背景:
AR1、AR2、AR3来自3个不同的网络(网段)并且分别为自己网络的网关,通过静态路由配置实现各网络之间的互通,当AR1>AR2线路中断时能够将流量自动切换到AR1>AR3>AR2路线进行访问。
拓扑:
步骤一:
查看3台设备是否已经配置IP地址
display ip interface brief命令是用来查看接口与IP相关的简要信息,包括IP地、子网掩码、物理状态、协议状态等处于不同状态的接口数目等。
<AR1>system-view #其他两台设备均为此命令查看,这里就不在详述。
[AR1]display ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 3
The number of interface that is DOWN in Physical is 1
The number of interface that is UP in Protocol is 1
The number of interface that is DOWN in Protocol is 3
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 unassigned up down
GigabitEthernet0/0/1 unassigned up down
GigabitEthernet0/0/2 unassigned down down
NULL0 unassigned up up(s)
IP Address/Mask 显示为unassigned则表示该接口未配置地址
步骤二:
配置设备与终端互联的IP地址以及PC终端地址
AR1:
<AR1>system-view
[AR1]interface GigabitEthernet 0/0/0
[AR1-GigabitEthernet0/0/0]ip address 10.1.12.1 24
[AR1]interface GigabitEthernet 0/0/1
[AR1-GigabitEthernet0/0/1]ip address 10.1.13.1 24
[AR1-GigabitEthernet0/0/2]ip address 1.1.1.1 24
AR2:
<AR2>system-view
[AR2]interface GigabitEthernet 0/0/0
[AR2-GigabitEthernet0/0/0]ip address 10.1.12.2 24
[AR2]interface GigabitEthernet 0/0/1
[AR2-GigabitEthernet0/0/1]ip address 10.1.23.2 24
[AR2-GigabitEthernet0/0/2]ip address 2.2.2.1 24
AR3:
<AR3>system-view
[AR3]interface GigabitEthernet 0/0/0
[AR3-GigabitEthernet0/0/0]ip address 10.1.13.3 24
[AR3]interface GigabitEthernet 0/0/1
[AR3-GigabitEthernet0/0/1]ip address 10.1.23.3 24
[AR3-GigabitEthernet0/0/2]ip address 3.3.3.1 24
步骤三:
查看物理接口地址是否配置成功
[AR1]display ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 0
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 0
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 10.1.12.1/24 up up
GigabitEthernet0/0/1 10.1.13.1/24 up up
GigabitEthernet0/0/2 1.1.1.1/24 up up
NULL0 unassigned up up(s)
[AR2]display ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 0
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 0
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 10.1.12.2/24 up up
GigabitEthernet0/0/1 10.1.23.2/24 up up
GigabitEthernet0/0/2 2.2.2.1/24 up up
NULL0 unassigned up up(s)
[AR3]display ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 0
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 0
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 10.1.13.3/24 up up
GigabitEthernet0/0/1 10.1.23.3/24 up up
GigabitEthernet0/0/2 3.3.3.1/24 up up
NULL0 unassigned up up(s)
步骤四:
测试各网段的连通性,在此以AR1为例。
[AR1]ping 10.1.12.2
PING 10.1.12.2: 56 data bytes, press CTRL_C to break
Reply from 10.1.12.2: bytes=56 Sequence=1 ttl=255 time=40 ms
Reply from 10.1.12.2: bytes=56 Sequence=2 ttl=255 time=30 ms
Reply from 10.1.12.2: bytes=56 Sequence=3 ttl=255 time=20 ms
Reply from 10.1.12.2: bytes=56 Sequence=4 ttl=255 time=30 ms
Reply from 10.1.12.2: bytes=56 Sequence=5 ttl=255 time=20 ms
--- 10.1.12.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 20/28/40 ms
[AR1]ping 10.1.13.3
PING 10.1.13.3: 56 data bytes, press CTRL_C to break
Reply from 10.1.13.3: bytes=56 Sequence=1 ttl=255 time=60 ms
Reply from 10.1.13.3: bytes=56 Sequence=2 ttl=255 time=20 ms
Reply from 10.1.13.3: bytes=56 Sequence=3 ttl=255 time=20 ms
Reply from 10.1.13.3: bytes=56 Sequence=4 ttl=255 time=20 ms
Reply from 10.1.13.3: bytes=56 Sequence=5 ttl=255 time=20 ms
--- 10.1.13.3 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 20/28/60 ms
步骤五:
查看AR1的路由表
[AR1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 13 Routes : 13
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.0/24 Direct 0 0 D 1.1.1.1 GigabitEthernet
0/0/2
1.1.1.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
1.1.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.1.12.0/24 Direct 0 0 D 10.1.12.1 GigabitEthernet
0/0/0
10.1.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.1.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.1.13.0/24 Direct 0 0 D 10.1.13.1 GigabitEthernet
0/0/1
10.1.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.1.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
大家可以看到,当接口地址配置完成之后,针对每个接口IP地址会自动生成3条直连路由。
步骤六:
测试PC1与PC2之间的连通性
PC>ping 2.2.2.5
Ping 2.2.2.5: 32 data bytes, Press Ctrl_C to break
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!
