Cisco-HSRP的配置

HSRP的配置

拓扑图

实验步骤：

配置IP地址和路由协议
R1(config)#interface f0/0

R1(config-if)#ip address 192.168.13.1 255.255.255.0

R1(config-if)#no shutdown

R1(config)#interface s1/1

R1(config-if)#ip address 192.168.12.1 255.255.255.0

R1(config-if)#no shutdown

R1(config)#router rip

R1(config-router)#network 192.168.12.0

R1(config-router)#network 192.168.13.0

R1(config-router)#passive-interface f0/0

//之所以把f0/0接口设为被动接口，是为了防止从该口向R3发送RIP信息。

R2(config)#interface f0/0

R2(config-if)#ip address 192.168.2.254 255.255.255.0

R2(config-if)#no shutdown

R2(config)#interface s1/1

R2(config-if)#clock 128000

R2(config-if)#ip address 192.168.12.2 255.255.255.0

R2(config-if)#no shutdown

R2(config)#interface s1/3

R2(config-if)#clock 128000

R2(config-if)#ip address 192.168.23.2 255.255.255.0

R2(config-if)#no shutdown

R2(config)#router rip

R2(config-router)#network 192.168.2.0

R2(config-router)#network 192.168.12.0

R2(config-router)#network 192.168.23.0

R2(config-router)#passive-interface f0/0

R3(config)#interface f0/0

R3(config-if)#ip address 192.168.13.3 255.255.255.0

R3(config-if)#no shutdown

R3(config)#interface s1/3

R3(config-if)#ip address 192.168.23.3 255.255.255.0

R3(config-if)#no shutdown

R3(config)#router rip

R3(config-router)#network 192.168.13.0

R3(config-router)#network 192.168.23.0

R3(config-router)#passive-interface f0/0

PC2(config)#no ip routing

PC2(config)#interface f0/0

PC2(config-if)#ip address 192.168.2.2 255.255.255.0

PC2(config-if)#no shutdown
PC2(config)#ip default-gateway 192.168.2.254
配置HSRP
R1(config)#interface f0/0

R1(config-if)#standby 11 ip 192.168.13.254

//启用HSRP功能，并配置虚拟IP网关地址，11为standby的组号。相同组号的路由器属于同一个HSRP组，需要注意的是同一个组内的路由器设置虚拟网关地址必须一致。

R1(config-if)#standby 11 priority 120

//配置HSRP的优先级，默认是100，值越大优先级越高。

R1(config-if)#standby 11 preempt

//设置路由器在优先级最高时成为活动路由器，如果不设置，即使路由器优先级再高也不会成为活动路由器。

R1(config-if)#standby 11 timers 3 10

//其中的3为Hello Time，表示每隔多长时间发送Hello消息。10为Hold Time，表示在多长时间内同组的路由器没有收到活动路由器发送的消息，即认为活动路由器出现故障了，同组的路由器该项设置必须一致。

R1(config-if)#standby 11 authentication md5 key-string cisco

//以上是配置认证密码，防止非法设备加入到HSRP组，同组内的设备密码需保持一致。

R3(config)#interface f0/0

R3(config-if)#standby 11 ip 192.168.13.254

R3(config-if)#standby 11 preempt

R3(config-if)#standby 11 timers 3 10

R3(config-if)#standby 11 authentication md5 key-string cisco
查看HSRP状态
R1#show standby brief

                     P indicates configured to preempt.

                     |

Interface   Grp Prio P State    Active          Standby         Virtual IP

Fa0/0       11 120 P Active   local           192.168.13.3    192.168.13.254

//以上表明R1是活动路由，R3是备份路由。

R3#show standby brief

                     P indicates configured to preempt.

                     |

Interface   Grp Prio P State    Active          Standby         Virtual IP

Fa0/0       11 100 P Standby 192.168.13.1    local           192.168.13.254

//以上表明R3是备份路由，R1是活动路由。
修改PC1的配置
PC1(config)#interface f0/0

PC1(config-if)#ip address 192.168.13.100 255.255.255.0

PC1(config-if)#no shutdown
PC1(config)#ip default-gateway 192.168.13.254
测试，在PC1上连续ping PC2，ping的过程中关掉R1上f0/0端口，观察ping的结果以及HSRP的状态。
PC1#ping

Protocol [ip]:

Target IP address: 192.168.2.2

Repeat count [5]: 3000       ----------------设置ping的次数

Datagram size [100]: 1500      ------------------设置ping包的报文长度

Timeout in seconds [2]:

Extended commands [n]: y

Source address or interface: 192.168.13.100

Type of service [0]:

Set DF bit in IP header? [no]:

Validate reply data? [no]:

Data pattern [0xABCD]:

Loose, Strict, Record, Timestamp, Verbose[none]:

Sweep range of sizes [n]:

Type escape sequence to abort.

