华为运营商级路由器配置示例 | NQA for IPv4静态路由
Posted COCOgsta
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了华为运营商级路由器配置示例 | NQA for IPv4静态路由相关的知识,希望对你有一定的参考价值。
组网需求
当网络比较简单,或者路由器不能通过动态路由协议建立到达目的网络的路由时,可以配置静态路由。但是,与动态路由协议不同,静态路由自身没有检测机制,当网络发生故障时,静态路由无法感知,需要由管理员介入,这样无法保证及时进行链路切换,可能造成业务较长时间中断。
部署BFD for静态路由的方案可以适应链路的变化情况,但是BFD for静态路由要求链路两端的设备都支持BFD功能。如果链路两端有设备不支持BFD功能,可以配置NQA for IPv4静态路由,NQA测试例检测到链路故障后,会把与其绑定的静态路由从IP路由表删除,使业务流量切换到无链路故障的路由,避免业务的长时间中断。
如图1所示,在IP城域网组网中,网络设计成冗余备份链路,其中:
- 在DeviceB和DeviceC上都配置到用户的静态路由,DeviceB为主用设备,DeviceC为备用设备;
- 正常情况下,要求业务流量走主用链路DeviceB→SwitchA;
- 当主用链路出现故障后,业务流量切换到备用链路DeviceC→SwitchA。
图1 NQA for IPv4静态路由组网图
配置思路
- 创建ICMP类型的NQA测试例,用来检测主用链路的故障。在NQA测试例客户端DeviceB与被测试设备SwitchA之间建立ICMP类型的NQA测试例,检测主用链路DeviceB→SwitchA是否正常。
- 配置静态路由,在主用链路上绑定NQA测试例。在DeviceB和DeviceC上配置静态路由,其中在DeviceB配置静态路由与NQA联动,当NQA测试例检测到链路故障时,通知路由管理模块把静态路由从IP路由表中删除。
- 配置动态路由协议。在DeviceA、DeviceB和DeviceC上配置动态路由协议,使这些设备之间可以相互学习路由。
- OSPF协议引入静态路由,并为主用链路设置较低的开销值。在DeviceB和DeviceC上配置OSPF协议引入静态路由,并且为DeviceC引入的静态路由设置较高的开销值。DeviceA从DeviceB和DeviceC学习到通往同一目的地址的路由时,会优先选择开销值较低的链路DeviceB→SwitchA。
操作步骤
1.配置IP地址,具体配置过程请参考配置文件
2.在DeviceB上配置DeviceB和SwitchA之间的NQA测试例
<DeviceB> system-view
[~DeviceB] nqa test-instance user test
[*DeviceB-nqa-user-test] test-type icmp
[*DeviceB-nqa-user-test] destination-address ipv4 172.16.1.2
[*DeviceB-nqa-user-test] frequency 10
[*DeviceB-nqa-user-test] probe-count 2
[*DeviceB-nqa-user-test] interval seconds 5
[*DeviceB-nqa-user-test] timeout 4
[*DeviceB-nqa-user-test] start now
[*DeviceB-nqa-user-test] commit
[~DeviceB-nqa-user-test] quit3.配置静态路由
# 在DeviceB上配置与NQA测试例联动的静态路由。
[~DeviceB] ip route-static 172.16.7.0 255.255.255.0 GigabitEthernet 1/0/1 172.16.1.2 track nqa user test
[*DeviceB] commit# 在DeviceC上配置静态路由。
[*DeviceC] ip route-static 172.16.7.0 255.255.255.0 GigabitEthernet 1/0/0 172.16.6.2
[*DeviceC] commit4.在DeviceA、DeviceB和DeviceC上配置动态路由协议。本例选择OSPF动态路由协议。
# 在DeviceA上配置OSPF协议。
[~DeviceA] ospf 1
[*DeviceA-ospf-1] area 0.0.0.0
[*DeviceA-ospf-1-area-0.0.0.0] network 172.16.3.0 0.0.0.255
[*DeviceA-ospf-1-area-0.0.0.0] network 172.16.4.0 0.0.0.255
[*DeviceA-ospf-1-area-0.0.0.0] quit
[*DeviceA-ospf-1] quit
[*DeviceA] commit# 在DeviceB上配置OSPF协议。
[~DeviceB] ospf 1
[*DeviceB-ospf-1] area 0.0.0.0
[*DeviceB-ospf-1-area-0.0.0.0] network 172.16.3.0 0.0.0.255
[*DeviceB-ospf-1-area-0.0.0.0] quit
[*DeviceB-ospf-1] quit
[*DeviceB] commit# 在DeviceC上配置OSPF协议。
[~DeviceC] ospf 1
[*DeviceC-ospf-1] area 0.0.0.0
[*DeviceC-ospf-1-area-0.0.0.0] network 172.16.4.0 0.0.0.255
[*DeviceC-ospf-1-area-0.0.0.0] quit
[*DeviceC-ospf-1] quit
[*DeviceC] commit5.在DeviceB和DeviceC上配置OSPF动态路由协议引入静态路由
# 在DeviceB上配置OSPF动态路由协议引入静态路由,并且把路由开销值设置为10。
[~DeviceB] ospf 1
[*DeviceB-ospf-1] import-route static cost 10
[*DeviceB-ospf-1] commit
[~DeviceB-ospf-1] quit# 在DeviceC上配置OSPF动态路由协议引入静态路由,并且把路由开销值设置为20。
[*DeviceC] ospf 1
[*DeviceC-ospf-1] import-route static cost 20
[*DeviceC-ospf-1] commit
[~DeviceC-ospf-1] quit6.查看配置结果
