Typical VRRP Configuration
- Example for Configuring a VRRP Group in Active/Standby Mode
- Example for Configuring a VRRP Group in Load Balancing Mode
- Example for Configuring Association Between VRRP and BFD to Implement a Rapid Active/Standby Switchover
- Example for Configuring an Eth-Trunk and Association Between VRRP and the Interface Status
- Example for Configuring VRRP to Ensure Reliable Multicast Data Transmission
Example for Configuring a VRRP Group in Active/Standby Mode
VRRP Active/Standby Overview
Generally, all hosts on the same network segment have the gateway address as the next hop address for the default route. The hosts use the default route to send packets to the gateway and the gateway forwards the packets to other network segments. When the gateway fails, the hosts with the same default route cannot communicate with external networks. Configuring multiple egress gateways is a common method to improve system reliability. However, route selection among the gateways becomes an issue.
VRRP solves this problem. VRRP virtualizes multiple routing devices into a virtual router without changing the networking, and uses the virtual router IP address as the default gateway address to implement gateway backup. When the gateway becomes faulty, VRRP selects a new gateway to transmit service traffic to ensure reliable communication.
Preemption mode: A backup preempts to be the master when its priority is higher than the master.
Non-preemption mode: As long as the master is working properly, the backup with a higher priority cannot become the master.
Configuration Notes
In V200R003 and earlier versions, VRRP can be configured only on the VLANIF interface.
In V200R005 and later versions, VRRP can be configured on the VLANIF interface and Layer 3 Ethernet interface.
For a modular switch in V200R006 and later versions, VRRP can be configured on the VLANIF interface, Layer 3 Ethernet interface, Dot1q termination sub-interface, and QinQ termination sub-interface.
For a fixed switch in V200R009 and later versions, VRRP can be configured on the VLANIF interface, Layer 3 Ethernet interface, and sub-interface.
- Ensure that each device of the same VRRP group is configured with the same VRID.
VRRP groups must use different virtual IP addresses. The virtual IP address of a VRRP group must be on the same network segment as the IP address of the interface where the VRRP group is configured.
- This example applies to the following products:
- S2720-EI: V200R011C10 and later versions
- S2730S-S
- S3700-EI, S3700-HI
- S5720-LI, S5720S-LI, S5720-SI, S5720S-SI, S5720I-SI, S5700-EI, S5700-HI, S5710-EI, S5720-EI, S5710-HI, S5720-HI, S5730-HI, S5730-SI, S5730S-EI, S5731-H, S5731-S, S5731S-S, S5731S-H, S5732-H, S5735-L-I, S5735-L1, S300, S5735-L, S5735S-L, S5735S-L1, S5735S-L-M, S5735-S-I, S5735S-H, S5736-S, S5735-S, S500, S5735S-S
- S6720-LI, S6720S-LI, S6720-SI, S6720S-SI, S6700-EI, S6720-EI, S6720S-EI, S6720-HI, S6730-H, S6730S-H, S6730-S, S6730S-S
- S7703, S7706, S7712, S7703 PoE, S7706 PoE
- S9703, S9706, S9712
For the product models whose applicable versions are not listed above, see Table 1 in "Applicable Products and Versions" for details.
For details about software mappings, visit Hardware Center and select the desired product model.
The S5731-L and S5731S-L are remote units and do not support web-based management, YANG, or commands. They can be configured only through configuration delivery by the central device. For details, see "Simplified Architecture Configuration (the Solar System Solution)" in the S300, S500, S2700, S5700, and S6700 V200R023C00 Configuration Guide - Device Management.
Networking Requirements
The host uses SwitchA as the default gateway to connect to the Internet. When SwitchA becomes faulty, SwitchB functions as the gateway. This implements gateway backup.
After SwitchA recovers, it preempts to be the master to transmit data after a preemption delay of 20s.
In this scenario, to avoid loops, ensure that all connected interfaces have STP disabled and connected interfaces are removed from VLAN 1. If STP is enabled and VLANIF interfaces of switches are used to construct a Layer 3 ring network, an interface on the network will be blocked. As a result, Layer 3 services on the network cannot run normally.
Configuration Roadmap
A VRRP group in active/standby mode is used to implement gateway backup. The configuration roadmap is as follows:
- Assign an IP address to each interface and configure a routing protocol to ensure network connectivity.
- Configure a VRRP group on SwitchA and SwitchB. Set a higher priority for SwitchA so that SwitchA functions as the master to forward traffic, and set the preemption delay to 20s on SwitchA. Set a lower priority for SwitchB so that SwitchB functions as the backup.
Procedure
- Configure devices to ensure network connectivity.
# Assign an IP address to each interface. SwitchA is used as an example. The configurations of SwitchB and SwitchC are similar to the configuration of SwitchA, and are not mentioned here. For details, see the configuration files.
<HUAWEI> system-view [HUAWEI] sysname SwitchA [SwitchA] vlan batch 100 300 [SwitchA] interface gigabitethernet 1/0/1 [SwitchA-GigabitEthernet1/0/1] port link-type hybrid [SwitchA-GigabitEthernet1/0/1] port hybrid pvid vlan 300 [SwitchA-GigabitEthernet1/0/1] port hybrid untagged vlan 300 [SwitchA-GigabitEthernet1/0/1] quit [SwitchA] interface gigabitethernet 1/0/2 [SwitchA-GigabitEthernet1/0/2] port link-type hybrid [SwitchA-GigabitEthernet1/0/2] port hybrid pvid vlan 100 [SwitchA-GigabitEthernet1/0/2] port hybrid untagged vlan 100 [SwitchA-GigabitEthernet1/0/2] quit [SwitchA] interface vlanif 100 [SwitchA-Vlanif100] ip address 10.1.1.1 24 [SwitchA-Vlanif100] quit [SwitchA] interface vlanif 300 [SwitchA-Vlanif300] ip address 192.168.1.1 24 [SwitchA-Vlanif300] quit
# Configure Layer 2 forwarding on the switch.
<HUAWEI> system-view [HUAWEI] sysname Switch [Switch] vlan 100 [Switch-vlan100] quit [Switch] interface gigabitethernet 1/0/1 [Switch-GigabitEthernet1/0/1] port link-type hybrid [Switch-GigabitEthernet1/0/1] port hybrid pvid vlan 100 [Switch-GigabitEthernet1/0/1] port hybrid untagged vlan 100 [Switch-GigabitEthernet1/0/1] quit [Switch] interface gigabitethernet 1/0/2 [Switch-GigabitEthernet1/0/2] port link-type hybrid [Switch-GigabitEthernet1/0/2] port hybrid pvid vlan 100 [Switch-GigabitEthernet1/0/2] port hybrid untagged vlan 100 [Switch-GigabitEthernet1/0/2] quit
# Configure OSPF on SwitchA, SwitchB, and SwitchC. SwitchA is used as an example. The configurations of SwitchB and SwitchC are similar to the configuration of SwitchA, and are not mentioned here. For details, see the configuration files.
[SwitchA] ospf 1 [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit [SwitchA-ospf-1] quit
- Configure a VRRP group.
# Configure VRRP group 1 on SwitchA, and set the priority of SwitchA to 120 and the preemption delay to 20s.
[SwitchA] interface vlanif 100 [SwitchA-Vlanif100] vrrp vrid 1 virtual-ip 10.1.1.111 [SwitchA-Vlanif100] vrrp vrid 1 priority 120 //The default priority of a device in a VRRP group is 100. Change the priority of the master to be higher than that of the backup. [SwitchA-Vlanif100] vrrp vrid 1 preempt-mode timer delay 20 //A device in a VRRP group uses immediate preemption by default. Change the preemption delay of the master to prevent service interruptions on an unstable network where devices in the VRRP group preempt to be the master. [SwitchA-Vlanif100] quit
# Configure VRRP group 1 on SwitchB. SwitchB uses default value 100.
[SwitchB] interface vlanif 100 [SwitchB-Vlanif100] vrrp vrid 1 virtual-ip 10.1.1.111 [SwitchB-Vlanif100] quit
- Verify the configuration.
# After the configuration is complete, run the display vrrp command on SwitchA and SwitchB. You can see that SwitchA is in Master state and SwitchB is in Backup state.
[SwitchA] display vrrp Vlanif100 | Virtual Router 1 State : Master Virtual IP : 10.1.1.111 Master IP : 10.1.1.1 PriorityRun : 120 PriorityConfig : 120 MasterPriority : 120 Preempt : YES Delay Time : 20 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-01-12 20:15:46 Last change time : 2012-01-12 20:15:46
[SwitchB] display vrrp Vlanif100 | Virtual Router 1 State : Backup Virtual IP : 10.1.1.111 Master IP : 10.1.1.1 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 120 Preempt : YES Delay Time : 0 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-01-12 20:15:46 Last change time : 2012-01-12 20:15:46
# Run the display ip routing-table command on SwitchA and SwitchB. The command output shows that a direct route to the virtual IP address exists in the routing table of SwitchA and an OSPF route to the virtual IP address exists in the routing table of SwitchB. The command output on SwitchA and SwitchB is as follows:
[SwitchA] display ip routing-table Route Flags: R - relay, D - download to fib, T - to vpn-instance ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 9 Routes : 10 Destination/Mask Proto Pre Cost Flags NextHop Interface 10.1.1.0/24 Direct 0 0 D 10.1.1.1 Vlanif100 10.1.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif100 10.1.1.111/32 Direct 0 0 D 127.0.0.1 Vlanif100 127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0 172.16.1.0/24 OSPF 10 2 D 192.168.1.2 Vlanif300 192.168.1.0/24 Direct 0 0 D 192.168.1.1 Vlanif300 192.168.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif300 192.168.2.0/24 OSPF 10 2 D 10.1.1.2 Vlanif100 OSPF 10 2 D 192.168.1.2 Vlanif300
[SwitchB] display ip routing-table Route Flags: R - relay, D - download to fib, T - to vpn-instance ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 9 Routes : 10 Destination/Mask Proto Pre Cost Flags NextHop Interface 10.1.1.0/24 Direct 0 0 D 10.1.1.2 Vlanif100 10.1.1.2/32 Direct 0 0 D 127.0.0.1 Vlanif100 10.1.1.111/32 OSPF 10 2 D 10.1.1.1 Vlanif100 127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0 172.16.1.0/24 OSPF 10 2 D 192.168.2.2 Vlanif200 192.168.1.0/24 OSPF 10 2 D 10.1.1.1 Vlanif100 OSPF 10 2 D 192.168.2.2 Vlanif200 192.168.2.0/24 Direct 0 0 D 192.168.2.1 Vlanif200 192.168.2.1/32 Direct 0 0 D 127.0.0.1 Vlanif200
# Run the shutdown command on GE1/0/2 of SwitchA to simulate a link fault.
[SwitchA] interface gigabitethernet 1/0/2 [SwitchA-GigabitEthernet1/0/2] shutdown [SwitchA-GigabitEthernet1/0/2] quit
# Run the display vrrp command on SwitchB to view the VRRP status. The command output shows that SwitchB is in Master state.
[SwitchB] display vrrp Vlanif100 | Virtual Router 1 State : Master Virtual IP : 10.1.1.111 Master IP : 10.1.1.2 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 100 Preempt : YES Delay Time : 0 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-01-12 20:15:46 Last change time : 2012-01-12 20:18:40
# Run the undo shutdown command on GE1/0/2 of SwitchA.
[SwitchA] interface gigabitethernet 1/0/2 [SwitchA-GigabitEthernet1/0/2] undo shutdown [SwitchA-GigabitEthernet1/0/2] quit
# After 20s, run the display vrrp command on SwitchA to view the VRRP status. The command output shows that SwitchA is in Master state.
