华为路由器双出口负载均衡+备份（2）

上一个因为eNSP的问题，没有写具体的配置，本文补充一下，并添加了BFD联动，BFD需要两台设备都支持BFD，而NQA只需要一台支持即可，这点比较好，附件有完整的eNSP拓扑和配置文件。

1.AR4

[V200R003C00]

sysname AR4_AR2240

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

clock timezone China-Standard-Time minus 08:00:00

portal local-server load flash:/portalpage.zip

drop illegal-mac alarm

wlan ac-global carrier id other ac id 0

set cpu-usage threshold 80 restore 75

bfd

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

firewall zone Local

priority 15

interface Ethernet0/0/0

interface Ethernet0/0/1

interface Ethernet0/0/2

interface Ethernet0/0/3

interface Ethernet0/0/4

interface Ethernet0/0/5

interface Ethernet0/0/6

interface Ethernet0/0/7

interface GigabitEthernet0/0/0

ip address 1.1.1.2 255.255.255.0

interface GigabitEthernet0/0/1

ip address 2.2.2.2 255.255.255.0

interface NULL0

interface LoopBack0

ip address 3.3.3.3 255.255.255.0

bfd dan bind peer-ip 12.12.12.1

discriminator local 20

discriminator remote 10

commit

ip route-static 12.12.12.0 255.255.255.252 1.1.1.1

ip route-static 13.13.13.0 255.255.255.252 2.2.2.1

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

wlan ac

return

2.AR2

[V200R003C00]

sysname Dianxin_AR2240

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

clock timezone China-Standard-Time minus 08:00:00

portal local-server load portalpage.zip

drop illegal-mac alarm

set cpu-usage threshold 80 restore 75

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

firewall zone Local

priority 15

interface GigabitEthernet0/0/0

ip address 12.12.12.2 255.255.255.252

interface GigabitEthernet0/0/1

ip address 1.1.1.1 255.255.255.0

interface GigabitEthernet0/0/2

interface NULL0

ip route-static 3.3.3.0 255.255.255.0 1.1.1.2

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

wlan ac

return

3.AR3

[V200R003C00]

sysname Liantong_AR2240

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

clock timezone China-Standard-Time minus 08:00:00

portal local-server load portalpage.zip

drop illegal-mac alarm

set cpu-usage threshold 80 restore 75

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

firewall zone Local

priority 15

interface GigabitEthernet0/0/0

ip address 13.13.13.2 255.255.255.252

interface GigabitEthernet0/0/1

ip address 2.2.2.1 255.255.255.0

interface GigabitEthernet0/0/2

interface NULL0

ip route-static 3.3.3.0 255.255.255.0 2.2.2.2

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

wlan ac

return

4.AR1

[V200R003C00]

