Cisco
連接到 2 個路由器的 Cisco 交換機
我有以下設置:
左邊的路由器是一個棒上的路由器,用於在具有不同 VLAN 的 LAN 內路由流量。
左邊的交換機是我們 LAN 的根交換機,用作 VTP 伺服器。這也連接到路由器 6。
這是我想要做的:
我想使用這四個路由器將此 LAN 連接到未來的另一個 LAN(將以類似的方式與 Router4 和 5 連接),因為連結必須是高可用的。
但當然,交換機不能有 2 個預設網關(對嗎?),我不能給路由器提供相同範圍內的 IP 地址。我將如何最好地解決這個問題?這樣交換機就可以 ping 這些路由器中的任何一個,並且將來可以 ping 另一個 LAN 中的任何設備。
以下是正在執行的配置:
左側路由器:
Building configuration... Current configuration : 1291 bytes ! version 12.4 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname Router ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0/0 no ip address duplex auto speed auto ! interface FastEthernet0/0.1 encapsulation dot1Q 1 native ip address 192.168.1.1 255.255.255.0 ! interface FastEthernet0/0.10 encapsulation dot1Q 10 ip address 192.168.10.1 255.255.255.0 ip helper-address 192.168.2.2 ! interface FastEthernet0/0.20 encapsulation dot1Q 20 ip address 192.168.20.1 255.255.255.0 ip helper-address 192.168.2.2 ! interface FastEthernet0/0.30 encapsulation dot1Q 30 ip address 192.168.30.1 255.255.255.0 ip helper-address 192.168.2.2 ! interface FastEthernet0/0.40 encapsulation dot1Q 40 ip address 192.168.40.1 255.255.255.0 ip helper-address 192.168.2.2 ! interface FastEthernet0/0.99 encapsulation dot1Q 99 ip address 192.168.99.1 255.255.255.0 ip helper-address 192.168.2.2 ! interface FastEthernet0/1 ip address 192.168.2.1 255.255.255.0 duplex auto speed auto ! interface Vlan1 no ip address shutdown ! router ospf 1 log-adjacency-changes network 192.168.2.0 0.0.0.255 area 0 network 192.168.1.0 0.0.0.255 area 0 ! ip classless ! ! ! ! ! ! ! line con 0 line vty 0 4 login ! ! ! end左側開關:
Building configuration... Current configuration : 1907 bytes ! version 12.2 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname Switch ! ! ! interface FastEthernet0/1 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/2 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/3 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/4 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/5 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/6 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/7 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/8 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/9 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/10 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/11 ! interface FastEthernet0/12 ! interface FastEthernet0/13 ! interface FastEthernet0/14 ! interface FastEthernet0/15 ! interface FastEthernet0/16 ! interface FastEthernet0/17 ! interface FastEthernet0/18 ! interface FastEthernet0/19 ! interface FastEthernet0/20 ! interface FastEthernet0/21 ! interface FastEthernet0/22 ! interface FastEthernet0/23 ! interface FastEthernet0/24 ! interface GigabitEthernet1/1 switchport trunk native vlan 99 switchport mode trunk ! interface GigabitEthernet1/2 switchport trunk native vlan 99 switchport mode trunk ! interface Vlan1 no ip address shutdown ! interface Vlan10 no ip address ! interface Vlan20 no ip address ! interface Vlan30 no ip address ! interface Vlan40 no ip address ! interface Vlan99 ip address 192.168.1.2 255.255.255.0 ! ip default-gateway 192.168.1.1 ! ! line con 0 ! line vty 0 4 login line vty 5 15 login ! ! end路由器6
Building configuration... Current configuration : 630 bytes ! version 12.4 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname Router ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0/0 ip address 172.16.1.1 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 ip address 172.16.2.1 255.255.255.0 duplex auto speed auto ! interface Serial0/0/0 no ip address ! interface Serial0/0/1 no ip address ! interface Serial0/1/0 no ip address ! interface Serial0/1/1 no ip address ! interface Vlan1 no ip address shutdown ! ip classless ! ! ! ! ! ! ! line con 0 line vty 0 4 login ! ! ! end
您想查看 HSRP。基本上,路由器 5 和路由器 6 將共享 192.168.1.1,但它們的真實地址將是 .200 和 .201(例如)。
HSRP 使非路由(靜態)主機可以受益於高可用性。這是這個想法的要點,我稍後會添加更多配置。
HSRP 可能是您最好的選擇,但由於看起來您正在執行路由協議,您可以考慮通過預設路由。只需確保您有一個具有高指標(如 254)的備份預設路由作為備份或幫助網路冷啟動。
L3 3550 似乎支持的另一個選項是使用
ip sla和跟踪表。我沒有在交換機上使用它,但是在分支路由器上成功使用它來在路由變得不可 ping 時切換預設路由。ip sla 4 icmp-echo 10.10.10.2 source-interface FastEthernet0 threshold 1000 frequency 5 ip sla schedule 4 life forever start-time now track 4 ip sla 4 delay down 5 up 3 ip route 0.0.0.0 0.0.0.0 1.1.1.1 track 4軌跡表也可以與路由圖一起使用
set ip next-hop verify-availability 1.1.1.1 250 track 4我猜這些可能適用於 L3 3560 或 2960 或更高版本,但不能肯定地說。我仍然會投票支持通過 OSPF 傳遞預設路由 :)