[SwitchA] display vrrp Vlanif100 | Virtual Router 1 State : Master Virtual IP : 10.1.1.111 Master IP : 10.1.1.1 PriorityRun : 120 PriorityConfig : 120 MasterPriority : 120 Preempt : YES Delay Time : 20 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-01-12 20:15:46 Last change time : 2012-01-12 20:20:56
Configuration Files
Configuration file of SwitchA
# sysname SwitchA # vlan batch 100 300 # interface Vlanif100 ip address 10.1.1.1 255.255.255.0 vrrp vrid 1 virtual-ip 10.1.1.111 vrrp vrid 1 priority 120 vrrp vrid 1 preempt-mode timer delay 20 # interface Vlanif300 ip address 192.168.1.1 255.255.255.0 # interface GigabitEthernet1/0/1 port link-type hybrid port hybrid pvid vlan 300 port hybrid untagged vlan 300 # interface GigabitEthernet1/0/2 port link-type hybrid port hybrid pvid vlan 100 port hybrid untagged vlan 100 # ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.255 network 192.168.1.0 0.0.0.255 # return
Configuration file of SwitchB
# sysname SwitchB # vlan batch 100 200 # interface Vlanif100 ip address 10.1.1.2 255.255.255.0 vrrp vrid 1 virtual-ip 10.1.1.111 # interface Vlanif200 ip address 192.168.2.1 255.255.255.0 # interface GigabitEthernet1/0/1 port link-type hybrid port hybrid pvid vlan 200 port hybrid untagged vlan 200 # interface GigabitEthernet1/0/2 port link-type hybrid port hybrid pvid vlan 100 port hybrid untagged vlan 100 # ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.255 network 192.168.2.0 0.0.0.255 # return
Configuration file of SwitchC
# sysname SwitchC # vlan batch 200 300 400 # interface Vlanif200 ip address 192.168.2.2 255.255.255.0 # interface Vlanif300 ip address 192.168.1.2 255.255.255.0 # interface Vlanif400 ip address 172.16.1.1 255.255.255.0 # interface GigabitEthernet1/0/1 port link-type hybrid port hybrid pvid vlan 300 port hybrid untagged vlan 300 # interface GigabitEthernet1/0/2 port link-type hybrid port hybrid pvid vlan 200 port hybrid untagged vlan 200 # interface GigabitEthernet1/0/3 port link-type hybrid port hybrid pvid vlan 400 port hybrid untagged vlan 400 # ospf 1 area 0.0.0.0 network 172.16.1.0 0.0.0.255 network 192.168.1.0 0.0.0.255 network 192.168.2.0 0.0.0.255 # return
Configuration file of the switch
# sysname Switch # vlan batch 100 # interface GigabitEthernet1/0/1 port link-type hybrid port hybrid pvid vlan 100 port hybrid untagged vlan 100 # interface GigabitEthernet1/0/2 port link-type hybrid port hybrid pvid vlan 100 port hybrid untagged vlan 100 # return
Video
Example for Configuring a VRRP Group in Load Balancing Mode
VRRP Load Balancing Overview
In load balancing mode, multiple devices transmit service traffic simultaneously. Therefore, the load balancing mode requires two or more virtual routers. Each virtual router contains one master and multiple backups, and the master in each virtual router can be different.
- Multiple VRRP groups need to be created, and the master in each VRRP group can be different.
- A VRRP device can join multiple VRRP groups and has different priorities in different VRRP groups.
Configuration Notes
In V200R003 and earlier versions, VRRP can be configured only on the VLANIF interface.
In V200R005 and later versions, VRRP can be configured on the VLANIF interface and Layer 3 Ethernet interface.
For a modular switch in V200R006 and later versions, VRRP can be configured on the VLANIF interface, Layer 3 Ethernet interface, Dot1q termination sub-interface, and QinQ termination sub-interface.
For a fixed switch in V200R009 and later versions, VRRP can be configured on the VLANIF interface, Layer 3 Ethernet interface, and sub-interface.
- Ensure that each device of the same VRRP group is configured with the same VRID.
VRRP groups must use different virtual IP addresses. The virtual IP address of a VRRP group must be on the same network segment as the IP address of the interface where the VRRP group is configured.
- This example applies to the following products:
- S2720-EI: V200R011C10 and later versions
- S3700-EI, S3700-HI
- S5720-LI, S5720S-LI, S5720-SI, S5720S-SI, S5720I-SI, S5700-EI, S5700-HI, S5710-EI, S5720-EI, S5710-HI, S5720-HI, S5730-HI, S5730-SI, S5730S-EI, S5731-H, S5731-S, S5731S-S, S5731S-H, S5732-H, S2730S-S, S5735-L-I, S5735-L1, S300, S5735-L, S5735S-L, S5735S-L1, S5735S-L-M, S5735-S-I, S5735S-H, S5736-S, S5735-S, S500, S5735S-S
- S6720-LI, S6720S-LI, S6720-SI, S6720S-SI, S6700-EI, S6720-EI, S6720S-EI, S6720-HI, S6730-H, S6730S-H, S6730-S, S6730S-S
- S7703, S7706, S7712, S7703 PoE, S7706 PoE
- S9703, S9706, S9712
For the product models whose applicable versions are not listed above, see Table 1 in "Applicable Products and Versions" for details.
For details about software mappings, visit Hardware Center and select the desired product model.
The S5731-L and S5731S-L are remote units and do not support web-based management, YANG, or commands. They can be configured only through configuration delivery by the central device. For details, see "Simplified Architecture Configuration (the Solar System Solution)" in the S300, S500, S2700, S5700, and S6700 V200R023C00 Configuration Guide - Device Management.
Networking Requirements
In Figure 3-177, HostA and HostC are dual-homed to SwitchA and SwitchB through the switch. To reduce the load of data traffic on SwitchA, HostA uses SwitchA as the default gateway to connect to the Internet, and SwitchB functions as the backup gateway. HostC uses SwitchB as the default gateway to connect to the Internet, and SwitchA functions as the backup gateway. This implements load balancing.
In this scenario, to avoid loops, ensure that all connected interfaces have STP disabled and connected interfaces are removed from VLAN 1. If STP is enabled and VLANIF interfaces of switches are used to construct a Layer 3 ring network, an interface on the network will be blocked. As a result, Layer 3 services on the network cannot run normally.
Configuration Roadmap
A VRRP group in load balancing mode is used to implement load balancing. The configuration roadmap is as follows:
- Assign an IP address to each interface and configure a routing protocol to ensure network connectivity.
- Create VRRP groups 1 and 2 on SwitchA and SwitchB. In VRRP group 1, configure SwitchA as the master and SwitchB as the backup. In VRRP group 2, configure SwitchB as the master and SwitchA as the backup.
Procedure
- Configure devices to ensure network connectivity.
# Assign an IP address to each interface. SwitchA is used as an example. The configurations of SwitchB and SwitchC are similar to the configuration of SwitchA, and are not mentioned here. For details, see the configuration files.
<HUAWEI> system-view [HUAWEI] sysname SwitchA [SwitchA] vlan batch 100 300 500 [SwitchA] interface gigabitethernet 1/0/1 [SwitchA-GigabitEthernet1/0/1] port link-type trunk [SwitchA-GigabitEthernet1/0/1] port trunk allow-pass vlan 300 [SwitchA-GigabitEthernet1/0/1] quit [SwitchA] interface gigabitethernet 1/0/2 [SwitchA-GigabitEthernet1/0/2] port link-type trunk [SwitchA-GigabitEthernet1/0/2] port trunk allow-pass vlan 100 500 [SwitchA-GigabitEthernet1/0/2] quit [SwitchA] interface vlanif 100 [SwitchA-Vlanif100] ip address 10.1.10.1 24 [SwitchA-Vlanif100] quit [SwitchA] interface vlanif 500 [SwitchA-Vlanif500] ip address 10.1.50.1 24 [SwitchA-Vlanif500] quit [SwitchA] interface vlanif 300 [SwitchA-Vlanif300] ip address 192.168.1.1 24 [SwitchA-Vlanif300] quit
# Configure Layer 2 forwarding on the switch.
<HUAWEI> system-view [HUAWEI] sysname Switch [Switch] vlan batch 100 500 [Switch] interface gigabitethernet 1/0/1 [Switch-GigabitEthernet1/0/1] port link-type trunk [Switch-GigabitEthernet1/0/1] port trunk allow-pass vlan 100 500 [Switch-GigabitEthernet1/0/1] quit [Switch] interface gigabitethernet 1/0/2 [Switch-GigabitEthernet1/0/2] port link-type trunk [Switch-GigabitEthernet1/0/2] port trunk allow-pass vlan 100 500 [Switch-GigabitEthernet1/0/2] quit
# Configure OSPF on SwitchA, SwitchB, and SwitchC. SwitchA is used as an example. The configurations of SwitchB and SwitchC are similar to the configuration of SwitchA, and are not mentioned here. For details, see the configuration files.
[SwitchA] ospf 1 [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 10.1.10.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] network 10.1.50.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit [SwitchA-ospf-1] quit
- Configure a VRRP group.
# Configure VRRP group 1 on SwitchA and SwitchB, set the priority of SwitchA to 120 and the preemption delay to 20s, and set the default priority for SwitchB.
[SwitchA] interface vlanif 100 [SwitchA-Vlanif100] vrrp vrid 1 virtual-ip 10.1.10.111 [SwitchA-Vlanif100] vrrp vrid 1 priority 120 //The default priority of a device in a VRRP group is 100. Change the priority of the master to be higher than that of the backup. [SwitchA-Vlanif100] vrrp vrid 1 preempt-mode timer delay 20 //A device in a VRRP group uses immediate preemption by default. Change the preemption delay of the master to prevent service interruptions on an unstable network where devices in the VRRP group preempt to be the master. [SwitchA-Vlanif100] quit
[SwitchB] interface vlanif 100 [SwitchB-Vlanif100] vrrp vrid 1 virtual-ip 10.1.10.111 [SwitchB-Vlanif100] quit
# Configure VRRP group 2 on SwitchA and SwitchB, set the priority of SwitchB to 120 and the preemption delay to 20s, and set the default priority for SwitchA.
[SwitchB] interface vlanif 500 [SwitchB-Vlanif500] vrrp vrid 2 virtual-ip 10.1.50.111 [SwitchB-Vlanif500] vrrp vrid 2 priority 120 //The default priority of a device in a VRRP group is 100. Change the priority of the master to be higher than that of the backup. [SwitchB-Vlanif500] vrrp vrid 2 preempt-mode timer delay 20 //A device in a VRRP group uses immediate preemption by default. Change the preemption delay of the master to prevent service interruptions on an unstable network where devices in the VRRP group preempt to be the master. [SwitchB-Vlanif500] quit
[SwitchA] interface vlanif 500 [SwitchA-Vlanif500] vrrp vrid 2 virtual-ip 10.1.50.111 [SwitchA-Vlanif500] quit
- Verify the configuration.
# After the configuration is complete, run the display vrrp command on SwitchA. You can see that SwitchA is the master in VRRP group 1 and the backup in VRRP group 2.
[SwitchA] display vrrp Vlanif100 | Virtual Router 1 State : Master Virtual IP : 10.1.10.111 Master IP : 10.1.10.1 PriorityRun : 120 PriorityConfig : 120 MasterPriority : 120 Preempt : YES Delay Time : 20 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-01-12 20:15:46 Last change time : 2012-01-12 20:15:46 Vlanif500 | Virtual Router 2 State : Backup Virtual IP : 10.1.50.111 Master IP : 10.1.50.2 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 120 Preempt : YES Delay Time : 0 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0102 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-01-12 20:15:46 Last change time : 2012-01-12 20:15:46
# After the configuration is complete, run the display vrrp command on SwitchB. You can see that SwitchB is the backup in VRRP group 1 and the master in VRRP group 2.
[SwitchB] display vrrp Vlanif100 | Virtual Router 1 State : Backup Virtual IP : 10.1.10.111 Master IP : 10.1.10.1 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 120 Preempt : YES Delay Time : 0 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-01-12 20:15:46 Last change time : 2012-01-12 20:15:46 Vlanif500 | Virtual Router 2 State : Master Virtual IP : 10.1.50.111 Master IP : 10.1.50.2 PriorityRun : 120 PriorityConfig : 120 MasterPriority : 120 Preempt : YES Delay Time : 20 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0102 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-01-12 20:15:46 Last change time : 2012-01-12 20:15:46
Configuration Files
Configuration file of SwitchA
# sysname SwitchA # vlan batch 100 300 500 # interface Vlanif100 ip address 10.1.10.1 255.255.255.0 vrrp vrid 1 virtual-ip 10.1.10.111 vrrp vrid 1 priority 120 vrrp vrid 1 preempt-mode timer delay 20 # interface Vlanif300 ip address 192.168.1.1 255.255.255.0 # interface Vlanif500 ip address 10.1.50.1 255.255.255.0 vrrp vrid 2 virtual-ip 10.1.50.111 # interface GigabitEthernet1/0/1 port link-type trunk port trunk allow-pass vlan 300 # interface GigabitEthernet1/0/2 port link-type trunk port trunk allow-pass vlan 100 500 # ospf 1 area 0.0.0.0 network 10.1.10.0 0.0.0.255 network 10.1.50.0 0.0.0.255 network 192.168.1.0 0.0.0.255 # return
Configuration file of SwitchB
# sysname SwitchB # vlan batch 100 200 500 # interface Vlanif100 ip address 10.1.10.2 255.255.255.0 vrrp vrid 1 virtual-ip 10.1.10.111 # interface Vlanif200 ip address 192.168.2.1 255.255.255.0 # interface Vlanif500 ip address 10.1.50.2 255.255.255.0 vrrp vrid 2 virtual-ip 10.1.50.111 vrrp vrid 2 priority 120 vrrp vrid 2 preempt-mode timer delay 20 # interface GigabitEthernet1/0/1 port link-type trunk port trunk allow-pass vlan 200 # interface GigabitEthernet1/0/2 port link-type trunk port trunk allow-pass vlan 100 500 # ospf 1 area 0.0.0.0 network 10.1.10.0 0.0.0.255 network 10.1.50.0 0.0.0.255 network 192.168.2.0 0.0.0.255 # return
Configuration file of SwitchC
# sysname SwitchC # vlan batch 200 300 400 # interface Vlanif200 ip address 192.168.2.2 255.255.255.0 # interface Vlanif300 ip address 192.168.1.2 255.255.255.0 # interface Vlanif400 ip address 172.16.1.1 255.255.255.0 # interface GigabitEthernet1/0/1 port link-type trunk port trunk allow-pass vlan 300 # interface GigabitEthernet1/0/2 port link-type trunk port trunk allow-pass vlan 200 # interface GigabitEthernet1/0/3 port link-type trunk port trunk allow-pass vlan 400 # ospf 1 area 0.0.0.0 network 172.16.1.0 0.0.0.255 network 192.168.1.0 0.0.0.255 network 192.168.2.0 0.0.0.255 # return
Configuration file of the switch
# sysname Switch # vlan batch 100 500 # interface GigabitEthernet1/0/1 port link-type trunk port trunk allow-pass vlan 100 500 # interface GigabitEthernet1/0/2 port link-type trunk port trunk allow-pass vlan 100 500 # return
Example for Configuring Association Between VRRP and BFD to Implement a Rapid Active/Standby Switchover
Overview of Association Between VRRP and BFD
A VRRP group sends and receives VRRP Advertisement packets to determine the master and backup states, thereby implementing redundancy. If links connected to a VRRP group fail, VRRP Advertisement packets cannot be sent for negotiation. A backup will switch to the master after a period of time three times that of the interval during which VRRP Advertisement packets are sent. During the switchover period, service traffic is still sent to the original master, causing user traffic loss.
