3-Vlanif20]undo dhcp select interface

配置全局地址池

[sw2]ip pool vlan10
[sw2-ip-pool-vlan10]network 192.168.10.0 mask 24
[sw2-ip-pool-vlan10]gateway-list 192.168.10.254
[sw2]ip pool vlan20
Info:It's successful to create an IP address pool.
[sw2-ip-pool-vlan20] gateway-list 192.168.20.254
[sw2-ip-pool-vlan20] network 192.168.20.0 mask 255.255.255.0
 

[sw3]ip pool vlan10

[sw3-ip-pool-vlan10] gateway-list 192.168.10.254
[sw3-ip-pool-vlan10] network 192.168.10.0 mask 255.255.255.0
[sw3-ip-pool-vlan10]ip pool vlan20
Info:It's successful to create an IP address pool.
[sw3-ip-pool-vlan20] gateway-list 192.168.20.254
[sw3-ip-pool-vlan20] network 192.168.20.0 mask 255.255.255.0
 

[sw2]int vlanif 10
[sw2-Vlanif10]dhcp select global
[sw2]int vlanif 20
[sw2-Vlanif20]dhcp select global
 

[sw3]int vlanif 10
[sw3-Vlanif10]dhcp select global
[sw3-Vlanif10]int vlanif 20
[sw3-Vlanif20]dhcp select global

查看分配的DHCP地址 

 以PC2为例，它拿到了192.168.20.254的地址

在SW2和SW3上创建vlanif 1 

[sw2]int vlanif 1
[sw2-Vlanif1]ip add 192.168.123.2 24

[sw3]int vlanif 1
[sw3-Vlanif1]ip add 192.168.123.3 24 

在sw2上使用ping命令测试连通性 

 配置路由器R1,并使用ping命令

[r1]int g0/0/0
[r1-GigabitEthernet0/0/0]ip add 192.168.123.1 24

[r1]int g0/0/1
[r1-GigabitEthernet0/0/1]ip add 1.0.0.254 24

 

 PC3的配置如图所示。

配置动态路由

[sw2]ospf 1 router-id 2.2.2.2
[sw2-ospf-1]a 0
[sw2-ospf-1-area-0.0.0.0]net 192.168.10.0 0.0.0.255
[sw2-ospf-1-area-0.0.0.0]net 192.168.20.0 0.0.0.255
[sw2-ospf-1-area-0.0.0.0]net 192.168.123.0 0.0.0.255

[sw3]ospf 1 router-id 3.3.3.3
[sw3-ospf-1]a 0
[sw3-ospf-1-area-0.0.0.0]net 192.168.10.0 0.0.0.255
[sw3-ospf-1-area-0.0.0.0]net 192.168.20.0 0.0.0.255
[sw3-ospf-1-area-0.0.0.0]net 192.168.123.0 0.0.0.255
 

[r1]ospf 1 router-id 1.1.1.1
[r1-ospf-1]a 0
[r1-ospf-1-area-0.0.0.0]net 192.168.123.0 0.0.0.255
[r1-ospf-1-area-0.0.0.0]net 1.0.0.0 0.0.0.255

 查看ospf邻居

 是FULL的状态，说明邻居已建立完成。

4.结果验证

用PC1 ping PC3

发现，PC1可以和PC3实现通信。