首页 > 代码库 > 华为路由器双出口负载均衡+备份 (2)

华为路由器双出口负载均衡+备份 (2)

上一个因为eNSP的问题,没有写具体的配置,本文补充一下,并添加了BFD联动,BFD需要两台设备都支持BFD,而NQA只需要一台支持即可,这点比较好,附件有完整的eNSP拓扑和配置文件。

技术分享

1.AR4

[V200R003C00]

#

 sysname AR4_AR2240

#

 snmp-agent local-engineid 800007DB03000000000000

 snmp-agent 

#

 clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load flash:/portalpage.zip

#

 drop illegal-mac alarm

#

 wlan ac-global carrier id other ac id 0

#

 set cpu-usage threshold 80 restore 75

#

bfd

#

aaa 

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default 

 domain default_admin 

 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

 local-user admin service-type http

#

firewall zone Local

 priority 15

#

interface Ethernet0/0/0

#

interface Ethernet0/0/1

#

interface Ethernet0/0/2

#

interface Ethernet0/0/3

#

interface Ethernet0/0/4

#

interface Ethernet0/0/5

#

interface Ethernet0/0/6

#

interface Ethernet0/0/7

#

interface GigabitEthernet0/0/0

 ip address 1.1.1.2 255.255.255.0 

#

interface GigabitEthernet0/0/1

 ip address 2.2.2.2 255.255.255.0 

#

interface NULL0

#

interface LoopBack0

 ip address 3.3.3.3 255.255.255.0 

#

bfd dan bind peer-ip 12.12.12.1

 discriminator local 20

 discriminator remote 10

 commit

#

ip route-static 12.12.12.0 255.255.255.252 1.1.1.1

ip route-static 13.13.13.0 255.255.255.252 2.2.2.1

#

user-interface con 0

 authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return


2.AR2


[V200R003C00]

#

 sysname Dianxin_AR2240

#

 snmp-agent local-engineid 800007DB03000000000000

 snmp-agent 

#

 clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load portalpage.zip

#

 drop illegal-mac alarm

#

 set cpu-usage threshold 80 restore 75

#

aaa 

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default 

 domain default_admin 

 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

 local-user admin service-type http

#

firewall zone Local

 priority 15

#

interface GigabitEthernet0/0/0

 ip address 12.12.12.2 255.255.255.252 

#

interface GigabitEthernet0/0/1

 ip address 1.1.1.1 255.255.255.0 

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

ip route-static 3.3.3.0 255.255.255.0 1.1.1.2

#

user-interface con 0

 authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return


3.AR3



[V200R003C00]

#

 sysname Liantong_AR2240

#

 snmp-agent local-engineid 800007DB03000000000000

 snmp-agent 

#

 clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load portalpage.zip

#

 drop illegal-mac alarm

#

 set cpu-usage threshold 80 restore 75

#

aaa 

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default 

 domain default_admin 

 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

 local-user admin service-type http

#

firewall zone Local

 priority 15

#

interface GigabitEthernet0/0/0

 ip address 13.13.13.2 255.255.255.252 

#

interface GigabitEthernet0/0/1

 ip address 2.2.2.1 255.255.255.0 

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

ip route-static 3.3.3.0 255.255.255.0 2.2.2.2

#

user-interface con 0

 authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return


4.AR1


[V200R003C00]

#

 sysname WKWL_HeB_RT_AR2240

#

 snmp-agent local-engineid 800007DB03000000000000

 snmp-agent 

#

 clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load flash:/portalpage.zip

