实验背景

为了提升公司视屏会议设备的网络质量，需让视屏会议设备单独走ADSL，其他300+设备走专线，但考虑到ADSL的稳定性不如专线，所以需要配置策略路由，当ADSL正常时，视屏会议设备流量通过ADSL上网；当ADSL中断，视屏会议设备流量自动切换回专线上网。

组网需求

如图，要求PC1默认情况下走ADSL自带的PPPOE访问Internet，PC1——R1——R2——R4;

当ADSL中断时，自动切换至专线访问Internet,PC1——R1——R3——R4；

 

一、PPPOE配置

PPPOE-server配置

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]un in en
Info: Information center is disabled.
[Huawei]sysname R2-pppoe-server

1、地址池配置

[R2-pppoe-server]ip pool pppoe
Info: It's successful to create an IP address pool.
[R2-pppoe-server-ip-pool-pppoe]network 222.22.2.0 mask 24
[R2-pppoe-server-ip-pool-pppoe]dns-list 114.114.114.114

 

2、配置虚拟模板

[R2-pppoe-server]int gi 0/0/0
[R2-pppoe-server-GigabitEthernet0/0/0]ip addr 222.22.2.1 24
[R2-pppoe-server-GigabitEthernet0/0/0]q
[R2-pppoe-server]int virtual-templa 1
[R2-pppoe-server-Virtual-Template1]ip addr unnumbered int gi0/0/0
[R2-pppoe-server-Virtual-Template1]remote address pool pppoe
[R2-pppoe-server-Virtual-Template1]q

3、接口调用

[R2-pppoe-server]int gi0/0/0
[R2-pppoe-server-GigabitEthernet0/0/0]pppoe-server bind virtual-template 1
[R2-pppoe-server-GigabitEthernet0/0/0]q

4、用户名定义

[R2-pppoe-server]aaa
[R2-pppoe-server-aaa]local-user liulinfeng password cipher [email protected]
Info: Add a new user.
[R2-pppoe-server-aaa]local-user liulinfeng service-type ppp

 

 PPPOE-Client配置 （工作中一般只需要配置client端） 

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]un in en
Info: Information center is disabled.
[Huawei]sysname R1-OGP
[R1-OGP]int gi 0/0/2
[R1-OGP-GigabitEthernet0/0/2]ip addr 10.180.108.1 24
[R1-OGP-GigabitEthernet0/0/2]

1、定义拨号规则

[R1-OGP]dialer-rule
[R1-OGP-dialer-rule]dialer-rule 1 ip permit   //定义的拨号规则允许所有的IPV4流量通过
[R1-OGP-dialer-rule]q

2、拨号接口配置

[R1-OGP]interface Dialer 1
[R1-OGP-Dialer1]dialer user liulinfeng       
[R1-OGP-Dialer1]dialer-group 1                        
[R1-OGP-Dialer1]dialer bundle 1
[R1-OGP-Dialer1]ppp chap user liulinfeng                                 //运营商提供的pppoe账号
[R1-OGP-Dialer1]ppp chap password simple [email protected]     //运营商提供的pppoe密码
[R1-OGP-Dialer1]ip addr ppp-negotiate
[R1-OGP-Dialer1]q

 

3、接口下调用

[R1-OGP]int gi0/0/0
[R1-OGP-GigabitEthernet0/0/0]pppoe-client dial-bundle-number 1
[R1-OGP-GigabitEthernet0/0/0]q

查看接口状态，为UP状态，说明PPPoe的Server与Client已协商成功。

NAT配置

[R1-OGP]acl number 3099
[R1-OGP-acl-adv-3099]rule permit ip source 10.180.108.0 0.0.0.255
[R1-OGP-acl-adv-3099]q
[R1-OGP]int Dialer 1
[R1-OGP-Dialer1]nat outbound 3099

缺省路由配置

[R1-OGP]ip route-static 0.0.0.0 0 Dialer 1

 

 

模拟Internet配置

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]un in en
Info: Information center is disabled.
[Huawei]sysname Internet
[Internet]int gi 0/0/0
[Internet-GigabitEthernet0/0/0]ip addr 1.1.1.2 24
[Internet-GigabitEthernet0/0/0]int lo0
[Internet-LoopBack0]ip addr 114.114.114.114 32
[Internet-LoopBack0]q
[Internet]
[Internet]ip route-static 0.0.0.0 0 1.1.1.1