--- 2.2.2.5 ping statistics ---
5 packet(s) transmitted
0 packet(s) received
100.00% packet loss
使用Ping命令来指定发送ICMP echo-request报文,此时由于路由器上没有到达该目的IP的路由条目,所以无法Ping通PC2。
步骤七:
在AR1上配置到达AR2和AR3的PC网段的路由条目
ip route-static 2.2.2.5 24 10.1.12.2
ip route-static 3.3.3.5 24 10.1.13.3
查看AR1的路由表
[AR1]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 15 Routes : 15
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.0/24 Direct 0 0 D 1.1.1.1 GigabitEthernet
0/0/2
1.1.1.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
1.1.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
2.2.2.0/24 Static 60 0 RD 10.1.12.2 GigabitEthernet
0/0/0
3.3.3.0/24 Static 60 0 RD 10.1.13.3 GigabitEthernet
0/0/1
10.1.12.0/24 Direct 0 0 D 10.1.12.1 GigabitEthernet
0/0/0
10.1.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.1.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.1.13.0/24 Direct 0 0 D 10.1.13.1 GigabitEthernet
0/0/1
10.1.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.1.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
此时查看标红处我们配置的静态路由已经加入到了AR1的路由表中。
此时我们再次测试PC1是否能与PC2互通
PC1>ping 2.2.2.5
Ping 2.2.2.5: 32 data bytes, Press Ctrl_C to break
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!
--- 2.2.2.5 ping statistics ---
5 packet(s) transmitted
0 packet(s) received
100.00% packet loss
大家可以看到,我们虽然写了去往PC2的静态路由但是还是无法通信,原因就是数据包去往PC2后他无法将数据包返回到我们PC1的接口,静态路由是需要我们将两端的双向路由都要写进各自的路由表中,这样我们才能通信。
此时我们将AR2也添加上去往PC1的路由再来试试。
[AR2]ip route-static 1.1.1.5 24 10.1.12.1
查看我们的AR2的路由表中是否存在去往AR1中PC网关的路由条目。
[AR2]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 14 Routes : 14
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.0/24 Static 60 0 RD 10.1.12.1 GigabitEthernet
0/0/0
2.2.2.0/24 Direct 0 0 D 2.2.2.1 GigabitEthernet
0/0/2
2.2.2.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
2.2.2.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.1.12.0/24 Direct 0 0 D 10.1.12.2 GigabitEthernet
0/0/0
10.1.12.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.1.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.1.23.0/24 Direct 0 0 D 10.1.23.2 GigabitEthernet
0/0/1
10.1.23.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.1.23.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
标红处我们可以看到AR2的路由表中存在去往PC1的路由,那么这个时候我们再去看下PC1能否Ping通PC2。
PC1>ping 2.2.2.5
Ping 2.2.2.5: 32 data bytes, Press Ctrl_C to break
Request timeout!
From 2.2.2.5: bytes=32 seq=2 ttl=126 time=15 ms
From 2.2.2.5: bytes=32 seq=3 ttl=126 time=16 ms
From 2.2.2.5: bytes=32 seq=4 ttl=126 time=31 ms
From 2.2.2.5: bytes=32 seq=5 ttl=126 time=32 ms
--- 2.2.2.5 ping statistics ---
5 packet(s) transmitted
4 packet(s) received
20.00% packet loss
round-trip min/avg/max = 0/23/32 ms
这个时候我们就可以看到PC1与PC2互通了。
步骤八:
我们将剩余的路由条目完成配置
[AR2]ip route-static 1.1.1.5 24 10.1.12.1
[AR2]ip route-static 3.3.3.5 24 10.1.23.3
[AR3]ip route-static 1.1.1.5 24 10.1.13.1
[AR3]ip route-static 2.2.2.5 24 10.1.23.2
PC1>ping 3.3.3.5
Ping 3.3.3.5: 32 data bytes, Press Ctrl_C to break
Request timeout!