BFD can rapidly detect connectivity of links and routes on the network. Association between VRRP and BFD implements a fast active/standby switchover within 1 second. A BFD session is set up between the master and backup and is bound to a VRRP group. BFD detects faults of the VRRP group. When a fault occurs, BFD notifies the VRRP group that an active/standby switchover is being performed, greatly reducing the service interruption time.
Configuration Notes
In V200R003 and earlier versions, VRRP can be configured only on the VLANIF interface.
In V200R005 and later versions, VRRP can be configured on the VLANIF interface and Layer 3 Ethernet interface.
For a modular switch in V200R006 and later versions, VRRP can be configured on the VLANIF interface, Layer 3 Ethernet interface, Dot1q termination sub-interface, and QinQ termination sub-interface.
For a fixed switch in V200R009 and later versions, VRRP can be configured on the VLANIF interface, Layer 3 Ethernet interface, and sub-interface.
- Ensure that each device of the same VRRP group is configured with the same VRID.
VRRP groups must use different virtual IP addresses. The virtual IP address of a VRRP group must be on the same network segment as the IP address of the interface where the VRRP group is configured.
Multiple VRRP groups can monitor a BFD session, and a VRRP group can monitor a maximum of eight BFD sessions simultaneously.
- This example applies to the following products:
- S3700-EI, S3700-HI
- S5720-SI, S5720S-SI, S5720I-SI, S5700-EI, S5700-HI, S5710-EI, S5720-EI, S5710-HI, S5720-HI, S5730-HI, S5730-SI, S5730S-EI, S5731-H, S5731-S, S5731S-S, S5731S-H, S5732-H, S5735-S-I, S5735S-H, S5736-S, S5735-S, S5735S-S
- S6720-SI, S6720S-SI, S6700-EI, S6720-EI, S6720S-EI, S6720-HI, S6730-H, S6730S-H, S6730-S, S6730S-S
- S7703, S7706, S7712, S7703 PoE, S7706 PoE
- S9703, S9706, S9712
For the product models whose applicable versions are not listed above, see Table 1 in "Applicable Products and Versions" for details.
For details about software mappings, visit Hardware Center and select the desired product model.
The S5731-L and S5731S-L are remote units and do not support web-based management, YANG, or commands. They can be configured only through configuration delivery by the central device. For details, see "Simplified Architecture Configuration (the Solar System Solution)" in the S300, S500, S2700, S5700, and S6700 V200R023C00 Configuration Guide - Device Management.
Networking Requirements
In Figure 3-178, hosts on a LAN are dual-homed to SwitchA and SwitchB through the switch. A VRRP group is established on SwitchA and SwitchB, and SwitchA is the master.
When SwitchA or a link between SwitchA and SwitchB is faulty, VRRP packets are sent after VRRP negotiation is complete. To speed up link switchovers, deploy a BFD session on the link and associate the VRRP group with the BFD session. When the interface on the master or the link fails, the BFD session rapidly detects the fault and notifies the VRRP group of the fault. After receiving the notification, the VRRP group performs a rapid active/standby switchover. The backup becomes the Master and takes over traffic. This reduces the impact of the fault on service transmission.
In this scenario, to avoid loops, ensure that all connected interfaces have STP disabled and connected interfaces are removed from VLAN 1. If STP is enabled and VLANIF interfaces of switches are used to construct a Layer 3 ring network, an interface on the network will be blocked. As a result, Layer 3 services on the network cannot run normally.
Configuration Roadmap
Association between VRRP and BFD is used to implement a rapid active/standby switchover. The configuration roadmap is as follows:
- Assign an IP address to each interface and configure a routing protocol to ensure network connectivity.
- Configure a VRRP group on SwitchA and SwitchB. SwitchA functions as the master, its priority is 120, and the preemption delay is 20s. SwitchB functions as the backup and uses the default priority.
- Configure a static BFD session on SwitchA and SwitchB to monitor the link of the VRRP group.
- Configuration association between BFD and VRRP on SwitchB. When the link is faulty, an active/standby switchover can be performed rapidly.
Procedure
- Configure devices to ensure network connectivity.
# Assign an IP address to each interface. SwitchA is used as an example. The configuration of SwitchB is similar to that of SwitchA.
<HUAWEI> system-view [HUAWEI] sysname SwitchA [SwitchA] vlan 100 [SwitchA-vlan100] quit [SwitchA] interface gigabitethernet 1/0/1 [SwitchA-GigabitEthernet1/0/1] port link-type hybrid [SwitchA-GigabitEthernet1/0/1] port hybrid pvid vlan 100 [SwitchA-GigabitEthernet1/0/1] port hybrid untagged vlan 100 [SwitchA-GigabitEthernet1/0/1] quit [SwitchA] interface vlanif 100 [SwitchA-Vlanif100] ip address 10.1.1.1 24 [SwitchA-Vlanif100] quit
# Configure Layer 2 forwarding on the switch.
<HUAWEI> system-view [HUAWEI] sysname Switch [Switch] vlan 100 [Switch-vlan100] quit [Switch] interface gigabitethernet 1/0/1 [Switch-GigabitEthernet1/0/1] port link-type hybrid [Switch-GigabitEthernet1/0/1] port hybrid pvid vlan 100 [Switch-GigabitEthernet1/0/1] port hybrid untagged vlan 100 [Switch-GigabitEthernet1/0/1] quit [Switch] interface gigabitethernet 1/0/2 [Switch-GigabitEthernet1/0/2] port link-type hybrid [Switch-GigabitEthernet1/0/2] port hybrid pvid vlan 100 [Switch-GigabitEthernet1/0/2] port hybrid untagged vlan 100 [Switch-GigabitEthernet1/0/2] quit
# Configure OSPF between SwitchA and SwitchB. SwitchA is used as an example. The configuration of SwitchB is similar to that of SwitchA.
[SwitchA] ospf 1 [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit [SwitchA-ospf-1] quit
- Configure a VRRP group.
# Configure VRRP group 1 on SwitchA, and set the priority of SwitchA to 120 and the preemption delay to 20s.
[SwitchA] interface vlanif 100 [SwitchA-Vlanif100] vrrp vrid 1 virtual-ip 10.1.1.3 [SwitchA-Vlanif100] vrrp vrid 1 priority 120 //The default priority of a device in a VRRP group is 100. Change the priority of the master to be higher than that of the backup. [SwitchA-Vlanif100] vrrp vrid 1 preempt-mode timer delay 20 //A device in a VRRP group uses immediate preemption by default. Change the preemption delay of the master to prevent service interruptions on an unstable network where devices in the VRRP group preempt to be the master. [SwitchA-Vlanif100] quit
# Configure VRRP group 1 on SwitchB. SwitchB uses default value 100.
[SwitchB] interface vlanif 100 [SwitchB-Vlanif100] vrrp vrid 1 virtual-ip 10.1.1.3 [SwitchB-Vlanif100] quit
- Configure a static BFD session.
# Create a BFD session on SwitchA.
[SwitchA] bfd [SwitchA-bfd] quit [SwitchA] bfd atob bind peer-ip 10.1.1.2 interface vlanif 100 //Configure a static BFD session to monitor the link of the VRRP group. [SwitchA-bfd-session-atob] discriminator local 1 //Configure the local discriminator of the BFD session. The local discriminator on SwitchA must be the same as the remote discriminator on SwitchB. [SwitchA-bfd-session-atob] discriminator remote 2 //Configure the remote discriminator of the BFD session. The remote discriminator on SwitchA must be the same as the local discriminator on SwitchB. [SwitchA-bfd-session-atob] min-rx-interval 100 //Configure the minimum interval for receiving BFD packets. [SwitchA-bfd-session-atob] min-tx-interval 100 //Configure the minimum interval for sending BFD packets. [SwitchA-bfd-session-atob] commit //Commit the BFD session to make the configuration take effect. [SwitchA-bfd-session-atob] quit
# Create a BFD session on SwitchB.
[SwitchB] bfd [SwitchB-bfd] quit [SwitchB] bfd btoa bind peer-ip 10.1.1.1 interface vlanif 100 [SwitchB-bfd-session-btoa] discriminator local 2 [SwitchB-bfd-session-btoa] discriminator remote 1 [SwitchB-bfd-session-btoa] min-rx-interval 100 [SwitchB-bfd-session-btoa] min-tx-interval 100 [SwitchB-bfd-session-btoa] commit [SwitchB-bfd-session-btoa] quit
Run the display bfd session command on SwitchA and SwitchB. You can see that the BFD session is Up. The display on SwitchA is used as an example.
[SwitchA] display bfd session all -------------------------------------------------------------------------------- Local Remote PeerIpAddr State Type InterfaceName -------------------------------------------------------------------------------- 1 2 10.1.1.2 Up S_IP_IF Vlanif100 -------------------------------------------------------------------------------- Total UP/DOWN Session Number : 1/0
- Configuration association between BFD and VRRP.
# Configure association between VRRP and BFD on SwitchB. When the BFD session becomes Down, the priority of SwitchB increases by 40.
[SwitchB] interface vlanif 100 [SwitchB-Vlanif100] vrrp vrid 1 track bfd-session 2 increased 40 //The value 2 indicates the local discriminator. [SwitchB-Vlanif100] quit
- Verify the configuration.
# After the configuration is complete, run the display vrrp command on SwitchA and SwitchB. SwitchA is the master, SwitchB is the backup, and the associated BFD session is in Up state.
[SwitchA] display vrrp Vlanif100 | Virtual Router 1 State : Master Virtual IP : 10.1.1.3 Master IP : 10.1.1.1 PriorityRun : 120 PriorityConfig : 120 MasterPriority : 120 Preempt : YES Delay Time : 20 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-01-12 20:15:46 Last change time : 2012-01-12 20:15:46
[SwitchB] display vrrp Vlanif100 | Virtual Router 1 State : Backup Virtual IP : 10.1.1.3 Master IP : 10.1.1.1 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 120 Preempt : YES Delay Time : 0 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Track BFD : 2 Priority increased : 40 BFD-session state : UP Create time : 2012-01-12 20:15:46 Last change time : 2012-01-12 20:15:46
# Run the shutdown command on GE1/0/1 of SwitchA to simulate a link fault. Then run the display vrrp command on SwitchA and SwitchB. You can see that SwitchA is in Initialize state, SwitchB becomes the master, and the associated BFD session becomes Down.
[SwitchA] interface gigabitethernet 1/0/1 [SwitchA-GigabitEthernet1/0/1] shutdown [SwitchA-GigabitEthernet1/0/1] quit
[SwitchA] display vrrp Vlanif100 | Virtual Router 1 State : Initialize Virtual IP : 10.1.1.3 Master IP : 0.0.0.0 PriorityRun : 120 PriorityConfig : 120 MasterPriority : 0 Preempt : YES Delay Time : 20 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-01-12 20:15:46 Last change time : 2012-01-12 20:15:46
[SwitchB] display vrrp Vlanif100 | Virtual Router 1 State : Master Virtual IP : 10.1.1.3 Master IP : 10.1.1.2 PriorityRun : 140 PriorityConfig : 100 MasterPriority : 140 Preempt : YES Delay Time : 0 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Track BFD : 2 Priority increased : 40 BFD-session state : DOWN Create time : 2012-01-12 20:15:46 Last change time : 2012-01-12 20:15:46
# Run the undo shutdown command on GE1/0/1 of SwitchA.
[SwitchA] interface gigabitethernet 1/0/1 [SwitchA-GigabitEthernet1/0/1] undo shutdown [SwitchA-GigabitEthernet1/0/1] quit
# After 20s, run the display vrrp command on SwitchA and SwitchB. You can see that SwitchA is restored as the master, SwitchB is restored as the backup, and the associated BFD session is in Up state.