sysname WKWL_HeB_RT_AR2240

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

clock timezone China-Standard-Time minus 08:00:00

portal local-server load flash:/portalpage.zip

drop illegal-mac alarm

wlan ac-global carrier id other ac id 0

set cpu-usage threshold 80 restore 75

bfd

acl number 3000

description NAT

rule 10 permit ip source 10.50.8.0 0.0.3.255

acl number 3001

description dan-dianxin

rule 10 permit ip source 10.50.8.1 0.0.3.254

acl number 3002

description shuang-liantong

rule 10 permit ip source 10.50.8.0 0.0.3.254

traffic classifier SSR2 operator or

if-match acl 3002

traffic classifier SSR1 operator or

if-match acl 3001

traffic behavior SSR2

redirect ip-nexthop 13.13.13.2 track nqa xxf shuang

traffic behavior SSR1

redirect ip-nexthop 12.12.12.2 track nqa xxf dan

traffic policy SSR

classifier SSR1 behavior SSR1

classifier SSR2 behavior SSR2

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

firewall zone Local

priority 15

interface GigabitEthernet0/0/0

ip address 12.12.12.1 255.255.255.252

nat outbound 3000

interface GigabitEthernet0/0/1

ip address 13.13.13.1 255.255.255.252

nat outbound 3000

interface GigabitEthernet0/0/2

ip address 10.50.8.253 255.255.255.252

traffic-policy SSR inbound

interface NULL0

bfd dan bind peer-ip 1.1.1.2

discriminator local 10

discriminator remote 20

commit

ip route-static 0.0.0.0 0.0.0.0 13.13.13.2 preference 100

ip route-static 0.0.0.0 0.0.0.0 12.12.12.2 track bfd-session dan

ip route-static 1.1.1.0 255.255.255.0 12.12.12.2

ip route-static 2.2.2.0 255.255.255.0 13.13.13.2

ip route-static 10.50.8.0 255.255.254.0 10.50.8.254

nqa test-instance xxf dan

test-type icmp

destination-address ipv4 1.1.1.2

frequency 5

probe-count 1

start now

nqa test-instance xxf shuang

test-type icmp

destination-address ipv4 2.2.2.2

frequency 5

probe-count 1

start now

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

wlan ac

return

5.SW1

<WKWL_HeB_SW_S5752C>dis cu

<WKWL_HeB_SW_S5752C>dis current-configuration

sysname WKWL_HeB_SW_S5752C

vlan batch 10 20 30 40 1000

cluster enable

ntdp enable

ndp enable

drop illegal-mac alarm

dhcp enable

dhcp snooping enable

diffserv domain default

drop-profile default

vlan 1000

description TO-WKWL_HeB_RT_AR2240-GE3/0/0

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password simple admin

local-user admin service-type http

interface Vlanif1

interface Vlanif10

ip address 10.50.9.254 255.255.255.0

dhcp select interface

dhcp server excluded-ip-address 10.50.9.1 10.50.9.10

dhcp server excluded-ip-address 10.50.9.201 10.50.9.253

dhcp server dns-list 222.222.202.202 114.114.114.114

interface Vlanif1000

description TO-WKWL_HeB_RT_AR2240-GE3/0/0

ip address 10.50.8.254 255.255.255.252

interface MEth0/0/1

interface GigabitEthernet0/0/1

port link-type access

port default vlan 10

interface GigabitEthernet0/0/2

port link-type access

port default vlan 10

interface GigabitEthernet0/0/3

interface GigabitEthernet0/0/4

interface GigabitEthernet0/0/5

interface GigabitEthernet0/0/6

interface GigabitEthernet0/0/7

interface GigabitEthernet0/0/8

interface GigabitEthernet0/0/9

interface GigabitEthernet0/0/10

interface GigabitEthernet0/0/11

interface GigabitEthernet0/0/12

interface GigabitEthernet0/0/13

interface GigabitEthernet0/0/14

interface GigabitEthernet0/0/15

interface GigabitEthernet0/0/16

interface GigabitEthernet0/0/17

interface GigabitEthernet0/0/18

interface GigabitEthernet0/0/19

interface GigabitEthernet0/0/20

interface GigabitEthernet0/0/21

interface GigabitEthernet0/0/22

interface GigabitEthernet0/0/23

interface GigabitEthernet0/0/24

port link-type access

port default vlan 1000

interface NULL0

ip route-static 0.0.0.0 0.0.0.0 10.50.8.253

user-interface con 0

user-interface vty 0 4

return

<WKWL_HeB_SW_S5752C>

实验拓扑文件： http://down.51cto.com/data/2288682

时间： 2024-10-11 00:12:43

华为路由器双出口负载均衡+备份（2）的相关文章

华为路由器双出口负载均衡+备份

一个网段内,IP地址(末位奇数)走电信,IP地址(末位偶数)走联通当某个运营商不可达时,自动切换. 通过NQA来确定运营商是否可达.,并与流行为.静态路由联动,实现自动切换. 默认路由走电信,当电信不可达走联通(根据配置的路由优先级,华为交换机静态路由默认优先级为60). acl number 3001 description dan-dianxin rule 10 permit ip source 10.50.8.1 0.0.3.254 acl number 3002 description

分布式文件系统fastdfs_V5.09配置双tracker负载均衡

分布式文件系统fastdfs_V5.09配置双tracker负载均衡环境准备操作系统: Centos 7 服务器: IP:192.168.2.238 IP:192.168.2.239 软件包: fastdfs-5.09.tar.gz fastdfs-nginx-module_v1.16.tar.gz libfastcommon-master nginx-1.7.0.tar.gz ngx_http_lower_upper_case-master 注:统一放置/home/soft目录,并且解压到