From 3.3.3.5: bytes=32 seq=2 ttl=126 time=31 ms
From 3.3.3.5: bytes=32 seq=3 ttl=126 time=31 ms
From 3.3.3.5: bytes=32 seq=4 ttl=126 time=16 ms
From 3.3.3.5: bytes=32 seq=5 ttl=126 time=31 ms
--- 3.3.3.5 ping statistics ---
5 packet(s) transmitted
4 packet(s) received
20.00% packet loss
round-trip min/avg/max = 0/27/31 ms
此时我们3台终端都能成功互相访问了。
步骤九:
我们查看AR1和AR2的链路没断开之前路由的走向
tracert命令只要用于查看数据包从源端到目的端的路径信息。
PC1>tracert 2.2.2.5
traceroute to 2.2.2.5, 8 hops max
(ICMP), press Ctrl+C to stop
1 1.1.1.1 16 ms <1 ms 15 ms
2 *10.1.12.2 32 ms 15 ms
3 *2.2.2.5 16 ms 31 ms
标红处下一跳是AR2的接口地址,说明此时走的是主路线。
配置PC1到PC2的备份路由
[AR1]ip route-static 2.2.2.5 24 10.1.13.3 preference 100
[AR2]ip route-static 1.1.1.5 24 10.1.23.3 preference 100
我们在查看AR1和AR2的路由表
[AR1]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 15 Routes : 15
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.0/24 Direct 0 0 D 1.1.1.1 GigabitEthernet
0/0/2
1.1.1.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
1.1.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
2.2.2.0/24 Static 60 0 RD 10.1.12.2 GigabitEthernet
0/0/0
3.3.3.0/24 Static 60 0 RD 10.1.13.3 GigabitEthernet
0/0/1
10.1.12.0/24 Direct 0 0 D 10.1.12.1 GigabitEthernet
0/0/0
10.1.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.1.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.1.13.0/24 Direct 0 0 D 10.1.13.1 GigabitEthernet
0/0/1
10.1.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.1.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
[AR2]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 15 Routes : 15
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.0/24 Static 60 0 RD 10.1.12.1 GigabitEthernet
0/0/0
2.2.2.0/24 Direct 0 0 D 2.2.2.1 GigabitEthernet
0/0/2
2.2.2.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
2.2.2.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
3.3.3.0/24 Static 60 0 RD 10.1.23.3 GigabitEthernet
0/0/1
10.1.12.0/24 Direct 0 0 D 10.1.12.2 GigabitEthernet
0/0/0
10.1.12.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.1.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.1.23.0/24 Direct 0 0 D 10.1.23.2 GigabitEthernet
0/0/1
10.1.23.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.1.23.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
我们可以看到AR1和AR2的路由表中并没有存在刚刚配置的备份路由条目
这个时候我们关闭AR1>AR2互联的接口
[AR1]int GigabitEthernet 0/0/0
[AR1-GigabitEthernet0/0/0]shutdown
在查看AR1和AR2的路由表
[AR1]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 12 Routes : 12
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.0/24 Direct 0 0 D 1.1.1.1 GigabitEthernet
0/0/2
1.1.1.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
1.1.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
2.2.2.0/24 Static 100 0 RD 10.1.13.3 GigabitEthernet
0/0/1
3.3.3.0/24 Static 60 0 RD 10.1.13.3 GigabitEthernet
0/0/1
10.1.13.0/24 Direct 0 0 D 10.1.13.1 GigabitEthernet
0/0/1
10.1.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.1.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
[AR2]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 12 Routes : 12
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.0/24 Static 100 0 RD 10.1.23.3 GigabitEthernet
0/0/1
2.2.2.0/24 Direct 0 0 D 2.2.2.1 GigabitEthernet
0/0/2
2.2.2.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
2.2.2.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
3.3.3.0/24 Static 60 0 RD 10.1.23.3 GigabitEthernet
0/0/1
10.1.23.0/24 Direct 0 0 D 10.1.23.2 GigabitEthernet
0/0/1
10.1.23.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.1.23.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
标红处我们可以看到刚刚配置的备份路由(浮动静态路由)在接口shutdown时,原先的路由失效,优先级低的路由出现了。
这个时候我们在用tracert命令进行追踪数据包看去往PC2的流量是否切换到AR3的路线。
PC1>tracert 2.2.2.5
traceroute to 2.2.2.5, 8 hops max
(ICMP), press Ctrl+C to stop
1 1.1.1.1 15 ms 16 ms 16 ms
2 10.1.13.3 15 ms 32 ms 15 ms
3 *10.1.23.2 31 ms 16 ms
4 *2.2.2.5 31 ms 16 ms
标红处我们可以看到当主路线断开以后备份路由(浮动静态路由)自动生效接替了主线路的路由,到此所有配置结束,备份路由(浮动静态路由)在我们实际生产环境中用途很广泛,大家可以在使用过程中灵活搭配其他路由协议来进行配置。