首页 > 代码库 > 华为路由器双出口负载均衡+备份 (2)
华为路由器双出口负载均衡+备份 (2)
上一个因为eNSP的问题,没有写具体的配置,本文补充一下,并添加了BFD联动,BFD需要两台设备都支持BFD,而NQA只需要一台支持即可,这点比较好,附件有完整的eNSP拓扑和配置文件。
1.AR4
[V200R003C00]
#
sysname AR4_AR2240
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
bfd
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface Ethernet0/0/0
#
interface Ethernet0/0/1
#
interface Ethernet0/0/2
#
interface Ethernet0/0/3
#
interface Ethernet0/0/4
#
interface Ethernet0/0/5
#
interface Ethernet0/0/6
#
interface Ethernet0/0/7
#
interface GigabitEthernet0/0/0
ip address 1.1.1.2 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 2.2.2.2 255.255.255.0
#
interface NULL0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.0
#
bfd dan bind peer-ip 12.12.12.1
discriminator local 20
discriminator remote 10
commit
#
ip route-static 12.12.12.0 255.255.255.252 1.1.1.1
ip route-static 13.13.13.0 255.255.255.252 2.2.2.1
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
2.AR2
[V200R003C00]
#
sysname Dianxin_AR2240
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 12.12.12.2 255.255.255.252
#
interface GigabitEthernet0/0/1
ip address 1.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
ip route-static 3.3.3.0 255.255.255.0 1.1.1.2
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
3.AR3
[V200R003C00]
#
sysname Liantong_AR2240
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 13.13.13.2 255.255.255.252
#
interface GigabitEthernet0/0/1
ip address 2.2.2.1 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
ip route-static 3.3.3.0 255.255.255.0 2.2.2.2
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
4.AR1
[V200R003C00]
#
sysname WKWL_HeB_RT_AR2240
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
bfd
#
acl number 3000
description NAT
rule 10 permit ip source 10.50.8.0 0.0.3.255
acl number 3001
description dan-dianxin
rule 10 permit ip source 10.50.8.1 0.0.3.254
acl number 3002
description shuang-liantong
rule 10 permit ip source 10.50.8.0 0.0.3.254
#
traffic classifier SSR2 operator or
if-match acl 3002
traffic classifier SSR1 operator or
if-match acl 3001
#
traffic behavior SSR2
redirect ip-nexthop 13.13.13.2 track nqa xxf shuang
traffic behavior SSR1
redirect ip-nexthop 12.12.12.2 track nqa xxf dan
#
traffic policy SSR
classifier SSR1 behavior SSR1
classifier SSR2 behavior SSR2
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 12.12.12.1 255.255.255.252
nat outbound 3000
#
interface GigabitEthernet0/0/1
ip address 13.13.13.1 255.255.255.252
nat outbound 3000
#
interface GigabitEthernet0/0/2
ip address 10.50.8.253 255.255.255.252
traffic-policy SSR inbound
#
interface NULL0
#
bfd dan bind peer-ip 1.1.1.2
discriminator local 10
discriminator remote 20
commit
#
ip route-static 0.0.0.0 0.0.0.0 13.13.13.2 preference 100
ip route-static 0.0.0.0 0.0.0.0 12.12.12.2 track bfd-session dan
ip route-static 1.1.1.0 255.255.255.0 12.12.12.2
ip route-static 2.2.2.0 255.255.255.0 13.13.13.2
ip route-static 10.50.8.0 255.255.254.0 10.50.8.254
#
nqa test-instance xxf dan
test-type icmp
destination-address ipv4 1.1.1.2
frequency 5
probe-count 1
start now
nqa test-instance xxf shuang
test-type icmp
destination-address ipv4 2.2.2.2
frequency 5
probe-count 1
start now
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
5.SW1
<WKWL_HeB_SW_S5752C>dis cu
<WKWL_HeB_SW_S5752C>dis current-configuration
#
sysname WKWL_HeB_SW_S5752C
#
vlan batch 10 20 30 40 1000
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
dhcp enable
#
dhcp snooping enable
#
diffserv domain default
#
drop-profile default
#
vlan 1000
description TO-WKWL_HeB_RT_AR2240-GE3/0/0
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
#
interface Vlanif1
#
interface Vlanif10
ip address 10.50.9.254 255.255.255.0
dhcp select interface
dhcp server excluded-ip-address 10.50.9.1 10.50.9.10
dhcp server excluded-ip-address 10.50.9.201 10.50.9.253
dhcp server dns-list 222.222.202.202 114.114.114.114
#
interface Vlanif1000
description TO-WKWL_HeB_RT_AR2240-GE3/0/0
ip address 10.50.8.254 255.255.255.252
#
interface MEth0/0/1
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 10
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 10
#
interface GigabitEthernet0/0/3
#
interface GigabitEthernet0/0/4
#
interface GigabitEthernet0/0/5
#
interface GigabitEthernet0/0/6
#
interface GigabitEthernet0/0/7
#
interface GigabitEthernet0/0/8
#
interface GigabitEthernet0/0/9
#
interface GigabitEthernet0/0/10
#
interface GigabitEthernet0/0/11
#
interface GigabitEthernet0/0/12
#
interface GigabitEthernet0/0/13
#
interface GigabitEthernet0/0/14
#
interface GigabitEthernet0/0/15
#
interface GigabitEthernet0/0/16
#
interface GigabitEthernet0/0/17
#
interface GigabitEthernet0/0/18
#
interface GigabitEthernet0/0/19
#
interface GigabitEthernet0/0/20
#
interface GigabitEthernet0/0/21
#
interface GigabitEthernet0/0/22
#
interface GigabitEthernet0/0/23
#
interface GigabitEthernet0/0/24
port link-type access
port default vlan 1000
#
interface NULL0
#
ip route-static 0.0.0.0 0.0.0.0 10.50.8.253
#
user-interface con 0
user-interface vty 0 4
#
return
<WKWL_HeB_SW_S5752C>
实验拓扑文件: http://down.51cto.com/data/2288682
本文出自 “雪月工作室” 博客,请务必保留此出处http://xueyue8.blog.51cto.com/4650249/1900543
华为路由器双出口负载均衡+备份 (2)