评分并提供意见反馈 :
华为采用机器翻译与人工审校相结合的方式将此文档翻译成不同语言,希望能帮助您更容易理解此文档的内容。 请注意:即使是最好的机器翻译,其准确度也不及专业翻译人员的水平。 华为对于翻译的准确性不承担任何责任,并建议您参考英文文档(已提供链接)。
配置手工触发的DHCP服务器双机热备示例
本示例介绍如何在VRRP备份组上部署DHCP服务器双机热备功能,实现当VRRP备份组主备切换之后,新的主用设备不需要重新同步用户会话信息就可以正常处理业务。
组网需求
如图1所示,DHCP Client通过Switch接入DeviceA和DeviceB。DeviceA和DeviceB之间配置VRRP备份组建立主备关系,其中DeviceA为Master设备,DeviceB为Backup设备,均为负责给DHCP Client分配IP地址的DHCP服务器。
正常情况下,用户的上线和续租都由DeviceA处理,当DeviceA或者DeviceA和Switch之间的链路发生故障时,VRRP备份组将发生主备倒换,DeviceB将升级为Master设备。只有当DeviceB上同步了DeviceA的用户会话信息后,新接入用户的地址分配和已在线老用户的续租请求才能正常处理。
为了避免因DeviceB没有同步到DeviceA的用户会话信息,导致主备倒换后新用户上线和已在线老用户续租异常,可以在DeviceA和DeviceB上部署DHCP服务器双机热备功能。
数据准备
完成此配置举例,需要准备以下数据:
DeviceA和DeviceB所属的VLAN ID是VLAN 100。
地址池huawei1的网关地址为10.10.10.1/24,地址段的起始IP地址为10.10.10.1,结束IP地址为10.10.10.100。
DeviceA和DeviceB上成功创建VRRP备份组,备份组ID为1、备份组虚拟IP地址10.10.10.100。
DeviceA在VRRP备份组中的优先级为200,抢占延迟时间为420秒。
远端备份服务、远端备份模板的名称为service1,用户备份ID为1。
DeviceA和DeviceB的DHCP服务器标识为10.10.10.100。
操作步骤
- 创建VLAN并配置二层转发功能
# 配置DeviceA。
<HUAWEI> system-view[~HUAWEI] sysname DeviceA
[*HUAWEI] commit
[~DeviceA] vlan 100
[*DeviceA-vlan100] commit
[~DeviceA-vlan100] quit
[~DeviceA] interface gigabitethernet 0/1/1
[~DeviceA-GigabitEthernet0/1/1] portswitch
[*DeviceA-GigabitEthernet0/1/1] undo shutdown
[*DeviceA-GigabitEthernet0/1/1] port link-type trunk
[*DeviceA-GigabitEthernet0/1/1] port trunk allow-pass vlan 100
[*DeviceA-GigabitEthernet0/1/1] commit
[~DeviceA-GigabitEthernet0/1/1] quit
# 配置DeviceB。
<HUAWEI> system-view[~HUAWEI] sysname DeviceB
[*HUAWEI] commit
[~DeviceB] vlan 100
[*DeviceB-vlan100] commit
[~DeviceB-vlan100] quit
[~DeviceB] interface gigabitethernet 0/1/1
[~DeviceB-GigabitEthernet0/1/1] portswitch
[*DeviceB-GigabitEthernet0/1/1] undo shutdown
[*DeviceB-GigabitEthernet0/1/1] port link-type trunk
[*DeviceB-GigabitEthernet0/1/1] port trunk allow-pass vlan 100
[*DeviceB-GigabitEthernet0/1/1] commit
[~DeviceB-GigabitEthernet0/1/1] quit
- 配置地址分配功能
# 配置DeviceA。
[~DeviceA] ip pool huawei1 server
[*DeviceA-ip-pool-huawei1] gateway 10.10.10.1 255.255.255.0
[*DeviceA-ip-pool-huawei1] section 0 10.10.10.1 10.10.10.100
[*DeviceA-ip-pool-huawei1] commit
[~DeviceA-ip-pool-huawei1] quit
# 配置DeviceB。
[~DeviceB] ip pool huawei1 server
[*DeviceB-ip-pool-huawei1] gateway 10.10.10.1 255.255.255.0
[*DeviceB-ip-pool-huawei1] section 0 10.10.10.1 10.10.10.100
[*DeviceB-ip-pool-huawei1] commit
[~DeviceB-ip-pool-huawei1] quit
- 建立双机备份平台
配置VRRP备份组基本功能
# 配置DeviceA。
[~DeviceA] interface Vlanif 100
[*DeviceA-Vlanif100] ip address 10.10.10.1 255.255.255.0
[*DeviceA-Vlanif100] vrrp vrid 1 virtual-ip 10.10.10.100
[*DeviceA-Vlanif100] vrrp vrid 1 priority 200
[*DeviceA-Vlanif100] vrrp vrid 1 preempt-mode timer delay 600
[*DeviceA-Vlanif100] commit
[~DeviceA-Vlanif100] quit