[SwitchA] display vrrp Vlanif100 | Virtual Router 1 State : Master Virtual IP : 10.1.1.3 Master IP : 10.1.1.1 PriorityRun : 120 PriorityConfig : 120 MasterPriority : 120 Preempt : YES Delay Time : 20 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-01-12 20:15:46 Last change time : 2012-01-12 20:15:46
[SwitchB] display vrrp Vlanif100 | Virtual Router 1 State : Backup Virtual IP : 10.1.1.3 Master IP : 10.1.1.1 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 120 Preempt : YES Delay Time : 0 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Track BFD : 2 Priority increased : 40 BFD-session state : UP Create time : 2012-01-12 20:15:46 Last change time : 2012-01-12 20:15:46
Configuration Files
SwitchA configuration file
# sysname SwitchA # vlan batch 100 # bfd # interface Vlanif100 ip address 10.1.1.1 255.255.255.0 vrrp vrid 1 virtual-ip 10.1.1.3 vrrp vrid 1 priority 120 vrrp vrid 1 preempt-mode timer delay 20 # interface GigabitEthernet1/0/1 port link-type hybrid port hybrid pvid vlan 100 port hybrid untagged vlan 100 # bfd atob bind peer-ip 10.1.1.2 interface Vlanif100 discriminator local 1 discriminator remote 2 min-tx-interval 100 min-rx-interval 100 commit # ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.255 # return
Configuration file of SwitchB
# sysname SwitchB # vlan batch 100 # bfd # interface Vlanif100 ip address 10.1.1.2 255.255.255.0 vrrp vrid 1 virtual-ip 10.1.1.3 vrrp vrid 1 track bfd-session 2 increased 40 # interface GigabitEthernet1/0/1 port link-type hybrid port hybrid pvid vlan 100 port hybrid untagged vlan 100 # bfd btoa bind peer-ip 10.1.1.1 interface Vlanif100 discriminator local 2 discriminator remote 1 min-tx-interval 100 min-rx-interval 100 commit # ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.255 # return
Configuration file of the switch
# sysname Switch # vlan batch 100 # interface GigabitEthernet1/0/1 port link-type hybrid port hybrid pvid vlan 100 port hybrid untagged vlan 100 # interface GigabitEthernet1/0/2 port link-type hybrid port hybrid pvid vlan 100 port hybrid untagged vlan 100 # return
Example for Configuring an Eth-Trunk and Association Between VRRP and the Interface Status
Association Between VRRP and the Interface Status
Additional technologies are required to enhance the VRRP active/standby function. For example, when the link from the master to a network is disconnected, VRRP cannot detect the fault and an active/standby switchover cannot be performed. As a result, hosts cannot remotely access the network through the master. To address this issue, you can configure association between VRRP and the interface status.
When the master detects that the uplink interface fails, the master reduces its priority to be lower than the priority of the backup and immediately sends VRRP packets. After the backup receives the VRRP packets, it detects that the priority in the VRRP packets is lower than its priority and switches to the master. This ensures correct traffic forwarding.
Configuration Notes
In V200R003 and earlier versions, VRRP can be configured only on the VLANIF interface.
In V200R005 and later versions, VRRP can be configured on the VLANIF interface and Layer 3 Ethernet interface.
For a modular switch in V200R006 and later versions, VRRP can be configured on the VLANIF interface, Layer 3 Ethernet interface, Dot1q termination sub-interface, and QinQ termination sub-interface.
For a fixed switch in V200R009 and later versions, VRRP can be configured on the VLANIF interface, Layer 3 Ethernet interface, and sub-interface.
- Ensure that each device of the same VRRP group is configured with the same VRID.
VRRP groups must use different virtual IP addresses. The virtual IP address of a VRRP group must be on the same network segment as the IP address of the interface where the VRRP group is configured.
A VRRP group can be associated with a maximum of eight interfaces. Association between a VRRP group and the interface status cannot be configured on the device as the IP address owner.
- This example applies to the following products:
- S2720-EI: V200R011C10 and later versions
- S3700-EI, S3700-HI
- S5720-LI, S5720S-LI, S5720-SI, S5720S-SI, S5720I-SI, S5700-EI, S5700-HI, S5710-EI, S5720-EI, S5710-HI, S5720-HI, S5730-HI, S5730-SI, S5730S-EI, S5731-H, S5731-S, S5731S-S, S5731S-H, S5732-H, S2730S-S, S5735-L-I, S5735-L1, S300, S5735-L, S5735S-L, S5735S-L1, S5735S-L-M, S5735-S-I, S5735S-H, S5736-S, S5735-S, S500, S5735S-S
- S6720-LI, S6720S-LI, S6720-SI, S6720S-SI, S6700-EI, S6720-EI, S6720S-EI, S6720-HI, S6730-H, S6730S-H, S6730-S, S6730S-S
- S7703, S7706, S7712, S7703 PoE, S7706 PoE
- S9703, S9706, S9712
For the product models whose applicable versions are not listed above, see Table 1 in "Applicable Products and Versions" for details.
For details about software mappings, visit Hardware Center and select the desired product model.
The S5731-L and S5731S-L are remote units and do not support web-based management, YANG, or commands. They can be configured only through configuration delivery by the central device. For details, see "Simplified Architecture Configuration (the Solar System Solution)" in the S300, S500, S2700, S5700, and S6700 V200R023C00 Configuration Guide - Device Management.
Networking Requirements
The hosts use SwitchA as the default gateway to connect to the Internet. When SwitchA or the downlink/uplink fails, SwitchB functions as the gateway to implement gateway backup.
The bandwidth of the link between SwitchA and SwitchB is increased to implement link backup and improve link reliability.
After SwitchA recovers, it becomes the gateway within 20s.
Configuration Roadmap
A VRRP group in active/standby mode is used to implement gateway backup. The configuration roadmap is as follows:
Assign an IP address to each interface and configure a routing protocol to ensure network connectivity.
Configure VLAN aggregation on SwitchA and SwitchB to implement Layer 2 isolation and Layer 3 connectivity of VLANs 101 to 180 and save IP addresses.
Create an Eth-Trunk on SwitchA and SwitchB and add member interfaces to the Eth-Trunk to increase the link bandwidth and implement link backup.
Configure a VRRP group between SwitchA and SwitchB. Set a higher priority for SwitchA so that SwitchA functions as the master to forward traffic, and set the preemption delay to 20s on SwitchA. Set a lower priority for SwitchB so that SwitchB functions as the backup.
Associate VRRP with GE1/0/1 and GE1/0/2 on SwitchA so that the VRRP group can detect the fault of the master and perform an active/standby switchover immediately.
SwitchA and SwitchB are core switches, and the switch is an aggregation switch.
Procedure
- Configure devices to ensure network connectivity.
# Assign an IP address to each interface on core devices. SwitchA is used as an example. The configuration of SwitchB is similar to the configuration of SwitchA, and is not mentioned here. For details, see the configuration files.
<HUAWEI> system-view [HUAWEI] sysname SwitchA [SwitchA] vlan batch 11 to 15 101 to 180 301 to 305 400 [SwitchA] interface gigabitethernet 1/0/1 [SwitchA-GigabitEthernet1/0/1] port link-type trunk [SwitchA-GigabitEthernet1/0/1] undo port trunk allow-pass vlan 1 [SwitchA-GigabitEthernet1/0/1] port trunk allow-pass vlan 400 [SwitchA-GigabitEthernet1/0/1] quit [SwitchA] interface gigabitethernet 1/0/2 [SwitchA-GigabitEthernet1/0/2] port link-type trunk [SwitchA-GigabitEthernet1/0/2] undo port trunk allow-pass vlan 1 [SwitchA-GigabitEthernet1/0/2] port trunk allow-pass vlan 101 to 180 [SwitchA-GigabitEthernet1/0/2] quit [SwitchA] interface vlanif 11 [SwitchA-Vlanif11] ip address 10.1.1.2 24 [SwitchA-Vlanif11] quit [SwitchA] interface vlanif 12 [SwitchA-Vlanif12] ip address 10.1.2.2 24 [SwitchA-Vlanif12] quit [SwitchA] interface vlanif 13 [SwitchA-Vlanif13] ip address 10.1.3.2 24 [SwitchA-Vlanif13] quit [SwitchA] interface vlanif 14 [SwitchA-Vlanif14] ip address 10.1.4.2 24 [SwitchA-Vlanif14] quit [SwitchA] interface vlanif 15 [SwitchA-Vlanif15] ip address 10.1.5.2 24 [SwitchA-Vlanif15] quit [SwitchA] interface vlanif 400 [SwitchA-Vlanif400] ip address 192.168.1.1 24 [SwitchA-Vlanif400] quit
# Configure Layer 2 transparent transmission on the switch.
<HUAWEI> system-view [HUAWEI] sysname Switch [Switch] vlan batch 11 to 15 101 to 180 [Switch] interface gigabitethernet 1/0/1 [Switch-GigabitEthernet1/0/1] port link-type trunk [Switch-GigabitEthernet1/0/1] undo port trunk allow-pass vlan 1 [Switch-GigabitEthernet1/0/1] port trunk allow-pass vlan 11 to 15 101 to 180 [Switch-GigabitEthernet1/0/1] quit [Switch] interface gigabitethernet 1/0/2 [Switch-GigabitEthernet1/0/2] port link-type trunk [Switch-GigabitEthernet1/0/2] undo port trunk allow-pass vlan 1 [Switch-GigabitEthernet1/0/2] port trunk allow-pass vlan 11 to 15 101 to 180 [Switch-GigabitEthernet1/0/2] quit
# Configure OSPF on SwitchA, SwitchB, and switch. SwitchA is used as an example. The configurations of SwitchB and SwitchC are similar to the configuration of SwitchA, and are not mentioned here. For details, see the configuration files.
[SwitchA] ospf 1 [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] network 10.1.4.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] network 10.1.5.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit [SwitchA-ospf-1] quit
- Configure a super-VLAN on SwitchA and SwitchB.
# Configure a super-VLAN on SwitchA. The configuration of SwitchB is similar to the configuration of SwitchA, and is not mentioned here. For details, see the configuration files.
[SwitchA] vlan 11 [SwitchA-vlan11] aggregate-vlan [SwitchA-vlan11] access-vlan 101 to 116 301 [SwitchA-vlan11] quit [SwitchA] vlan 12 [SwitchA-vlan12] aggregate-vlan [SwitchA-vlan12] access-vlan 117 to 132 302 [SwitchA-vlan12] quit [SwitchA] vlan 13 [SwitchA-vlan13] aggregate-vlan [SwitchA-vlan13] access-vlan 133 to 148 303 [SwitchA-vlan13] quit [SwitchA] vlan 14 [SwitchA-vlan14] aggregate-vlan [SwitchA-vlan14] access-vlan 149 to 164 304 [SwitchA-vlan14] quit [SwitchA] vlan 15 [SwitchA-vlan15] aggregate-vlan [SwitchA-vlan15] access-vlan 165 to 180 305 [SwitchA-vlan15] quit
- Configure link aggregation on SwitchA and SwitchB.
# Create Eth-Trunk 1 in LACP mode on SwitchA. The configuration of SwitchB is similar to the configuration of SwitchA, and is not mentioned here. For details, see the configuration files.
[SwitchA] interface eth-trunk 1 [SwitchA-Eth-Trunk1] mode lacp [SwitchA-Eth-Trunk1] port link-type trunk [SwitchA-Eth-Trunk1] undo port trunk allow-pass vlan 1 [SwitchA-Eth-Trunk1] port trunk allow-pass vlan 301 to 305 [SwitchA-Eth-Trunk1] quit
# Add member interfaces on SwitchA to Eth-Trunk 1. The configuration of SwitchB is similar to the configuration of SwitchA, and is not mentioned here. For details, see the configuration files.
[SwitchA] interface gigabitethernet 1/0/3 [SwitchA-GigabitEthernet1/0/3] eth-trunk 1 [SwitchA-GigabitEthernet1/0/3] quit [SwitchA] interface gigabitethernet 1/0/4 [SwitchA-GigabitEthernet1/0/4] eth-trunk 1 [SwitchA-GigabitEthernet1/0/4] quit
- Configure VRRP groups on SwitchA and SwitchB.