配置完成后,在系统视图下,在DeviceB上执行display current-configuration | include nqa命令,可以看到静态路由已经绑定NQA测试例。执行display nqa results命令,可以看到NQA测试例已经建立。
# 查看NQA for静态路由的配置。
[~DeviceB] display current-configuration | include nqa
ip route-static 172.16.7.0 255.255.255.0 GigabitEthernet 1/0/1 172.16.1.2 track nqa user test
nqa test-instance user test# 查看NQA测试结果。
[~DeviceB] display nqa results test-instance user test
NQA entry(user, test) : testflag is active ,testtype is icmp
1 . Test 6645 result The test is finished
Send operation times: 2 Receive response times: 2
Completion:success RTD OverThresholds number:0
Attempts number:1 Drop operation number:0
Disconnect operation number:0 Operation timeout number:0
System busy operation number:0 Connection fail number:0
Operation sequence errors number:0 RTT Stats errors number:0
Destination ip address:172.16.1.2
Min/Max/Average Completion Time: 1/1/1
Sum/Square-Sum Completion Time: 2/2
Last Good Probe Time: 2012-11-14 04:20:36.9
Lost packet ratio: 0 %可以看到“Lost packet ratio: 0 %”,这说明链路状态完好。
# 查看DeviceB的路由表,可以看到静态路由存在于路由表中。
[~DeviceB] display ip routing-table
Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route
------------------------------------------------------------------------------
Routing Table : _public_
Destinations : 15 Routes : 15
Destination/Mask Proto Pre Cost Flags NextHop Interface
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.16.1.0/24 Direct 0 0 D 172.16.1.1 GigabitEthernet1/0/1
172.16.1.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/1
172.16.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/1
172.16.3.0/24 Direct 0 0 D 172.16.3.2 GigabitEthernet1/0/0
172.16.3.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0
172.16.3.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0
172.16.4.0/24 OSPF 10 2 D 172.16.3.1 GigabitEthernet1/0/0
172.16.5.0/24 Direct 0 0 D 172.16.5.1 GigabitEthernet1/0/3
172.16.5.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/3
172.16.5.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/3
172.16.7.0/24 Static 60 0 D 172.16.1.2 GigabitEthernet1/0/1
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0# 查看DeviceA的路由表。
[~DeviceA] display ip routing-table
Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route
------------------------------------------------------------------------------
Routing Table : _public_
Destinations : 11 Routes : 11
Destination/Mask Proto Pre Cost Flags NextHop Interface
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.16.3.0/24 Direct 0 0 D 172.16.3.1 GigabitEthernet1/0/0
172.16.3.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0
172.16.3.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0
172.16.4.0/24 Direct 0 0 D 172.16.4.1 GigabitEthernet2/0/3
172.16.4.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet2/0/3
172.16.4.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet2/0/3
172.16.7.0/24 O_ASE 150 10 D 172.16.3.2 GigabitEthernet1/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0可以看到有一条到172.16.7.0/24的路由,下一跳指向172.16.3.2,cost值为10,因此业务流量会优先走链路DeviceB→SwitchA。