# 配置DeviceB。
[~DeviceB] interface Vlanif 100
[*DeviceB-Vlanif100] ip address 10.10.10.2 255.255.255.0
[*DeviceB-Vlanif100] vrrp vrid 1 virtual-ip 10.10.10.100
[*DeviceB-Vlanif100] commit
[~DeviceB-Vlanif100] quit
配置远端备份服务
# 配置DeviceA。
[~DeviceA] remote-backup-service service1
[*DeviceA-rm-backup-srv-service1] peer 10.10.10.2 source 10.10.10.1 port 10000
[*DeviceA-rm-backup-srv-service1] commit
[~DeviceA-rm-backup-srv-service1] quit
# 配置DeviceB。[~DeviceB] remote-backup-service service1
[*DeviceB-rm-backup-srv-service1] peer 10.10.10.1 source 10.10.10.2 port 10000
[*DeviceB-rm-backup-srv-service1] commit
[~DeviceB-rm-backup-srv-service1] quit
配置远端备份模板
# 配置DeviceA。
[~DeviceA] remote-backup-profile service1
[*DeviceA-rm-backup-prf-service1] peer-backup hot
[*DeviceA-rm-backup-prf-service1] vrrp-id 1 interface Vlanif 100
[*DeviceA-rm-backup-prf-service1] backup-id 1 remote-backup-service service1
[*DeviceA-rm-backup-prf-service1] commit
[~DeviceA-rm-backup-prf-service1] quit
# 配置DeviceB。[~DeviceB] remote-backup-profile service1
[*DeviceB-rm-backup-prf-service1] peer-backup hot
[*DeviceB-rm-backup-prf-service1] vrrp-id 1 interface Vlanif 100
[*DeviceB-rm-backup-prf-service1] backup-id 1 remote-backup-service service1
[*DeviceB-rm-backup-prf-service1] commit
[~DeviceB-rm-backup-prf-service1] quit
- 开启DHCP服务器的远端备份功能
# 在DeviceA的远端备份模板视图下开启DHCP服务器的远端备份功能,并将该远端备份模板绑定到地址池huawei1上。
[~DeviceA] remote-backup-profile service1
[~DeviceA-rm-backup-prf-service1] service-type dhcp-server
[*DeviceA-rm-backup-prf-service1] commit
[~DeviceA-rm-backup-prf-service1] quit
[~DeviceA] ip pool huawei1
[~DeviceA-ip-pool-huawei1] remote-backup-profile service1
[*DeviceA-ip-pool-huawei1] server identifier ip 10.10.10.100
[*DeviceA-ip-pool-huawei1] commit
[~DeviceA-ip-pool-huawei1] quit
# 在DeviceB的远端备份模板视图下开启DHCP服务器的远端备份功能,并将该远端备份模板绑定到地址池huawei1上。[~DeviceB] remote-backup-profile service1
[~DeviceB-rm-backup-prf-service1] service-type dhcp-server
[*DeviceB-rm-backup-prf-service1] commit
[~DeviceB-rm-backup-prf-service1] quit
[~DeviceB] ip pool huawei1
[~DeviceB-ip-pool-huawei1] remote-backup-profile service1
[*DeviceB-ip-pool-huawei1] server identifier ip 10.10.10.100
[*DeviceB-ip-pool-huawei1] commit
[~DeviceB-ip-pool-huawei1] quit
- 验证配置结果
上述步骤配置完成之后,在DeviceA上执行命令display remote-backup-profile,可以看到远端备份模板service1已经成功创建并且绑定到了地址池huawei1上。
<DeviceA> display remote-backup-profile service1----------------------------------------------- Profile-Index : 0x1000 Profile-Name : service1 Service : dhcp-server Remote-backup-service: service1 Backup-ID : 1 track protocol : VRRP VRRP-ID : 1 VRRP-Interface : Vlanif100 Access-Control : -- State : Master Peer State : -- Interface : Backup mode : hot Slot-Number : -- Card-Number : -- Port-Number : --