Haproxy+keepalived实现双主负载均衡高可用集群

项目说明 1. 使用LVS负载均衡用户请求到后端web服务器,并且实现健康状态检查 2. 使用keepalived高可用LVS,避免LVS单点故障 3. 集群中分别在LK-01和LK-02运行一个VIP地址,实现LVS双主 4. 用户通过DNS轮训的方式实现访问集群的负载均衡(不演示) 实验拓扑环境介绍: IP地址功能描述 HK-01 172.16.4.100 调度用户请求到后端web服务器,并且和LK-02互为备份 HK-02

Nginx+keepalived构建双主负载均衡代理服务器

引言 Nginx是一个高性能的代理服务器,单台Nginx容易出现单点故障,使用keepalived可以实现Nginx的故障转移,保证了网站的高可用性一.使用Nginx+keepalived的两种方案 1.主从模式使用一个VIP,前端有2台服务器,一主一从,正常情况下是主服务器提供服务只有当主服务器不能正常提供服务之后,从服务器才提供服务,此时总会有一台服务器是空闲状态. 2.双主模式使用两个VIP,前段有2台服务器,互为主从,两台服务器同时工作,不存在资源浪费情况.同时在前段的DNS服务器

FastDFS 双tracker负载均衡及多组存储配置

应用场景: 三台服务器分别做三组存储,并且需要两台tracker地址做主备关系,当一台down机后需要另外一台可以提供正常的访问连接 #注:此处不考虑存储数据安全性,如果需要保障数据不丢失,可以分别每台存储配置两组group(相同group之间数据会自动备份) ,三台服务器group分别为: 第一台服务器:group1 group2 第二台服务器:group1 group3 第三台服务器:group2 group3 需求图如下: 一: 为三台服务器分别部署FASTDFS + Nginx-fas

Nginx配合keepalived实现双主负载均衡

一.架构规划 1.服务器IP地址规划 VIP1:192.168.1.149 VIP2:192.168.1.150 Keepalived1:192.168.1.151 Keepalived2:192.168.1.152 WebServer1:192.168.1.201 WebServer2:192.168.1.202 2.服务器操作系统所使用的操作系统均为CentOS release 6.6 (Final) x86_64,最小化安装. 3.网络拓扑图二.配置Nginx代理服务器此部分Node

链路负载均衡笔记

Load Balance 负载均衡.LLB链路负载均衡产生背景:网络带宽增长的同时带来用户数量的增长,使得服务器资源消耗严重,因而服务器成为网络瓶颈,传统的单机模式,也往往成为网络故障点 1.服务器硬件升级缺点:成本高.资源浪费.可扩展性差.无法完全解决网络面临的问题2.组建服务器集群,利用负载均衡技术在服务器集群间进行业务负载均衡多台服务器通过网络设备相连组成一个服务器集群,每台服务器都提供相同或相似的网络服务,前端部署一台负载均衡设备负载均衡是一种集群技术,它将特定的业务分担给多台服务器

web负载均衡整理

参考:http://www.cnblogs.com/lovingprince/archive/2008/11/13/2166350.html http://www.cnblogs.com/lovingprince/archive/2008/11/13/2166349.html http://news.cnblogs.com/n/208124/ http://network.51cto.com/art/201108/281452.htm 负载均衡的概念 Web集群是由多个同时运行同一个web应用的

负载均衡

负载均衡作用: 建立在现有网络结构之上,提供一种廉价.有效.透明的方法,来扩展网络设备和服务器的带宽,并发量,吞吐量,加强网络数据处理能力,提高网络灵活性,扩展性和可用性. 负载均衡相关: 什么是cookie 指某些网站为了辨别用户身份.进行 session 跟踪而储存在用户本地终端上的数据 Cookie 是由 Web 服务器保存在用户浏览器上的小文本文件,它包含有关用户的信息 cookie的应用提供应用的服务器默认是不知道客户端做了什么的,当你暂时需要记录你在网站上的一些操作时,怎么解决呢?

华为路由器双出口负载均衡+备份 （2）

华为路由器双出口负载均衡+备份 （2）的相关文章

华为路由器双出口负载均衡+备份（2）

华为路由器双出口负载均衡+备份（2）的相关文章