# Configure a VRRP group on SwitchA, and set the priority of SwitchA to 120 and the preemption delay to 20s.
[SwitchA] interface vlanif 11 [SwitchA-Vlanif11] vrrp vrid 1 virtual-ip 10.1.1.1 [SwitchA-Vlanif11] vrrp vrid 1 priority 120 //The default priority of the device in a VRRP group is 100. Change the priority of the master to be higher than that of the backup. [SwitchA-Vlanif11] vrrp vrid 1 preempt-mode timer delay 20 //The device in a VRRP group uses the immediate preemption mode by default. Change the preemption delay of the master to prevent traffic interruptions when the master and backup frequently preempt the bandwidth on an unstable network. [SwitchA-Vlanif11] vrrp vrid 1 track interface gigabitethernet 1/0/1 reduced 100 //Associate the VRRP group with the uplink interface. Set the decreased priority to ensure that the priority of the backup is higher than the priority of the master. Then an active/standby switchover can be triggered. [SwitchA-Vlanif11] vrrp vrid 1 track interface gigabitethernet 1/0/2 reduced 100 //Associate the VRRP group with the downlink interface. Set the decreased priority to ensure that the priority of the backup is higher than the priority of the master. Then an active/standby switchover can be triggered. [SwitchA-Vlanif11] vrrp advertise send-mode 301 //Specify VLAN 301 where VRRP packets are transmitted to save the network bandwidth. [SwitchA-Vlanif11] quit [SwitchA] interface vlanif 12 [SwitchA-Vlanif12] vrrp vrid 2 virtual-ip 10.1.2.1 [SwitchA-Vlanif12] vrrp vrid 2 priority 120 [SwitchA-Vlanif12] vrrp vrid 2 preempt-mode timer delay 20 [SwitchA-Vlanif12] vrrp vrid 2 track interface gigabitethernet 1/0/1 reduced 100 [SwitchA-Vlanif12] vrrp vrid 2 track interface gigabitethernet 1/0/2 reduced 100 [SwitchA-Vlanif12] vrrp advertise send-mode 302 [SwitchA-Vlanif12] quit [SwitchA] interface vlanif 13 [SwitchA-Vlanif13] vrrp vrid 3 virtual-ip 10.1.3.1 [SwitchA-Vlanif13] vrrp vrid 3 priority 120 [SwitchA-Vlanif13] vrrp vrid 3 preempt-mode timer delay 20 [SwitchA-Vlanif13] vrrp vrid 3 track interface gigabitethernet 1/0/1 reduced 100 [SwitchA-Vlanif13] vrrp vrid 3 track interface gigabitethernet 1/0/2 reduced 100 [SwitchA-Vlanif13] vrrp advertise send-mode 303 [SwitchA-Vlanif13] quit [SwitchA] interface vlanif 14 [SwitchA-Vlanif14] vrrp vrid 4 virtual-ip 10.1.4.1 [SwitchA-Vlanif14] vrrp vrid 4 priority 120 [SwitchA-Vlanif14] vrrp vrid 4 preempt-mode timer delay 20 [SwitchA-Vlanif14] vrrp vrid 4 track interface gigabitethernet 1/0/1 reduced 100 [SwitchA-Vlanif14] vrrp vrid 4 track interface gigabitethernet 1/0/2 reduced 100 [SwitchA-Vlanif14] vrrp advertise send-mode 304 [SwitchA-Vlanif14] quit [SwitchA] interface vlanif 15 [SwitchA-Vlanif15] vrrp vrid 5 virtual-ip 10.1.5.1 [SwitchA-Vlanif15] vrrp vrid 5 priority 120 [SwitchA-Vlanif15] vrrp vrid 5 preempt-mode timer delay 20 [SwitchA-Vlanif15] vrrp vrid 5 track interface gigabitethernet 1/0/1 reduced 100 [SwitchA-Vlanif15] vrrp vrid 5 track interface gigabitethernet 1/0/2 reduced 100 [SwitchA-Vlanif15] vrrp advertise send-mode 305 [SwitchA-Vlanif15] quit
# Configure a VRRP group on SwitchB. SwitchB uses the default priority of 100.
[SwitchB] interface vlanif 11 [SwitchB-Vlanif11] vrrp vrid 1 virtual-ip 10.1.1.1 [SwitchB-Vlanif11] vrrp advertise send-mode 301 [SwitchB-Vlanif11] quit [SwitchB] interface vlanif 12 [SwitchB-Vlanif12] vrrp vrid 2 virtual-ip 10.1.2.1 [SwitchB-Vlanif12] vrrp advertise send-mode 302 [SwitchB-Vlanif12] quit [SwitchB] interface vlanif 13 [SwitchB-Vlanif13] vrrp vrid 3 virtual-ip 10.1.3.1 [SwitchB-Vlanif13] vrrp advertise send-mode 303 [SwitchB-Vlanif13] quit [SwitchB] interface vlanif 14 [SwitchB-Vlanif14] vrrp vrid 4 virtual-ip 10.1.4.1 [SwitchB-Vlanif14] vrrp advertise send-mode 304 [SwitchB-Vlanif14] quit [SwitchB] interface vlanif 15 [SwitchB-Vlanif15] vrrp vrid 5 virtual-ip 10.1.5.1 [SwitchB-Vlanif15] vrrp advertise send-mode 305 [SwitchB-Vlanif15] quit
- Disable STP on SwitchA, SwitchB, SwitchC, and Switch.
# Disable global STP on SwitchA, SwitchB, SwitchC, and Switch. SwitchA is used as an example. The configurations of SwitchB, SwitchC, and the switch are similar to the configuration of SwitchA, and are not mentioned here. For details, see the configuration files.
[SwitchA] stp disable Warning: The global STP state will be changed. Continue?[Y/N]:y
- Verify the configuration.
# After the configuration is complete, run the display vrrp command on SwitchA. You can see that SwitchA is the master in VRRP group 1. VRRP group 1 is used as an example. Information of other VRRP groups is similar to information of VRRP group 1.
[SwitchA] display vrrp 1 Vlanif11 | Virtual Router 1 State : Master Virtual IP : 10.1.1.1 Master IP : 10.1.1.2 Send VRRP packet to subvlan : 301 PriorityRun : 120 PriorityConfig : 120 MasterPriority : 120 Preempt : YES Delay Time : 20 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Track IF : GigabitEthernet1/0/1 Priority reduced : 100 IF state : UP Track IF : GigabitEthernet1/0/2 Priority reduced : 100 IF state : UP Create time : 2012-05-11 11:39:18 Last change time : 2012-05-26 11:38:58# Run the display vrrp command on SwitchB. You can see that SwitchB is the backup. VRRP group 1 is used as an example.
[SwitchB] display vrrp 1 Vlanif11 | Virtual Router 1 State : Backup Virtual IP : 10.1.1.1 Master IP : 10.1.1.2 Send VRRP packet to subvlan : 301 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 120 Preempt : YES Delay Time : 0 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-05-11 11:39:18 Last change time : 2012-05-26 11:38:58# Run the shutdown command on GE1/0/1 of SwitchA to simulate a link fault. Then run the display vrrp command on SwitchA and SwitchB. You can see that SwitchA is in Backup state, SwitchB enters the Master state, and the associated interface becomes Down.
[SwitchA] interface gigabitethernet 1/0/1 [SwitchA-GigabitEthernet1/0/1] shutdown [SwitchA-GigabitEthernet1/0/1] quit
[SwitchA] display vrrp 1 Vlanif11 | Virtual Router 1 State : Backup Virtual IP : 10.1.1.1 Master IP : 10.1.1.3 Send VRRP packet to subvlan : 301 PriorityRun : 20 PriorityConfig : 120 MasterPriority : 100 Preempt : YES Delay Time : 20 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Track IF : GigabitEthernet1/0/1 Priority reduced : 100 IF state : DOWN Track IF : GigabitEthernet1/0/2 Priority reduced : 100 IF state : UP Create time : 2012-05-11 11:39:18 Last change time : 2012-05-26 14:12:38[SwitchB] display vrrp 1 Vlanif11 | Virtual Router 1 State : Master Virtual IP : 10.1.1.1 Master IP : 10.1.1.3 Send VRRP packet to subvlan : 301 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 100 Preempt : YES Delay Time : 0 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-05-11 11:39:18 Last change time : 2012-05-26 14:12:38# Run the undo shutdown command on GE1/0/1 of SwitchA.
[SwitchA] interface gigabitethernet 1/0/1 [SwitchA-GigabitEthernet1/0/1] undo shutdown [SwitchA-GigabitEthernet1/0/1] quit
# After 20s, run the display vrrp command on SwitchA and SwitchB. You can see that SwitchA is restored as the master and SwitchB is restored as the backup, and the associated interface is in Up state.
[SwitchA] display vrrp 1 Vlanif11 | Virtual Router 1 State : Master Virtual IP : 10.1.1.1 Master IP : 10.1.1.2 Send VRRP packet to subvlan : 301 PriorityRun : 120 PriorityConfig : 120 MasterPriority : 120 Preempt : YES Delay Time : 20 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Track IF : GigabitEthernet1/0/1 Priority reduced : 100 IF state : UP Track IF : GigabitEthernet1/0/2 Priority reduced : 100 IF state : UP Create time : 2012-05-11 11:39:18 Last change time : 2012-05-26 14:17:36[SwitchB] display vrrp 1 Vlanif11 | Virtual Router 1 State : Backup Virtual IP : 10.1.1.1 Master IP : 10.1.1.2 Send VRRP packet to subvlan : 301 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 120 Preempt : YES Delay Time : 0 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-05-11 11:39:18 Last change time : 2012-05-26 14:17:36
Configuration Files
Configuration file of SwitchA
# sysname SwitchA # vlan batch 11 to 15 101 to 180 301 to 305 400 # stp disable # vlan 11 aggregate-vlan access-vlan 101 to 116 301 vlan 12 aggregate-vlan access-vlan 117 to 132 302 vlan 13 aggregate-vlan access-vlan 133 to 148 303 vlan 14 aggregate-vlan access-vlan 149 to 164 304 vlan 15 aggregate-vlan access-vlan 165 to 180 305 # interface Vlanif11 ip address 10.1.1.2 255.255.255.0 vrrp vrid 1 virtual-ip 10.1.1.1 vrrp vrid 1 priority 120 vrrp vrid 1 preempt-mode timer delay 20 vrrp vrid 1 track interface gigabitethernet1/0/1 reduced 100 vrrp vrid 1 track interface gigabitethernet1/0/2 reduced 100 vrrp advertise send-mode 301 # interface Vlanif12 ip address 10.1.2.2 255.255.255.0 vrrp vrid 2 virtual-ip 10.1.2.1 vrrp vrid 2 priority 120 vrrp vrid 2 preempt-mode timer delay 20 vrrp vrid 2 track interface gigabitethernet1/0/1 reduced 100 vrrp vrid 2 track interface gigabitethernet1/0/2 reduced 100 vrrp advertise send-mode 302 # interface Vlanif13 ip address 10.1.3.2 255.255.255.0 vrrp vrid 3 virtual-ip 10.1.3.1 vrrp vrid 3 priority 120 vrrp vrid 3 preempt-mode timer delay 20 vrrp vrid 3 track interface gigabitethernet1/0/1 reduced 100 vrrp vrid 3 track interface gigabitethernet1/0/2 reduced 100 vrrp advertise send-mode 303 # interface Vlanif14 ip address 10.1.4.2 255.255.255.0 vrrp vrid 4 virtual-ip 10.1.4.1 vrrp vrid 4 priority 120 vrrp vrid 4 preempt-mode timer delay 20 vrrp vrid 4 track interface gigabitethernet1/0/1 reduced 100 vrrp vrid 4 track interface gigabitethernet1/0/2 reduced 100 vrrp advertise send-mode 304 # interface Vlanif15 ip address 10.1.5.2 255.255.255.0 vrrp vrid 5 virtual-ip 10.1.5.1 vrrp vrid 5 priority 120 vrrp vrid 5 preempt-mode timer delay 20 vrrp vrid 5 track interface gigabitethernet1/0/1 reduced 100 vrrp vrid 5 track interface gigabitethernet1/0/2 reduced 100 vrrp advertise send-mode 305 # interface Vlanif400 ip address 192.168.1.1 255.255.255.0 # interface Eth-Trunk1 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 301 to 305 mode lacp # interface GigabitEthernet1/0/1 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 400 # interface GigabitEthernet1/0/2 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 101 to 180 # interface GigabitEthernet1/0/3 eth-trunk 1 # interface GigabitEthernet1/0/4 eth-trunk 1 # ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.255 network 10.1.2.0 0.0.0.255 network 10.1.3.0 0.0.0.255 network 10.1.4.0 0.0.0.255 network 10.1.5.0 0.0.0.255 network 192.168.1.0 0.0.0.255 # returnConfiguration file of SwitchB
# sysname SwitchB # vlan batch 11 to 15 101 to 180 200 301 to 305 # stp disable # vlan 11 aggregate-vlan access-vlan 101 to 116 301 vlan 12 aggregate-vlan access-vlan 117 to 132 302 vlan 13 aggregate-vlan access-vlan 133 to 148 303 vlan 14 aggregate-vlan access-vlan 149 to 164 304 vlan 15 aggregate-vlan access-vlan 165 to 180 305 # interface Vlanif11 ip address 10.1.1.3 255.255.255.0 vrrp vrid 1 virtual-ip 10.1.1.1 vrrp advertise send-mode 301 # interface Vlanif12 ip address 10.1.2.3 255.255.255.0 vrrp vrid 2 virtual-ip 10.1.2.1 vrrp advertise send-mode 302 # interface Vlanif13 ip address 10.1.3.3 255.255.255.0 vrrp vrid 3 virtual-ip 10.1.3.1 vrrp advertise send-mode 303 # interface Vlanif14 ip address 10.1.4.3 255.255.255.0 vrrp vrid 4 virtual-ip 10.1.4.1 vrrp advertise send-mode 304 # interface Vlanif15 ip address 10.1.5.3 255.255.255.0 vrrp vrid 5 virtual-ip 10.1.5.1 vrrp advertise send-mode 305 # interface Vlanif200 ip address 192.168.2.1 255.255.255.0 # interface Eth-Trunk1 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 301 to 305 mode lacp # interface GigabitEthernet1/0/1 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 200 # interface GigabitEthernet1/0/2 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 101 to 180 # interface GigabitEthernet1/0/3 eth-trunk 1 # interface GigabitEthernet1/0/4 eth-trunk 1 # ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.255 network 10.1.2.0 0.0.0.255 network 10.1.3.0 0.0.0.255 network 10.1.4.0 0.0.0.255 network 10.1.5.0 0.0.0.255 network 192.168.2.0 0.0.0.255 # returnConfiguration file of SwitchC
# sysname SwitchC # vlan batch 200 300 400 # stp disable # interface Vlanif200 ip address 192.168.2.2 255.255.255.0 # interface Vlanif300 ip address 172.16.1.1 255.255.255.0 # interface Vlanif400 ip address 192.168.1.2 255.255.255.0 # interface GigabitEthernet1/0/1 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 400 # interface GigabitEthernet1/0/2 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 200 # interface GigabitEthernet1/0/3 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 300 # ospf 1 area 0.0.0.0 network 172.16.1.0 0.0.0.255 network 192.168.1.0 0.0.0.255 network 192.168.2.0 0.0.0.255 # return
Configuration file of the switch
# sysname Switch # vlan batch 11 to 15 101 to 180 # stp disable # interface GigabitEthernet1/0/1 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 11 to 15 101 to 180 # interface GigabitEthernet1/0/2 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 11 to 15 101 to 180 # return
Example for Configuring VRRP to Ensure Reliable Multicast Data Transmission
VRRP Overview
Generally, all hosts on the same network segment have the same default route with the gateway address as the next hop address. The hosts use the default route to send packets to the gateway and the gateway forwards the packets to other network segments. When the gateway fails, the hosts with the same default route cannot communicate with external networks. Configuring multiple egress gateways is a commonly used method to improve system reliability. However, route selection between the gateways becomes an issue.
