MSTP+VRRP+OSPF+双出口（vrrp ospf配置案例）

MSTP+VRRP+OSPF+双出口（vrrp ospf配置案例）

拓扑图

实验需求：

公司人数较多且多网络冗余和可用性要求较高，故网络中使用MSTP对不同的VLAN负载均衡，使用VRRP对网关进行负载均衡和平均流量，使用两家运营商线路对出口进行负载均衡。接入端配置边缘端口使终端快速进入转发，配置bpdu防护，保护边缘端口接收到bpdu报文后立即关闭，减少网络的震荡。两台core之间使用eth-trunk，

配置步骤：

1.access和core交换机之间的上下联启trunk并分别都创建vlan10,20,30,40，全部启用mstp和创建instance1和instance2；2.access交换机将端口划入对应vlan并配置边缘端口和启用bpdu防护；3.core交换机之间配置链路聚合eth-trunk10；4.core1和core2和出口路由器AR1和AR2配置互连地址并启用ospf；5.core1和core2配置vrrp6.AR1和AR2启用nat，配置默认路由出口，并将默认路由引入ospf进程中，让所有内网能访问外网；

配置命令

1 所有交换机配置mstp，trunk这里没赘述了。

vlan batch 10 20 30 40 stp mode mstp stp region-configuration region-name qindu instance 1 vlan 10 20 instance 2 vlan 30 40 active region-configuration

core1是instance1的根桥是instance2的备份根桥，core2是instrance2的根桥是instance1的备份根桥。core1

stp instance 1 priority 4096 stp instance 2 priority 8192

core2

stp instance 1 priority 8192 stp instance 2 priority 4096

2.access交换机将端口划入对应vlan并配置边缘端口和启用bpdu防护；命令如下，对应的端口配置即可。

stp bpdu-protection //全局开启bopdu防护 port link-type access port default vlan 10 //划入vlan stp edged-port enable //边缘端口，实现快速收敛

3.core交换机之间配置链路聚合eth-trunk10；

interface Eth-Trunk10 port link-type trunk port trunk allow-pass vlan 2 to 4094 mode lacp-static trunkport g0/0/4 trunkport g0/0/5 trunkport g0/0/6

4.core1和core2和出口路由器AR1和AR2配置互连地址并启用ospf；core-1

vlan batch 911 912 interface Vlanif911 ip address 10.10.253.1 255.255.255.252 interface Vlanif912 ip address 10.10.253.5 255.255.255.252 ospf cost 2 interface GigabitEthernet0/0/7 port link-type access port default vlan 911 interface GigabitEthernet0/0/8 port link-type access port default vlan 912

core-2

vlan batch 921 922 interface Vlanif921 ip address 10.10.254.1 255.255.255.252 interface Vlanif912 ip address 10.10.254.5 255.255.255.252 ospf cost 2 interface GigabitEthernet0/0/7 port link-type access port default vlan 921 interface GigabitEthernet0/0/8 port link-type access port default vlan 922

4.core1和core2和出口路由器AR1和AR2配置互连地址并启用ospf；core1

ospf 1 router-id 10.0.0.3 area 0.0.0.0 network 10.10.10.0 0.0.0.255 network 10.10.20.0 0.0.0.255 network 10.10.30.0 0.0.0.255 network 10.10.40.0 0.0.0.255 network 10.10.253.4 0.0.0.3 network 10.10.253.0 0.0.0.3 network 10.0.0.3 0.0.0.0

core2

ospf 1 router-id 10.0.0.4 area 0.0.0.0 network 10.10.10.0 0.0.0.255 network 10.10.20.0 0.0.0.255 network 10.10.30.0 0.0.0.255 network 10.10.40.0 0.0.0.255 network 10.10.254.0 0.0.0.3 network 10.10.254.4 0.0.0.3 network 10.0.0.4 0.0.0.0

AR1

ospf 1 router-id 10.0.0.1 default-route-advertise area 0.0.0.0 network 10.0.0.1 0.0.0.0 network 10.10.253.0 0.0.0.3 network 10.10.254.4 0.0.0.3

AR2

ospf 1 router-id 10.0.0.2 default-route-advertise area 0.0.0.0 network 10.0.0.2 0.0.0.0 network 10.10.253.4 0.0.0.3 network 10.10.254.0 0.0.0.3

5.core1和core2配置vrrpcore1

interface Vlanif10 ip address 10.10.10.252 255.255.255.0 vrrp vrid 10 virtual-ip 10.10.10.254 vrrp vrid 10 priority 120 vrrp vrid 10 track interface GigabitEthernet0/0/7 reduced 21 ospf cost 2 dhcp select relay dhcp relay server-ip 10.10.253.2 # interface Vlanif20 ip address 10.10.20.252 255.255.255.0 vrrp vrid 20 virtual-ip 10.10.20.254 vrrp vrid 20 priority 120 vrrp vrid 20 track interface GigabitEthernet0/0/7 reduced 21 ospf cost 2 dhcp select relay dhcp relay server-ip 10.10.253.2 # interface Vlanif30 ip address 10.10.30.252 255.255.255.0 vrrp vrid 30 virtual-ip 10.10.30.254 ospf cost 2 # interface Vlanif40 ip address 10.10.40.252 255.255.255.0 vrrp vrid 40 virtual-ip 10.10.40.254 ospf cost 2

core2

interface Vlanif10 ip address 10.10.10.253 255.255.255.0 vrrp vrid 10 virtual-ip 10.10.10.254 ospf cost 2 # interface Vlanif20 ip address 10.10.20.253 255.255.255.0 vrrp vrid 20 virtual-ip 10.10.20.254 ospf cost 2 # interface Vlanif30 ip address 10.10.30.253 255.255.255.0 vrrp vrid 30 virtual-ip 10.10.30.254 vrrp vrid 30 priority 120 ospf cost 2 dhcp select relay dhcp relay server-ip 10.10.253.2 # interface Vlanif40 ip address 10.10.40.253 255.255.255.0 vrrp vrid 40 virtual-ip 10.10.40.254 vrrp vrid 40 priority 120 ospf cost 2 dhcp select relay dhcp relay server-ip 10.10.253.2

6.AR1和AR2启用nat，配置默认路由出口，并将默认路由引入ospf进程中，让所有内网能访问外网；AR1

acl number 2000 rule 5 permit source 10.10.0.0 0.0.255.255 interface GigabitEthernet0/0/2 ip address 202.100.1.1 255.255.255.248 nat outbound 2000 ip route-static 0.0.0.0 0.0.0.0 202.100.1.2 引入默认路由步骤3有命令，可翻看参考

AR2

acl number 2000 rule 5 permit source 10.10.0.0 0.0.255.255 interface GigabitEthernet0/0/2 ip address 202.100.2.1 255.255.255.248 nat outbound 2000 ip route-static 0.0.0.0 0.0.0.0 202.100.2.2

这样，一个典型的园区网，汇聚，核心，出口都有冗余和负载均衡。

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。