#

 drop illegal-mac alarm

#

 wlan ac-global carrier id other ac id 0

#

 set cpu-usage threshold 80 restore 75

#

bfd

#

acl number 3000  

 description NAT

 rule 10 permit ip source 10.50.8.0 0.0.3.255 

acl number 3001  

 description dan-dianxin

 rule 10 permit ip source 10.50.8.1 0.0.3.254 

acl number 3002  

 description shuang-liantong

 rule 10 permit ip source 10.50.8.0 0.0.3.254 

#

traffic classifier SSR2 operator or

 if-match acl 3002

traffic classifier SSR1 operator or

 if-match acl 3001

#

traffic behavior SSR2

 redirect ip-nexthop 13.13.13.2 track nqa xxf shuang

traffic behavior SSR1

 redirect ip-nexthop 12.12.12.2 track nqa xxf dan

#

traffic policy SSR

 classifier SSR1 behavior SSR1

 classifier SSR2 behavior SSR2

#

aaa 

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default 

 domain default_admin 

 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

 local-user admin service-type http

#

firewall zone Local

 priority 15

#

interface GigabitEthernet0/0/0

 ip address 12.12.12.1 255.255.255.252 

 nat outbound 3000

#

interface GigabitEthernet0/0/1

 ip address 13.13.13.1 255.255.255.252 

 nat outbound 3000

#

interface GigabitEthernet0/0/2

 ip address 10.50.8.253 255.255.255.252 

 traffic-policy SSR inbound

#

interface NULL0

#

bfd dan bind peer-ip 1.1.1.2

 discriminator local 10

 discriminator remote 20

 commit

#

ip route-static 0.0.0.0 0.0.0.0 13.13.13.2 preference 100

ip route-static 0.0.0.0 0.0.0.0 12.12.12.2 track bfd-session dan

ip route-static 1.1.1.0 255.255.255.0 12.12.12.2

ip route-static 2.2.2.0 255.255.255.0 13.13.13.2

ip route-static 10.50.8.0 255.255.254.0 10.50.8.254

#

nqa test-instance xxf dan 

 test-type icmp

 destination-address ipv4 1.1.1.2

 frequency 5

 probe-count 1

 start now

nqa test-instance xxf shuang 

 test-type icmp

 destination-address ipv4 2.2.2.2

 frequency 5

 probe-count 1

 start now

#

user-interface con 0

 authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return


5.SW1


<WKWL_HeB_SW_S5752C>dis cu

<WKWL_HeB_SW_S5752C>dis current-configuration 

#

sysname WKWL_HeB_SW_S5752C

#

vlan batch 10 20 30 40 1000

#

cluster enable

ntdp enable

ndp enable

#

drop illegal-mac alarm

#

dhcp enable

#

dhcp snooping enable

#

diffserv domain default

#

drop-profile default

#

vlan 1000

 description TO-WKWL_HeB_RT_AR2240-GE3/0/0

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password simple admin

 local-user admin service-type http

#

interface Vlanif1

#

interface Vlanif10

 ip address 10.50.9.254 255.255.255.0

 dhcp select interface

 dhcp server excluded-ip-address 10.50.9.1 10.50.9.10

 dhcp server excluded-ip-address 10.50.9.201 10.50.9.253

 dhcp server dns-list 222.222.202.202 114.114.114.114

#

interface Vlanif1000

 description TO-WKWL_HeB_RT_AR2240-GE3/0/0

 ip address 10.50.8.254 255.255.255.252

#

interface MEth0/0/1

#

interface GigabitEthernet0/0/1

 port link-type access

 port default vlan 10

#

interface GigabitEthernet0/0/2

 port link-type access

 port default vlan 10

#

interface GigabitEthernet0/0/3

#

interface GigabitEthernet0/0/4

#

interface GigabitEthernet0/0/5

#

interface GigabitEthernet0/0/6

#

interface GigabitEthernet0/0/7

#

interface GigabitEthernet0/0/8

#

interface GigabitEthernet0/0/9

#

interface GigabitEthernet0/0/10

#

interface GigabitEthernet0/0/11

#

interface GigabitEthernet0/0/12

#

interface GigabitEthernet0/0/13

#

interface GigabitEthernet0/0/14

#

interface GigabitEthernet0/0/15

#

interface GigabitEthernet0/0/16

#

interface GigabitEthernet0/0/17

#

interface GigabitEthernet0/0/18

#

interface GigabitEthernet0/0/19

#

interface GigabitEthernet0/0/20

#

interface GigabitEthernet0/0/21

#

interface GigabitEthernet0/0/22

#

interface GigabitEthernet0/0/23

#

interface GigabitEthernet0/0/24

 port link-type access

 port default vlan 1000

#

interface NULL0

#

ip route-static 0.0.0.0 0.0.0.0 10.50.8.253

#

user-interface con 0

user-interface vty 0 4

#

return

<WKWL_HeB_SW_S5752C>     


实验拓扑文件:  http://down.51cto.com/data/2288682

本文出自 “雪月工作室” 博客,请务必保留此出处http://xueyue8.blog.51cto.com/4650249/1900543

华为路由器双出口负载均衡+备份 (2)