VRRP solves the problem. VRRP virtualizes multiple routing devices into a virtual router without changing the networking, and uses the virtual router IP address as the default gateway address to implement gateway backup. When the gateway fails, VRRP selects a new gateway to transmit service traffic to ensure reliable communication.
Configuration Notes
- VRRP groups must use different virtual IP addresses. The virtual IP address of a VRRP group must be on the same network segment as the IP address of the interface where the VRRP group is configured.
- Ensure that each device of the same VRRP group is configured with the same VRID.
- In V200R003C00 and earlier versions, only the VLANIF interface supports VRRP. In V200R005C00 and later versions, VLANIF and Layer 3 Ethernet interfaces support VRRP.
- This example applies to the following products:
- S3700-EI, S3700-HI
- S5720-SI, S5720S-SI, S5720I-SI, S5700-EI, S5700-HI, S5710-EI, S5720-EI, S5710-HI, S5720-HI, S5730-HI, S5730-SI, S5730S-EI, S5731-H, S5731-S, S5731S-S, S5731S-H, S5732-H, S5735-S-I, S5735S-H, S5736-S, S5735-S, S500, S5735S-S
- S6720-SI, S6720S-SI, S6700-EI, S6720-EI, S6720S-EI, S6720-HI, S6730-H, S6730S-H, S6730-S, S6730S-S
- S7703, S7706, S7712, S7703 PoE, S7706 PoE
- S9703, S9706, S9712
For the product models whose applicable versions are not listed above, see Table 1 in "Applicable Products and Versions" for details.
For details about software mappings, visit Hardware Center and select the desired product model.
The S5731-L and S5731S-L are remote units and do not support web-based management, YANG, or commands. They can be configured only through configuration delivery by the central device. For details, see "Simplified Architecture Configuration (the Solar System Solution)" in the S300, S500, S2700, S5700, and S6700 V200R023C00 Configuration Guide - Device Management.
Networking Requirements
As shown in Figure 3-180, SwitchA and SwitchB are egress gateways of the campus network; SwitchC and SwitchD are core switches. The multicast source connects to the campus network through a router. Key nodes on the network work in redundancy mode to improve network reliability, and the egress gateways and core switches are fully meshed to implement link redundancy. The egress gateways and core switches must be configured to enable multicast data to be reliably transmitted to the downstream network.
In this scenario, to avoid loops, ensure that all connected interfaces have STP disabled and connected interfaces are removed from VLAN 1. If STP is enabled and VLANIF interfaces of switches are used to construct a Layer 3 ring network, an interface on the network will be blocked. As a result, Layer 3 services on the network cannot run normally.
Device |
Interface |
VLAN |
VLANIF Interface IP Address |
Device |
Interface |
VLAN |
VLANIF Interface IP Address |
|---|---|---|---|---|---|---|---|
SwitchA |
GE1/0/0 |
VLAN 100 |
10.1.1.1/24 |
SwitchC |
GE1/0/0 |
VLAN 400 |
10.1.6.1/24 |
Eth-trunk 1 (with member interfaces GE2/0/1, GE2/0/2, and GE2/0/3) |
VLAN 100, VLAN 200 |
No VLANIF 200 interface |
Eth-trunk 1(with member interfaces GE2/0/1, GE2/0/2, and GE2/0/3) |
VLAN 400, VLAN 500 |
No VLANIF 500 interface |
||
GE3/0/1 |
VLAN 301 |
10.1.2.1/24 |
GE3/0/1 |
VLAN 301 |
10.1.2.2/24 |
||
GE3/0/2 |
VLAN 302 |
10.1.3.1/24 |
GE3/0/2 |
VLAN 304 |
10.1.5.2/24 |
||
SwitchB |
GE1/0/0 |
VLAN 100 |
10.1.1.2/24 |
SwitchD |
GE1/0/0 |
VLAN 400 |
10.1.6.2/24 |
Eth-trunk 1 (with member interfaces GE2/0/1, GE2/0/2, and GE2/0/3) |
VLAN 100, VLAN 200 |
No VLANIF 200 interface |
Eth-trunk 1(with member interfaces GE2/0/1, GE2/0/2, and GE2/0/3) |
VLAN 400, VLAN 500 |
No VLANIF 500 interface |
||
GE3/0/1 |
VLAN 303 |
10.1.4.1/24 |
GE3/0/1 |
VLAN 303 |
10.1.4.2/24 |
||
GE3/0/2 |
VLAN 304 |
10.1.5.1/24 |
GE3/0/2 |
VLAN 302 |
10.1.3.2/24 |
Configuration Roadmap
To ensure reliable multicast data transmission, configure the Virtual Router Redundancy Protocol (VRRP) and Bidirectional Forwarding Detection (BFD) on the egress gateways and core switches. To ensure normal multicast forwarding, configure a multicast protocol on the egress gateways and core switches.
- Configure link aggregation groups between SwitchA and SwitchB, and between SwitchC and SwitchD to ensure fast and reliable exchange of VRRP packets.
- Create VLANs on the switches and add their interfaces to respective VLANs. Configure IP addresses for the corresponding VLANIF interfaces to make local network segments reachable.
- Configure the Open Shortest Path First (OSPF) protocol on the switches to ensure reachable routes between them. OSPF routes load balance unicast traffic between the egress gateways and core switches to reduce loads of links that transmit multicast and unicast data simultaneously.
- Configure a VRRP group between SwitchA and SwitchB and a VRRP group between SwitchC and SwitchD to ensure reliable multicast forwarding. The VRRP groups implement load balancing for unicast traffic to reduce loads of links that transmit multicast and unicast data simultaneously.
- Configure a multicast protocol on the switches to ensure normal multicast data forwarding.
- Configure BFD for OSPF and BFD for PIM on the switches to enable the switches to quickly detect link failures, realizing fast convergence of unicast and multicast routes.
Procedure
Configure link aggregation groups on the switches.
# Create Eth-Trunks and add member interfaces to the Eth-Trunks on the campus egress gateway and core devices.
<SwitchA> system-view [SwitchA] interface Eth-Trunk1 //Create Eth-Trunk1 and bind member interfaces GE2/0/1 through GE2/0/3 to it. [SwitchA-Eth-Trunk1] trunkport gigabitethernet 2/0/1 to 2/0/3 [SwitchA-Eth-Trunk1] quit<SwitchB> system-view [SwitchB] interface Eth-Trunk1 //Create Eth-Trunk1 and bind member interfaces GE2/0/1 through GE2/0/3 to it. [SwitchB-Eth-Trunk1] trunkport gigabitethernet 2/0/1 to 2/0/3 [SwitchB-Eth-Trunk1] quit<SwitchC> system-view [SwitchC] interface Eth-Trunk1 //Create Eth-Trunk1 and bind member interfaces GE2/0/1 through GE2/0/3 to it. [SwitchC-Eth-Trunk1] trunkport gigabitethernet 2/0/1 to 2/0/3 [SwitchC-Eth-Trunk1] quit<SwitchD> system-view [SwitchD] interface Eth-Trunk1 //Create Eth-Trunk1 and bind member interfaces GE2/0/1 through GE2/0/3 to it. [SwitchD-Eth-Trunk1] trunkport gigabitethernet 2/0/1 to 2/0/3 [SwitchD-Eth-Trunk1] quitBy default, an Eth-Trunk works in manual load balancing mode, and all active interfaces load balance traffic.
Create VLANs, add interfaces to respective VLANs, and configure IP addresses for corresponding VLANIF interfaces.
Create VLANs and add interfaces to the VLANs on the campus egress gateway and core devices. The configurations on SwitchB, SwitchC, and SwitchD are similar to the configuration on SwitchA, and are not mentioned here.
The Spanning Tree Protocol (STP) is enabled on Layer 2 interfaces of a switch by default. On a Layer 2 ring network, STP blocks an interface to prevent loops. In this example, SwitchC, SwitchD, and the downstream Layer 2 switch form a Layer 2 ring network. To enable unicast traffic to be loaded balanced among OSPF routes, you are advised to disable STP on 's Layer 2 interfaces connected to the Layer 2 switch. Additionally, you can configure Smart Link on the Layer 2 switch to implement load balancing between uplinks while preventing broadcast storms on the Layer 2 ring network.
[SwitchA] vlan batch 100 200 301 302 [SwitchA] interface gigabitethernet 1/0/0 [SwitchA-GigabitEthernet1/0/0] port link-type trunk //Set the link type of the interface to trunk, which is not the default link type. [SwitchA-GigabitEthernet1/0/0] port trunk allow-pass vlan 100 [SwitchA-GigabitEthernet1/0/0] quit [SwitchA] interface gigabitethernet 3/0/1 [SwitchA-GigabitEthernet3/0/1] port link-type trunk //Set the link type of the interface to trunk, which is not the default link type. [SwitchA-GigabitEthernet3/0/1] port trunk allow-pass vlan 301 [SwitchA-GigabitEthernet3/0/1] quit [SwitchA] interface gigabitethernet 3/0/2 [SwitchA-GigabitEthernet3/0/2] port link-type trunk //Set the link type of the interface to trunk, which is not the default link type. [SwitchA-GigabitEthernet3/0/2] port trunk allow-pass vlan 302 [SwitchA-GigabitEthernet3/0/2] quit [SwitchA] interface eth-trunk 1 [SwitchA-Eth-Trunk1] port link-type trunk //Set the link type of the interface to trunk, which is not the default link type. [SwitchA-Eth-Trunk1] port trunk allow-pass vlan 100 200 [SwitchA-Eth-Trunk1] quit
Configure IP addresses for Layer 3 interfaces on the campus egress gateway and core devices. The configurations on SwitchB, SwitchC, and SwitchD are similar to the configuration on SwitchA, and are not mentioned here.
[SwitchA] interface vlanif 100 //Create VLANIF100. [SwitchA-Vlanif100] ip address 10.1.1.1 24 [SwitchA-Vlanif100] quit [SwitchA] interface vlanif 301 //Create VLANIF301. [SwitchA-Vlanif301] ip address 10.1.2.1 24 [SwitchA-Vlanif301] quit [SwitchA] interface vlanif 302 //Create VLANIF302. [SwitchA-Vlanif302] ip address 10.1.3.1 24 [SwitchA-Vlanif302] quit [SwitchA] interface loopback 1 //Create LoopBack1. [SwitchA-LoopBack1] ip address 10.10.1.1 32 [SwitchA-LoopBack1] quit
Configure OSPF.