# 关闭DeviceB的GigabitEthernet 1/0/1接口,模拟链路故障。
[~DeviceB] interface GigabitEthernet 1/0/1
[~DeviceB-GigabitEthernet1/0/1] shutdown
[~DeviceB-GigabitEthernet1/0/1] commit
[~DeviceB] quit# 查看NQA测试结果。
[~DeviceB] display nqa results test-instance user test
NQA entry(user, test) : testflag is active ,testtype is icmp
1 . Test 7160 result The test is finished
Send operation times: 2 Receive response times: 0
Completion:failed RTD OverThresholds number:0
Attempts number:1 Drop operation number:0
Disconnect operation number:0 Operation timeout number:2
System busy operation number:0 Connection fail number:0
Operation sequence errors number:0 RTT Stats errors number:0
Destination ip address:172.16.1.2
Min/Max/Average Completion Time: 0/0/0
Sum/Square-Sum Completion Time: 0/0
Last Good Probe Time: 0000-00-00 00:00:00.0
Lost packet ratio: 100 %可以看到“Completion:failed”、“Lost packet ratio: 100 %”,这说明链路发生了故障。
# 查看DeviceB的路由表,可以看到静态路由消失。
[~DeviceB] display ip routing-table
Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route
------------------------------------------------------------------------------
Routing Table : _public_
Destinations : 12 Routes : 12
Destination/Mask Proto Pre Cost Flags NextHop Interface
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.16.3.0/24 Direct 0 0 D 172.16.3.2 GigabitEthernet1/0/0
172.16.3.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0
172.16.3.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0
172.16.4.0/24 OSPF 10 2 D 172.16.3.1 GigabitEthernet1/0/0
172.16.5.0/24 Direct 0 0 D 172.16.5.1 GigabitEthernet1/0/3
172.16.5.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/3
172.16.5.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/3
172.16.7.0/24 O_ASE 150 20 D 172.16.3.1 GigabitEthernet1/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0# 查看DeviceA的路由表。
[~DeviceA] display ip routing-table
Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route
------------------------------------------------------------------------------
Routing Table : _public_
Destinations : 11 Routes : 11
Destination/Mask Proto Pre Cost Flags NextHop Interface
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.16.3.0/24 Direct 0 0 D 172.16.3.1 GigabitEthernet1/0/0
172.16.3.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0
172.16.3.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0
172.16.4.0/24 Direct 0 0 D 172.16.4.1 GigabitEthernet2/0/3
172.16.4.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet2/0/3
172.16.4.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet2/0/3
172.16.7.0/24 O_ASE 150 20 D 172.16.4.2 GigabitEthernet2/0/3
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
因为DeviceB上的NQA测试例与静态路由是联动的,当NQA检测到链路故障后,就迅速通知DeviceB与其绑定的静态路由不可用,DeviceA也不能从DeviceB处学到通往172.16.7.0/24的路由。但是DeviceA可以从DeviceC处学到通往172.16.7.0/24的路由,因此可以看到通往172.16.7.0/24的路由下一跳指向172.16.4.2,cost值为20。业务流量切换到链路DeviceC→SwitchA。
以上是关于华为运营商级路由器配置示例 | NQA for IPv4静态路由的主要内容,如果未能解决你的问题,请参考以下文章
华为运营商级路由器配置示例 | 静态BFD for IPv4静态路由