配置IPv4静态路由与NQA联动示例
组网图形
·组网需求
·配置思路
·操作步骤
·配置文件
如图1所示,在RouterA上配置了多条静态路由可以使报文能够从RouterA转发给用户。现在为了提高链路的可靠性,在接入交换机不支持BFD的情况下要求当链路正常时,RouterA发送的报文由主链路RouterA→RouterB→Switch→用户。当主链路出现故障后,报文能够切换到备用链路RouterA→RouterC→Switch→用户进行转发。
为了提高链路的可靠性需要在设备上部署一种链路检测机制来实时检测链路的状态,然后再将检测结果与路由状态关联。但由于接入交换机不支持BFD功能,所以当前可以配置IPv4静态路由与NQA联动来满足要求。采用如下思路配置IPv4静态路由与NQA联动:
1. 在各路由器上配置IP地址以及在RouterA、RouterB和RouterC上配置到Client1(以Client1举例代替所有用户)的静态路由,其中在RouterA配置的静态路由为两条,且下一跳为RouterB的静态路由优先级高于下一跳为RouterC的静态路由,使得RouterA发送到Client1的报文有主备两条静态路由可达。
2. 在RouterA与SwitchA之间的主链路上建立ICMP类型的NQA测试例,并且将在RouterA配置的下一跳为RouterB的静态路由与NQA测试例联动,从而达到快速感知链路故障,实现业务的切换的目的。
说明:
静态路由与NQA联动时仅采用ICMP测试例来检测源端到目的端的路由是否可达。
1. 配置各路由器的IP地址
# 配置RouterA各接口的IP地址。
<Huawei> system-view
[Huawei] sysname RouterA
[RouterA] interface gigabitEthernet 1/0/0
[RouterA-GigabitEthernet1/0/0] ip address 172.16.3.1 24
[RouterA-GigabitEthernet1/0/0] quit
[RouterA] interface gigabitEthernet 2/0/0
[RouterA-GigabitEthernet2/0/0] ip address 172.16.4.1 24
[RouterA-GigabitEthernet2/0/0] quit
RouterB和RouterC的配置与RouterA一致(略)。
2. 在RouterA、RouterB和RouterC上配置到Client1(以Client1举例代替所有用户)的静态路由
# 在RouterA上配置到Client1的两条静态路由,其中下一跳为RouterC的静态路由优先级为100。
[RouterA] ip route-static 172.16.7.0 255.255.255.0 172.16.3.2
[RouterA] ip route-static 172.16.7.0 255.255.255.0 172.16.4.2 preference 100
# 在RouterB上配置到Client1的静态路由。
[RouterB] ip route-static 172.16.7.0 255.255.255.0 172.16.1.2
# 在RouterC上配置到Client1的静态路由。
[RouterC] ip route-static 172.16.7.0 255.255.255.0 172.16.6.2
3. 在RouterA上配置RouterA和SwitchA之间主链路上的NQA测试例
4. [RouterA] nqa test-instance aa bb
5. [RouterA-nqa-aa-bb] test-type icmp
6. [RouterA-nqa-aa-bb] destination-address ipv4 172.16.1.2
7. [RouterA-nqa-aa-bb] frequency 5
8. [RouterA-nqa-aa-bb] probe-count 1
9. [RouterA-nqa-aa-bb] start now
[RouterA-nqa-aa-bb] quit
说明:
当链路故障时,NQA ICMP测试例检测结果是失败,同时联动静态路由变为Down。一旦链路故障恢复,由于ICMP测试例报文发送时需要查找路由表,但此时路由已经被NQA联动置Down,导致ICMP测试例仍然检测失败,联动的静态路由也一直得不到恢复,业务流量也无法回切到原先的链路,此时需要配置nexthop ipv4 ip-address命令指定ICMP测试例发送报文时的下一跳地址,这样在链路故障恢复之后可以正常发送NQA探测报文,测试结果恢复成功,同时可联动恢复静态路由。
10. 在RouterA上配置下一跳为RouterB的静态路由与NQA测试例联动
[RouterA] ip route-static 172.16.7.0 255.255.255.0 172.16.3.2 track nqa aa bb
11. 验证配置结果
配置完成后,在RouterA上执行display current-configuration | include nqa命令,可以看到下一跳为RouterB的静态路由已经绑定NQA测试例。执行display nqa results命令,可以看到NQA测试例已经建立。
[RouterA] display current-configuration | include nqa
ip route-static 172.16.7.0 255.255.255.0 172.16.3.2 track nqa aa bb
nqa test-instance aa bb
# 在RouterA上执行display nqa results命令查看NQA测试结果。可以看到“Lost packet ratio: 0 %”,这说明链路状态完好。
[RouterA] display nqa results test-instance aa bb
NQA entry(aa, bb) :testflag is active ,testtype is icmp
1 . Test 1987 result The test is finished
Send operation times: 1 Receive response times: 1
Completion:success RTD OverThresholds number: 0
Attempts number:1 Drop operation number:0
Disconnect operation number:0 Operation timeout number:0
System busy operation number:0 Connection fail number:0
Operation sequence errors number:0 RTT Status errors number:0
Destination ip address:172.16.1.2
Min/Max/Average Completion Time: 120/120/120
Sum/Square-Sum Completion Time: 120/14400
Last Good Probe Time: 2012-01-06 19:14:57.5
Lost packet ratio: 0 %
# 查看RouterA的路由表,可以看到下一跳为RouterB的静态路由存在于路由表中。
[RouterA] display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 11 Routes : 11