# Enable OSPF on the campus egress gateway and core devices, add the devices to area 0, and advertise local network segments in area 0. The configurations on SwitchB, SwitchC, and SwitchD are similar to the configuration on SwitchA, and are not mentioned here.
[SwitchA] ospf [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 //Specify that the interface running OSPF is the one connected to the 10.1.1.0 network segment and that the interface belongs to Area 0. [SwitchA-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255 //Specify that the interface running OSPF is the one connected to the 10.1.2.0 network segment and that the interface belongs to Area 0. [SwitchA-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255 //Specify that the interface running OSPF is the one connected to the 10.1.3.0 network segment and that the interface belongs to Area 0. [SwitchA-ospf-1-area-0.0.0.0] network 10.10.1.1 0.0.0.0 //Specify that the interface running OSPF is the one connected to the 10.10.1.1 network segment and that the interface belongs to Area 0. [SwitchA-ospf-1-area-0.0.0.0] quit [SwitchA-ospf-1] quit
Configure VRRP groups.
Create VRRP group 1 on campus egress gateway devices SwitchA and SwitchB. Set the priority of SwitchA to 120 and the preemption delay to 20 seconds. Retain the default priority of SwitchB. Therefore, SwitchA becomes the master device and SwitchB becomes the backup device of VRRP group 1.
# Configure SwitchA.
[SwitchA] interface vlanif 100 [SwitchA-Vlanif100] vrrp vrid 1 virtual-ip 10.1.1.253 //Create VRRP group 1 on VLANIF100 and set the virtual IP address of the VRRP group to 10.1.1.253. [SwitchA-Vlanif100] vrrp vrid 1 priority 120 //Set the priority of VLANIF100 in VRRP group 1 to 120. [SwitchA-Vlanif100] vrrp vrid 1 preempt-mode timer delay 20 //Set the preemption delay of VLANIF100 in VRRP group 1 to 20 seconds. [SwitchA-Vlanif100] quit
# Configure SwitchB.
[SwitchB] interface vlanif 100 [SwitchB-Vlanif100] vrrp vrid 1 virtual-ip 10.1.1.253 //Create VRRP group 1 on VLANIF100 and set the virtual IP address of the VRRP group to 10.1.1.253. [SwitchB-Vlanif100] quitCreate VRRP group 2 on campus egress gateway devices SwitchA and SwitchB. Set the priority of SwitchB to 120 and the preemption delay to 20 seconds. Retain the default priority of SwitchA. Therefore, SwitchB becomes the master device and SwitchA becomes the backup device of VRRP group 1.
# Configure SwitchA.
[SwitchA] interface vlanif 100 [SwitchA-Vlanif100] vrrp vrid 2 virtual-ip 10.1.1.254 //Create VRRP group 2 on VLANIF100 and set the virtual IP address of the VRRP group to 10.1.1.254. [SwitchA-Vlanif100] quit# Configure SwitchB.
[SwitchB] interface vlanif 100 [SwitchB-Vlanif100] vrrp vrid 2 virtual-ip 10.1.1.254 //Create VRRP group 2 on VLANIF100 and set the virtual IP address of the VRRP group to 10.1.1.254. [SwitchB-Vlanif100] vrrp vrid 2 priority 120 //Set the priority of VLANIF100 in VRRP group 2 to 120. [SwitchB-Vlanif100] vrrp vrid 2 preempt-mode timer delay 20 //Set the preemption delay of VLANIF100 in VRRP group 2 to 20 seconds. [SwitchB-Vlanif100] quit
The configurations on SwitchC and SwitchD are similar to the configurations on SwitchA and SwitchB, and are not mentioned here.
Configure a multicast protocol.
Enable multicast routing on the campus egress gateway and core devices, and enable PIM-SM on their Layer 3 interfaces. Enable IGMP on user-side interfaces of the core devices.
# Configure SwitchA.
[SwitchA] multicast routing-enable //Enable multicast routing globally. [SwitchA] interface vlanif 100 [SwitchA-Vlanif100] pim sm //Enable PIM-SM on VLANIF100. [SwitchA-Vlanif100] quit [SwitchA] interface vlanif 301 [SwitchA-Vlanif301] pim sm //Enable PIM-SM on VLANIF301. [SwitchA-Vlanif301] quit [SwitchA] interface vlanif 302 [SwitchA-Vlanif302] pim sm //Enable PIM-SM on VLANIF302. [SwitchA-Vlanif302] quit [SwitchA] interface loopback 1 [SwitchA-LoopBack1] pim sm //Enable PIM-SM on LoopBack1. [SwitchA-LoopBack1] quit
# Configure SwitchB.
[SwitchB] multicast routing-enable //Enable multicast routing globally. [SwitchB] interface vlanif 100 [SwitchB-Vlanif100] pim sm //Enable PIM-SM on VLANIF100. [SwitchB-Vlanif100] quit [SwitchB] interface vlanif 303 [SwitchB-Vlanif303] pim sm //Enable PIM-SM on VLANIF303. [SwitchB-Vlanif303] quit [SwitchB] interface vlanif 304 [SwitchB-Vlanif304] pim sm //Enable PIM-SM on VLANIF304. [SwitchB-Vlanif304] quit [SwitchB] interface loopback 1 [SwitchB-LoopBack1] pim sm //Enable PIM-SM on LoopBack1. [SwitchB-LoopBack1] quit
# Configure SwitchC.
[SwitchC] multicast routing-enable //Enable multicast routing globally. [SwitchC] interface vlanif 400 [SwitchC-Vlanif400] pim sm //Enable PIM-SM on VLANIF400. [SwitchC-Vlanif400] igmp enable //Enable PIM-SM on VLANIF400. [SwitchC-Vlanif400] quit [SwitchC] interface vlanif 301 [SwitchC-Vlanif301] pim sm //Enable PIM-SM on VLANIF301. [SwitchC-Vlanif301] quit [SwitchC] interface vlanif 304 [SwitchC-Vlanif304] pim sm //Enable PIM-SM on VLANIF304. [SwitchC-Vlanif304] quit [SwitchC] interface loopback 1 [SwitchC-LoopBack1] pim sm //Enable PIM-SM on LoopBack1. [SwitchC-LoopBack1] quit
# Configure SwitchD.
[SwitchD] multicast routing-enable //Enable multicast routing globally. [SwitchD] interface vlanif 400 [SwitchD-Vlanif400] pim sm //Enable PIM-SM on VLANIF400. [SwitchD-Vlanif400] igmp enable //Enable IGMP on VLANIF400. [SwitchD-Vlanif400] quit [SwitchD] interface vlanif 302 [SwitchD-Vlanif302] pim sm //Enable PIM-SM on VLANIF302. [SwitchD-Vlanif302] quit [SwitchD] interface vlanif 303 [SwitchD-Vlanif303] pim sm //Enable PIM-SM on VLANIF303. [SwitchD-Vlanif303] quit [SwitchD] interface loopback 1 [SwitchD-LoopBack1] pim sm //Enable PIM-SM on LoopBack1. [SwitchD-LoopBack1] quit
Configure dynamic RP function on the core devices SwitchC and SwitchD that aggregate multicast traffic.
# Configure Loopback1 of SwitchC as a C-BSR and a C-RP.
[SwitchC] pim [SwitchC-pim] c-bsr loopback 1 //Configure Loopback1 as a C-BSR interface. [SwitchC-pim] c-rp loopback 1 //Configure Loopback1 as a C-RP interface. [SwitchC-pim] quit
# Configure Loopback1 of SwitchD as a C-BSR and a C-RP.
[SwitchD] pim [SwitchD-pim] c-bsr loopback 1 //Configure Loopback1 as a C-BSR interface. [SwitchD-pim] c-rp loopback 1 //Configure Loopback1 as a C-RP interface. [SwitchD-pim] quit
Configure BFD.
Enable global BFD on the campus egress gateway and core devices. Global BFD must be enabled before you configure BFD for OSPF and BFD for PIM. The configurations on SwitchB, SwitchC, and SwitchD are similar to the configuration on SwitchA, and are not mentioned here.
[SwitchA] bfd //Enable BFD globally. [SwitchA-bfd] quitEnable BFD for OSPF on the campus egress gateway and core devices. The configurations on SwitchB, SwitchC, and SwitchD are similar to the configuration on SwitchA, and are not mentioned here.
[SwitchA] interface vlanif 100 [SwitchA-Vlanif100] ospf bfd enable //Enable BFD for OSPF on VLANIF100. [SwitchA-Vlanif100] quit [SwitchA] interface vlanif 301 [SwitchA-Vlanif301] ospf bfd enable //Enable BFD for OSPF on VLANIF301. [SwitchA-Vlanif301] quit [SwitchA] interface vlanif 302 [SwitchA-Vlanif302] ospf bfd enable //Enable BFD for OSPF on VLANIF302. [SwitchA-Vlanif302] quit
Enable BFD for PIM on the campus egress gateway and core devices. The configurations on SwitchB, SwitchC, and SwitchD are similar to the configuration on SwitchA, and are not mentioned here.
[SwitchA] interface vlanif 100 [SwitchA-Vlanif100] pim bfd enable //Enable BFD for PIM on VLANIF100. [SwitchA-Vlanif100] quit [SwitchA] interface vlanif 301 [SwitchA-Vlanif301] pim bfd enable //Enable BFD for PIM on VLANIF301. [SwitchA-Vlanif301] quit [SwitchA] interface vlanif 302 [SwitchA-Vlanif302] pim bfd enable //Enable BFD for PIM on VLANIF302. [SwitchA-Vlanif302] quit
Verify the configuration.
Verify the configuration of link aggregation.
# Run the display eth-trunk 1 command on SwitchA. The command output shows that Eth-Trunk 1 has three member interfaces: GigabitEthernet2/0/1, GigabitEthernet2/0/2, and GigabitEthernet2/0/3. All the member interfaces are Up.
[SwitchA] display eth-trunk 1 Eth-Trunk1's state information is: WorkingMode: NORMAL Hash arithmetic: According to SIP-XOR-DIP Least Active-linknumber: 1 Max Bandwidth-affected-linknumber: 8 Operate status: up Number Of Up Ports In Trunk: 3 -------------------------------------------------------------------------------- PortName Status Weight GigabitEthernet2/0/1 Up 1 GigabitEthernet2/0/2 Up 1 GigabitEthernet2/0/3 Up 1
The display eth-trunk 1 command outputs on SwitchB, SwitchC, and SwitchD are similar to the command output on SwitchA.
Verify the VRRP configuration.
# Run the display vrrp command on SwitchA. The command output shows that SwitchA is the master device in VRRP group 1 and the backup device in VRRP group 2.
[SwitchA] display vrrp Vlanif100 | Virtual Router 1 State : Master Virtual IP : 10.1.1.253 Master IP : 10.1.1.1 PriorityRun : 120 PriorityConfig : 120 MasterPriority : 120 Preempt : YES Delay Time : 20 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-12-31 10:34:23 UTC-08:00 Last change time : 2012-12-31 10:34:26 UTC-08:00 Vlanif100 | Virtual Router 2 State : Backup Virtual IP : 10.1.1.254 Master IP : 10.1.1.2 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 120 Preempt : YES Delay Time : 0 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0102 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-12-31 10:35:39 UTC-08:00 Last change time : 2012-12-31 10:35:43 UTC-08:00# Run the display vrrp command on SwitchB. The command output shows that SwitchB is the backup device in VRRP group 1 and the master device in VRRP group 2.
[SwitchB] display vrrp Vlanif100 | Virtual Router 1 State : Backup Virtual IP : 10.1.1.253 Master IP : 10.1.1.1 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 120 Preempt : YES Delay Time : 0 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-12-31 10:34:23 UTC-08:00 Last change time : 2012-12-31 10:34:26 UTC-08:00 Vlanif100 | Virtual Router 2 State : Master Virtual IP : 10.1.1.254 Master IP : 10.1.1.2 PriorityRun : 120 PriorityConfig : 120 MasterPriority : 120 Preempt : YES Delay Time : 20 s TimerRun : 1 s TimerConfig : 1 s Auth type : NONE Virtual MAC : 0000-5e00-0102 Check TTL : YES Config type : normal-vrrp Backup-forward : disabled Create time : 2012-12-31 10:35:39 UTC-08:00 Last change time : 2012-12-31 10:35:43 UTC-08:00The display vrrp command outputs on SwitchC and SwitchD are similar to the command outputs on SwitchA and SwitchB.
Verify the OSPF configuration.
# Run the display ip routing-table command on SwitchA. The command output shows that there are two IP routes to 10.1.6.0/24, implementing load balancing of unicast traffic.