在DeviceB上执行命令display remote-backup-profile,可以看到远端备份模板service1已经成功创建并且绑定到了地址池huawei1上。<DeviceB> display remote-backup-profile service1----------------------------------------------- Profile-Index : 0x1000 Profile-Name : service1 Service : dhcp-server Remote-backup-service: service1 Backup-ID : 1 track protocol : VRRP VRRP-ID : 1 VRRP-Interface : Vlanif100 Access-Control : -- State : Slave Peer State : -- Interface : Backup mode : hot Slot-Number : -- Card-Number : -- Port-Number : --
在DeviceA上执行命令display remote-backup-service,可以看到远端备份服务service1已经成功创建。<DeviceA> display remote-backup-service service1---------------------------------------------------------- Service-Index : 1 Service-Name : service1 TCP-State : Connected Peer-ip : 10.10.10.2 Source-ip : 10.10.10.1 TCP-Port : 10000 Track-BFD : -- SSL-Policy-Name : -- SSL-State : -- ----------------------------------------------------------
在DeviceB上执行命令display remote-backup-service,可以看到远端备份服务service1已经成功创建。<DeviceB> display remote-backup-service service1---------------------------------------------------------- Service-Index : 1 Service-Name : service1 TCP-State : Connected Peer-ip : 10.10.10.1 Source-ip : 10.10.10.2 TCP-Port : 10000 Track-BFD : -- SSL-Policy-Name : -- SSL-State : -- ----------------------------------------------------------
配置文件
DeviceA的配置文件
# sysname DeviceA # vlan batch 100 # ip pool huawei1 server gateway 10.10.10.1 255.255.255.0 section 0 10.10.10.1 10.10.10.100 server identifier ip 10.10.10.100 remote-backup-profile service1 # remote-backup-service service1 peer 10.10.10.2 source 10.10.10.1 port 10000 # remote-backup-profile service1 service-type dhcp-server backup-id 1 remote-backup-service service1 peer-backup hot vrrp-id 1 interface Vlanif100 # interface Vlanif100 ip address 10.10.10.1 255.255.255.0 vrrp vrid 1 virtual-ip 10.10.10.100 vrrp vrid 1 priority 200 vrrp vrid 1 preempt-mode timer delay 600 # interface GigabitEthernet0/1/1 portswitch undo shutdown port link-type trunk port trunk allow-pass vlan 100 # return
DeviceB的配置文件
# sysname DeviceB # vlan batch 100 # ip pool huawei1 server gateway 10.10.10.1 255.255.255.0 section 0 10.10.10.1 10.10.10.100 server identifier ip 10.10.10.100 remote-backup-profile service1 # remote-backup-service service1 peer 10.10.10.1 source 10.10.10.2 port 10000 # remote-backup-profile service1 service-type dhcp-server backup-id 1 remote-backup-service service1 peer-backup hot vrrp-id 1 interface Vlanif100 # interface Vlanif100 ip address 10.10.10.2 255.255.255.0 vrrp vrid 1 virtual-ip 10.10.10.100 # interface GigabitEthernet0/1/1 portswitch undo shutdown port link-type trunk port trunk allow-pass vlan 100 # return