Destination/Mask Proto Pre Cost Flags NextHop Interface
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.16.3.0/24 Direct 0 0 D 172.16.3.1 GigabitEthernet1/0/0
172.16.3.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0
172.16.3.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0
172.16.4.0/24 Direct 0 0 D 172.16.4.1 GigabitEthernet2/0/0
172.16.4.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet2/0/0
172.16.4.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet2/0/0
172.16.7.0/24 Static 60 0 D 172.16.3.2 GigabitEthernet1/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
可以看到有一条到172.16.7.0/24的路由,下一跳指向172.16.3.2,因此报文会从主链路进行转发。
# 关闭RouterB的GE1/0/0接口,模拟链路故障。
[RouterB] interface gigabitEthernet 1/0/0
[RouterB-GigabitEthernet1/0/0] shutdown
[RouterB-GigabitEthernet1/0/0] quit
# 查看NQA测试结果。可以看到“Lost packet ratio: 100 %”,这说明链路发生了故障。
[RouterA] display nqa results test-instance aa bb
NQA entry(aa, bb) :testflag is active ,testtype is icmp
1 . Test 2086 result The test is finished
Send operation times: 1 Receive response times: 0
Completion:failed RTD OverThresholds number: 0
Attempts number:1 Drop operation number:1
Disconnect operation number:0 Operation timeout number:0
System busy operation number:0 Connection fail number:0
Operation sequence errors number:0 RTT Status errors number:0
Destination ip address:172.16.1.2
Min/Max/Average Completion Time: 0/0/0
Sum/Square-Sum Completion Time: 0/0
Last Good Probe Time: 0000-00-00 00:00:00.0
Lost packet ratio: 100 %
# 查看RouterA的路由表。
[RouterA] display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 11 Routes : 11
Destination/Mask Proto Pre Cost Flags NextHop Interface
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.16.3.0/24 Direct 0 0 D 172.16.3.1 GigabitEthernet1/0/0
172.16.3.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0
172.16.3.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0
172.16.4.0/24 Direct 0 0 D 172.16.4.1 GigabitEthernet2/0/0
172.16.4.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet2/0/0
172.16.4.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet2/0/0
172.16.7.0/24 Static 100 0 D 172.16.4.2 GigabitEthernet2/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
由以上回显信息可以看出,通往目的网段172.16.7.0/24的路由下一跳指向172.16.4.2。这是因为NQA检测到主链路发生故障后,就通知RouterA通往172.16.7.0/24的静态路由不可用,从而报文切换到备用链路进行转发。
·RouterA的配置文件
#
sysname RouterA
#
interface GigabitEthernet1/0/0
ip address 172.16.3.1 255.255.255.0
#
interface GigabitEthernet2/0/0
ip address 172.16.4.1 255.255.255.0
#
ip route-static 172.16.7.0 255.255.255.0 172.16.3.2 track nqa aa bb
ip route-static 172.16.7.0 255.255.255.0 172.16.4.2 preference 100
#
nqa test-instance aa bb
test-type icmp
destination-address ipv4 172.16.1.2
frequency 5
probe-count 1
start now
#
return
·RouterB的配置文件
#
sysname RouterB
#
interface GigabitEthernet1/0/0
ip address 172.16.1.1 255.255.255.0
#
interface GigabitEthernet2/0/0
ip address 172.16.3.2 255.255.255.0
#
interface GigabitEthernet3/0/0
ip address 172.16.5.1 255.255.255.0
#
ip route-static 172.16.7.0 255.255.255.0 172.16.1.2
#
return
·RouterC的配置文件
#
sysname RouterC
#
interface GigabitEthernet1/0/0
ip address 172.16.2.1 255.255.255.0
#
interface GigabitEthernet2/0/0
ip address 172.16.4.2 255.255.255.0
#
interface GigabitEthernet3/0/0
ip address 172.16.6.1 255.255.255.0
#
ip route-static 172.16.7.0 255.255.255.0 172.16.6.2
#
return