[SwitchA] display ip routing-table Route Flags: R - relay, D - download to fib, T - to vpn-instance ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 15 Routes : 18 Destination/Mask Proto Pre Cost Flags NextHop Interface 10.1.1.0/24 Direct 0 0 D 10.1.1.1 Vlanif100 10.1.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif100 10.1.1.253/32 Direct 0 0 D 127.0.0.1 Vlanif100 10.1.1.254/32 Direct 0 0 D 127.0.0.1 Vlanif100 10.1.2.0/24 Direct 0 0 D 10.1.2.1 Vlanif301 10.1.2.1/32 Direct 0 0 D 127.0.0.1 Vlanif301 10.1.3.0/24 Direct 0 0 D 10.1.3.1 Vlanif302 10.1.3.1/32 Direct 0 0 D 127.0.0.1 Vlanif302 10.1.4.0/24 OSPF 10 2 D 10.1.3.2 Vlanif302 10.1.5.0/24 OSPF 10 2 D 10.1.2.2 Vlanif301 10.1.6.0/24 OSPF 10 2 D 10.1.2.2 Vlanif301 OSPF 10 2 D 10.1.3.2 Vlanif302 10.1.6.253/32 OSPF 10 2 D 10.1.2.2 Vlanif301 OSPF 10 2 D 10.1.3.2 Vlanif302 10.1.6.254/32 OSPF 10 2 D 10.1.3.2 Vlanif302 OSPF 10 2 D 10.1.2.2 Vlanif301 127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
The display ip routing-table command outputs on SwitchB, SwitchC, and SwitchD are similar to the command output on SwitchA.
Verify PIM-SM configuration.
Multicast source 10.100.1.1 sends multicast data to group 225.0.0.10, and user hosts have joined group 225.0.0.10.
# Run the display pim routing-table command on SwitchB and SwitchD. The command output shows that PIM routing entries have been created for group 225.0.0.10.
SwitchB and SwitchD implement multicast routing as follows:
- According to the dynamic RP election rules, C-RP interfaces have the same IP address mask, priority, and hash calculation result, the C-RP interface with a larger IP address becomes the RP. Therefore, Loopback1 of SwitchD becomes the RP interface.
- According to the reverse path check (RPF) rules, if two equal-cost optimal routes are available in the IP routing table, the one with a larger next hop address is selected as the RPF route. Therefore, SwitchD selects the route with the next hop address 10.1.5.1 as the RPF route to the destination network segment 10.1.1.0/24.
[SwitchB] display pim routing-table VPN-Instance: public net Total 0 (*, G) entry; 1 (S, G) entry (10.100.1.1, 225.0.0.10) RP: 10.4.4.4 Protocol: pim-sm, Flag: SPT ACT UpTime: 00:00:42 Upstream interface: Vlanif100 Upstream neighbor: 10.1.1.3 RPF prime neighbor: 10.1.1.3 Downstream interface(s) information: Total number of downstreams: 1 1: Vlanif303 Protocol: pim-sm, UpTime: 00:00:42, Expires:-
[SwitchD] display pim routing-table VPN-Instance: public net Total 0 (*, G) entry; 1 (S, G) entry (10.100.1.1, 225.0.0.10) RP: 10.4.4.4 Protocol: pim-sm, Flag: SPT ACT UpTime: 00:00:42 Upstream interface: Vlanif303 Upstream neighbor: 10.1.4.1 RPF prime neighbor: 10.1.4.1 Downstream interface(s) information: Total number of downstreams: 1 1: Vlanif400 Protocol: pim-sm, UpTime: 00:00:42, Expires:-
Verify the BFD configuration.
# Run the display ospf bfd session all command on SwitchA. The command output shows that OSPF BFD sessions have been successfully set up.
[SwitchA] display ospf bfd session all OSPF Process 1 with Router ID 10.10.1.1 Area 0.0.0.0 interface 10.1.1.1(Vlanif100)'s BFD Sessions NeighborId:10.2.2.2 AreaId:0.0.0.0 Interface: Vlanif100 BFDState:up rx :1000 tx :1000 Multiplier:3 BFD Local Dis:8196 LocalIpAdd:10.1.1.1 RemoteIpAdd:10.1.1.2 Diagnostic Info:No diagnostic information Area 0.0.0.0 interface 10.1.1.1(Vlanif100)'s BFD Sessions NeighborId:5.5.5.5 AreaId:0.0.0.0 Interface: Vlanif100 BFDState:up rx :1000 tx :1000 Multiplier:4 BFD Local Dis:8195 LocalIpAdd:10.1.1.1 RemoteIpAdd:10.1.1.3 Diagnostic Info:No diagnostic information Area 0.0.0.0 interface 10.1.2.1(Vlanif301)'s BFD Sessions NeighborId:10.3.3.3 AreaId:0.0.0.0 Interface: Vlanif301 BFDState:up rx :1000 tx :1000 Multiplier:3 BFD Local Dis:8194 LocalIpAdd:10.1.1.1 RemoteIpAdd:10.1.2.2 Diagnostic Info:No diagnostic information Area 0.0.0.0 interface 10.1.3.1(Vlanif302)'s BFD Sessions NeighborId:10.4.4.4 AreaId:0.0.0.0 Interface: Vlanif302 BFDState:up rx :1000 tx :1000 Multiplier:3 BFD Local Dis:8193 LocalIpAdd:10.1.1.1 RemoteIpAdd:10.1.3.2 Diagnostic Info:No diagnostic information
The display ospf bfd session all command outputs on SwitchB, SwitchC, and SwitchD are similar to the command output on SwitchA.
# Run the display pim bfd session command on SwitchA. The command output shows that PIM BFD sessions have been successfully set up.
[SwitchA] display pim bfd session VPN-Instance: public net Total 4 BFD session Created Vlanif100 (10.1.1.1): Total 2 BFD session Created Neighbor ActTx(ms) ActRx(ms) ActMulti Local/Remote State 10.1.1.2 1000 1000 3 8192/8192 Up 10.1.1.3 1000 1000 3 8191/8191 Up Vlanif301 (10.1.2.1): Total 1 BFD session Created Neighbor ActTx(ms) ActRx(ms) ActMulti Local/Remote State 10.1.2.2 1000 1000 3 8193/8193 Up Vlanif302 (10.1.3.1): Total 1 BFD session Created Neighbor ActTx(ms) ActRx(ms) ActMulti Local/Remote State 10.1.3.2 1000 1000 3 8194/8194 Up
The display pim bfd session command outputs on SwitchB, SwitchC, and SwitchD are similar to the command output on SwitchA.
Configuration Files
Configuration file of campus egress gateway SwitchA
# sysname SwitchA # vlan batch 100 200 301 to 302 # multicast routing-enable # bfd # interface Vlanif100 ip address 10.1.1.1 255.255.255.0 vrrp vrid 1 virtual-ip 10.1.1.253 vrrp vrid 1 priority 120 vrrp vrid 1 preempt-mode timer delay 20 vrrp vrid 2 virtual-ip 10.1.1.254 pim sm pim bfd enable ospf bfd enable # interface Vlanif301 ip address 10.1.2.1 255.255.255.0 pim sm pim bfd enable ospf bfd enable # interface Vlanif302 ip address 10.1.3.1 255.255.255.0 pim sm pim bfd enable ospf bfd enable # interface Eth-Trunk1 port link-type trunk port trunk allow-pass vlan 100 200 # interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 100 # interface GigabitEthernet2/0/1 eth-trunk 1 # interface GigabitEthernet2/0/2 eth-trunk 1 # interface GigabitEthernet2/0/3 eth-trunk 1 # interface GigabitEthernet3/0/1 port link-type trunk port trunk allow-pass vlan 301 # interface GigabitEthernet3/0/2 port link-type trunk port trunk allow-pass vlan 302 # interface LoopBack1 ip address 10.10.1.1 255.255.255.255 pim sm # ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.255 network 10.1.2.0 0.0.0.255 network 10.1.3.0 0.0.0.255 network 10.10.1.1 0.0.0.0 # return
Configuration file of campus egress gateway SwitchB
# sysname SwitchB # vlan batch 100 200 303 to 304 # multicast routing-enable # bfd # interface Vlanif100 ip address 10.1.1.2 255.255.255.0 vrrp vrid 1 virtual-ip 10.1.1.253 vrrp vrid 2 virtual-ip 10.1.1.254 vrrp vrid 2 priority 120 vrrp vrid 2 preempt-mode timer delay 20 pim sm pim bfd enable ospf bfd enable # interface Vlanif303 ip address 10.1.4.1 255.255.255.0 pim sm pim bfd enable ospf bfd enable # interface Vlanif304 ip address 10.1.5.1 255.255.255.0 pim sm pim bfd enable ospf bfd enable # interface Eth-Trunk1 port link-type trunk port trunk allow-pass vlan 100 200 # interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 100 # interface GigabitEthernet2/0/1 eth-trunk 1 # interface GigabitEthernet2/0/2 eth-trunk 1 # interface GigabitEthernet2/0/3 eth-trunk 1 # interface GigabitEthernet3/0/1 port link-type trunk port trunk allow-pass vlan 303 # interface GigabitEthernet3/0/2 port link-type trunk port trunk allow-pass vlan 304 # interface LoopBack1 ip address 10.2.2.2 255.255.255.255 pim sm # ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.255 network 10.1.4.0 0.0.0.255 network 10.1.5.0 0.0.0.255 network 10.2.2.2 0.0.0.0 # return
Configuration file of core device SwitchC
# sysname SwitchC # vlan batch 301 304 400 500 # multicast routing-enable # bfd # interface Vlanif301 ip address 10.1.2.2 255.255.255.0 pim sm pim bfd enable ospf bfd enable # interface Vlanif304 ip address 10.1.5.2 255.255.255.0 pim sm pim bfd enable ospf bfd enable # interface Vlanif400 ip address 10.1.6.1 255.255.255.0 vrrp vrid 1 virtual-ip 10.1.6.253 vrrp vrid 1 priority 120 vrrp vrid 1 preempt-mode timer delay 20 vrrp vrid 2 virtual-ip 10.1.6.254 pim sm pim bfd enable igmp enable ospf bfd enable # interface Eth-Trunk1 port link-type trunk port trunk allow-pass vlan 400 500 # interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 400 stp disable # interface GigabitEthernet2/0/1 eth-trunk 1 # interface GigabitEthernet2/0/2 eth-trunk 1 # interface GigabitEthernet2/0/3 eth-trunk 1 # interface GigabitEthernet3/0/1 port link-type trunk port trunk allow-pass vlan 301 # interface GigabitEthernet3/0/2 port link-type trunk port trunk allow-pass vlan 304 # interface LoopBack1 ip address 10.3.3.3 255.255.255.255 pim sm # ospf 1 area 0.0.0.0 network 10.1.2.0 0.0.0.255 network 10.1.5.0 0.0.0.255 network 10.1.6.0 0.0.0.255 network 10.3.3.3 0.0.0.0 # pim c-bsr LoopBack1 c-rp LoopBack1 # return
Configuration file of core device SwitchD
# sysname SwitchD # vlan batch 302 to 303 400 500 # multicast routing-enable # bfd # interface Vlanif302 ip address 10.1.3.2 255.255.255.0 pim sm pim bfd enable ospf bfd enable # interface Vlanif303 ip address 10.1.4.2 255.255.255.0 pim sm pim bfd enable ospf bfd enable # interface Vlanif400 ip address 10.1.6.2 255.255.255.0 vrrp vrid 1 virtual-ip 10.1.6.253 vrrp vrid 2 virtual-ip 10.1.6.254 vrrp vrid 2 priority 120 vrrp vrid 2 preempt-mode timer delay 20 pim sm pim bfd enable igmp enable ospf bfd enable # interface Eth-Trunk1 port link-type trunk port trunk allow-pass vlan 400 500 # interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 400 stp disable # interface GigabitEthernet2/0/1 eth-trunk 1 # interface GigabitEthernet2/0/2 eth-trunk 1 # interface GigabitEthernet2/0/3 eth-trunk 1 # interface GigabitEthernet3/0/1 port link-type trunk port trunk allow-pass vlan 303 # interface GigabitEthernet3/0/2 port link-type trunk port trunk allow-pass vlan 302 # interface LoopBack1 ip address 10.4.4.4 255.255.255.255 pim sm # ospf 1 area 0.0.0.0 network 10.1.3.0 0.0.0.255 network 10.1.4.0 0.0.0.255 network 10.1.6.0 0.0.0.255 network 10.4.4.4 0.0.0.0 # pim c-bsr LoopBack1 c-rp LoopBack1 # return
- Example for Configuring a VRRP Group in Active/Standby Mode
- Example for Configuring a VRRP Group in Load Balancing Mode
- Example for Configuring Association Between VRRP and BFD to Implement a Rapid Active/Standby Switchover
- Example for Configuring an Eth-Trunk and Association Between VRRP and the Interface Status
- Example for Configuring VRRP to Ensure Reliable Multicast Data Transmission