本实验中还需要在PPPOEserver中加一条静态路由

[R2-pppoe-server]ip route-static 114.114.114.114 32 1.1.1.2

此时PC1就可以通过R1出口路由——R2PPPOE-server——R4模拟Internet访问114.114.114.114了

 

二、专线配置（OSPF）

***********R4模拟Internet配置*******

<Internet>sys
Enter system view, return user view with Ctrl+Z.
[Internet]int gi0/0/1
[Internet-GigabitEthernet0/0/1]ip addr 2.2.2.2 24
[Internet-GigabitEthernet0/0/1]
[Internet-GigabitEthernet0/0/1]q
[Internet]ospf
[Internet-ospf-1]area 0
[Internet-ospf-1-area-0.0.0.0]network 114.114.114.114 0.0.0.0
[Internet-ospf-1-area-0.0.0.0]network 2.2.2.0 0.0.0.255

 

***********R3专线配置*******

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]un in en
Info: Information center is disabled.
[Huawei]sysname R3
[R3]int gi 0/0/1
[R3-GigabitEthernet0/0/1]ip addr 2.2.2.1 24
[R3-GigabitEthernet0/0/1]int gi 0/0/0
[R3-GigabitEthernet0/0/0]ip addr 3.3.3.2 24
[R3-GigabitEthernet0/0/0]q
[R3]ospf
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 3.3.3.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]network 2.2.2.0 0.0.0.255

 

***********R1出口路由配置*******

<R1-OGP>sys
Enter system view, return user view with Ctrl+Z.
[R1-OGP]int gi 0/0/1
[R1-OGP-GigabitEthernet0/0/1]ip addr 3.3.3.1 24
[R1-OGP-GigabitEthernet0/0/1]q
[R1-OGP]ospf 
[R1-OGP-ospf-1]area 0
[R1-OGP-ospf-1-area-0.0.0.0]network 3.3.3.0 0.0.0.255
[R1-OGP-ospf-1-area-0.0.0.0]network 10.180.108.0 0.0.0.255

从R1上验证ospf配置

专线配置完成！！！

 

三、策略路由配置主备线路

从出口路由的路由表发现，PC1访问internet默认路径是R1——R3——R4，因为ospf的优先级是10，静态路由的优先级是60，这个时候想让PC1的流量默认走PPPOE就需要配置策略路由

可能有人会说为什么不直接定义静态路由的优先级，关键是只有PC1一个机子走PPPOE，其他设备均走专线，所以只能是策略路由。

[R1-OGP]acl 3000              //匹配PC1的流量
[R1-OGP-acl-adv-3000]rule permit ip source 10.180.108.100 0

**********配置流分类**************

[R1-OGP-acl-adv-3000]traffic classifier c1
[R1-OGP-classifier-c1]if-match acl 3000
[R1-OGP-classifier-c1]q

 

**********配置流行为**************
[R1-OGP]traffic behavior b1
[R1-OGP-behavior-b1]redirect ip-nexthop Dialer 1       不支持Dialer 1,不会了
                                        ^
Error: Wrong parameter found at '^' position.
[R1-OGP-behavior-b1]redirect ip-nexthop 222.22.2.1
[R1-OGP-behavior-b1]q

 

疑问：

dialer 1到底是出口路由的端口还是PPPoe server上的端口，应该是PPPoe Client的端口，但是为什么静态路由可以配置成：ip route-static 0.0.0.0 0 dialer 1

静态路由的格式不是应该是ip route-static 0.0.0.0 0 下一跳么？

dialer 1本来就是出口路由的端口，怎么会可以当做下一跳呢？

**********配置流策略**************

[R1-OGP]traffic policy p1
[R1-OGP-trafficpolicy-p1]classifier c1 behavior b1
[R1-OGP-trafficpolicy-p1]q

**********接口应用流策略**************

[R1-OGP]int gi 0/0/2
[R1-OGP-GigabitEthernet0/0/2]traffic-policy p1 inbound
[R1-OGP-GigabitEthernet0/0/2]q