Sending 3000, 1500-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds:

Packet sent with a source address of 192.168.13.100

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

//关闭R1端口过程中会出现丢包的现象，这是正常的，而且很快我们看到通信又恢复了。

R1(config)#interface f0/0

R1(config-if)#shutdown

R1(config-if)#

*Mar 1 01:20:12.563: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 11 state Active -> Init

R1(config-if)#

*Mar 1 01:20:14.571: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down

*Mar 1 01:20:15.571: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down

R3#

*Mar 1 01:20:05.039: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 11 state Standby -> Active

R3#show standby brief

                     P indicates configured to preempt.

                     |

Interface   Grp Prio P State    Active          Standby         Virtual IP

Fa0/0       11 100 P Active   local           unknown         192.168.13.254

//以上可以看到关掉R1的f0/0端口，R1自动由活动状态转为初始状态，R3由于设置了抢占功能，自动由备份状态转为活动状态。
配置端口跟踪

R1(config)#interface s1/1

R1(config-if)#standby 11 track s1/1 30

//以上表明跟踪的是R1的S1/1端口，如果该端口出故障了，路由器R1的优先级自动降低30。

PC1#ping

Protocol [ip]:

Target IP address: 192.168.2.2

Repeat count [5]: 3000

Datagram size [100]: 1500

Timeout in seconds [2]:

Extended commands [n]:

Sweep range of sizes [n]:

Type escape sequence to abort.

Sending 3000, 1500-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds:

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

R1(config)#interface s1/1

R1(config-if)#shutdown

R1(config-if)#

*Mar 1 01:32:54.927: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 11 state Active -> Speak

*Mar 1 01:32:55.083: %LINK-5-CHANGED: Interface Serial1/1, changed state to administratively down

R1(config-if)#

*Mar 1 01:32:56.083: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/1, changed state to down

R1(config-if)#

*Mar 1 01:33:04.927: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 11 state Speak -> Standby

R1#show standby brief

                     P indicates configured to preempt.

                     |

Interface   Grp Prio P State    Active          Standby         Virtual IP

Fa0/0       11 90   P Standby 192.168.13.3    local           192.168.13.254

//以上可以看出由于断掉了R1上s1/1的端口，路由器的优先级降为90，由活动状态转为备份状态。

R3#

*Mar 1 01:32:47.263: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 11 state Standby -> Active

R3#show standby brief

                     P indicates configured to preempt.

                     |

Interface   Grp Prio P State    Active          Standby         Virtual IP

Fa0/0       11 100 P Active   local           192.168.13.1    192.168.13.254
//以上表明由于R1端出现故障，R3自动抢占活动权，由备份状态转为活动状态
小问题，这个问题不知是Cisco设备的专属特性，还是我的配置有问题，希望行家指点一二。
R1(config)#interface s1/1

R1(config-if)#no shutdown

R1(config-if)#

*Mar 1 01:40:56.307: %LINK-3-UPDOWN: Interface Serial1/1, changed state to up

*Mar 1 01:40:57.307: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/1, changed state to up

R1(config-if)#

*Mar 1 01:40:58.031: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 11 state Standby -> Active

R1(config-if)#end

R1#show standby brief

                     P indicates configured to preempt.

                     |

Interface   Grp Prio P State    Active          Standby         Virtual IP

Fa0/0       11 120 P Active   local           192.168.13.3    192.168.13.254
//问题所在就在这里，之前我们配置了R1上的端口跟踪，如果被跟踪的端口出现故障，该路由器优先级自动减30，但是如果把该端口重新**，理论上路由器R1的优先级应变为90，而且由于优先级低于R3的100，即使配置了抢占也无法把活动权重新抢占回来。但是我们可以看到路由器R1的优先级重新变成了原来配置的优先级120，而且活动权又抢占回来了，小弟真的是不解，希望大哥大姐知道的指点指点。
不好意思，小弟一时疏忽把拓扑图中PC1的地址和网关搞错了，请以文档中的配置为准，抱歉！！！

转载于:https://blog.51cto.com/oraclong/668246

秒客网

Cisco-HSRP的配置

HSRP的配置

相关文章