VRRP熱備?也可用在無線局域網
VRRP熱備?也可用在無線局域網css
當前,企業爲保證業務的正常運營,但願提升網絡可靠性,同時還但願減小配置維護的工做量。爲知足用戶的需求,能夠採用VRRP熱備份下應用無線配置同步的方案。這種方案下,主、備AC一般部署在同一地理位置,但其業務切換速度很是快,可靠性比雙鏈路熱備份更高;接下來看一個實例:(華爲官網)安全
組網拓撲服務器
VRRP熱備份場景下的無線配置同步組網圖(直接轉發)網絡
組網需求app
· AC組網方式:旁掛二層組網。dom
· DHCP部署方式:AC做爲DHCP服務器爲AP和STA分配IP地址。ide
· 業務數據轉發方式:直接轉發。ui
· 交換機集羣:核心層兩臺交換機SwitchB和SwitchC採用集羣卡集羣方式進行組網,其中SwitchB爲主交換機,SwitchC爲備交換機。spa
數據規劃pwa
配置思路
一、在SwitchB、SwitchC上配置集羣卡集羣功能,提升核心層可靠性,並使SwitchB成爲主交換機。
二、配置AP、AC和其餘網絡設備之間實現網絡互通。
三、在AC1和AC2上配置VRRP備份組。其中,AC1上配置較高優先級,做爲主用設備承擔流量轉發;AC2上配置較低優先級,做爲備用設備。
四、配置WLAN基本業務,保證用戶可以經過WLAN網絡接入Internet。
五、配置雙機熱備份功能,將AC1上的業務信息經過備份鏈路批量備份和實時備份到AC2上,保證在主設備故障時業務可以不中斷地順利切換到備份設備。
六、配置VRRP熱備份場景下的無線配置同步功能。
注意事項
一、純組播報文因爲協議要求在無線空口沒有ACK機制保障,且無線空口鏈路不穩定,爲了純組播報文可以穩定發送,一般會以低速報文形式發送。若是網絡側有大量異常組播流量涌入,則會形成無線空口擁堵。爲了減少大量低速組播報文對無線網絡形成的衝擊,建議配置組播報文抑制功能。配置前請確認是否有組播業務,若是有,請謹慎配置限速值。配置方法請參見:如何配置組播報文抑制,減少大量低速組播報文對無線網絡形成的衝擊?
業務數據轉發方式採用直接轉發時,建議在直連AP的交換機接口上配置組播報文抑制。
業務數據轉發方式採用隧道轉發時,建議在AC的流量模板下配置組播報文抑制。
二、建議在與AP直連的設備接口上配置端口隔離,若是不配置端口隔離,尤爲是業務數據轉發方式採用直接轉發時,可能會在VLAN內造成大量沒必要要的廣播報文,致使網絡阻塞,影響用戶體驗。
三、隧道轉發模式下,管理VLAN和業務VLAN不能配置爲同一VLAN,且AP和AC之間只能放通管理VLAN,不能放通業務VLAN。
四、配置時,用戶還需關注有線網絡的實際組網是否有環路存在。若是存在環路,須要爲相關網元配置MSTP功能。
操做步驟
01
配置集羣卡集羣功能
# 配置SwitchB的集羣鏈接方式爲集羣卡集羣,集羣ID爲1,集羣優先級爲100。
<HUAWEI> system-view[HUAWEI] sysname SwitchB[SwitchB] set css mode css-card[SwitchB] set css id 1[SwitchB] set css priority 100
# 配置SwitchC的集羣鏈接方式爲集羣卡集羣,集羣ID爲2,集羣優先級爲10。
<HUAWEI> system-view[HUAWEI] sysname SwitchC[SwitchC] set css mode css-card[SwitchC] set css id 2[SwitchC] set css priority 10
查看SwitchB上的集羣配置信息。
[SwitchB] display css status savedCurrent Id Saved Id CSS Enable CSS Mode Priority Master force ------------------------------------------------------------------------------ 1 1 Off CSS card 100
查看SwitchC上的集羣配置信息。
[SwitchC] display css status savedCurrent Id Saved Id CSS Enable CSS Mode Priority Master force ------------------------------------------------------------------------------ 1 2 Off CSS card 10
# 使能SwitchB的集羣功能並從新啓動SwitchB。
[SwitchB] css enableWarning: The CSS configuration will take effect only after the system is rebooted. The next CSS mode is CSS card. Reboot now? [Y/N]:y
# 使能SwitchC的集羣功能並從新啓動SwitchC。
[SwitchC] css enableWarning: The CSS configuration will take effect only after the system is rebooted. The next CSS mode is CSS card. Reboot now? [Y/N]:y
# 經過任意主控板上的Console口本地登陸集羣,使用命令行查看集羣組建是否成功。
<SwitchB> display deviceChassis 1 (Master Switch)S12708's Device status:Slot Sub Type Online Power Register Status Role -------------------------------------------------------------------------------1 - ET1D2SFUD000 Present PowerOn Registered Normal NA 1 EH1D2VS08000 Present PowerOn Registered Normal NA 5 - ET1D2G48SEC0 Present PowerOn Registered Normal NA 7 - ET1D2X16SSC0 Present PowerOn Registered Normal NA 9 - ET1D2MPUA000 Present PowerOn Registered Normal Slave 10 - ET1D2MPUA000 Present PowerOn Registered Normal Master12 - ET1D2SFUD000 Present PowerOn Registered Normal NA 1 EH1D2VS08000 Present PowerOn Registered Normal NA 13 - ET1D2SFUD000 Present PowerOn Registered Normal NA 1 EH1D2VS08000 Present PowerOn Registered Normal NA 14 - ET1D2SFUD000 Present PowerOn Registered Normal NA 1 EH1D2VS08000 Present PowerOn Registered Normal NA PWR1 - - Present PowerOn Registered Normal NA PWR2 - - Present PowerOn Registered Normal NA CMU2 - EH1D200CMU00 Present PowerOn Registered Normal MasterFAN1 - - Present PowerOn Registered Normal NA FAN2 - - Present PowerOn Registered Normal NA FAN3 - - Present PowerOn Registered Normal NA FAN4 - - Present PowerOn Registered Normal NA Chassis 2 (Standby Switch)S12708's Device status:Slot Sub Type Online Power Register Status Role -------------------------------------------------------------------------------1 - ET1D2SFUD000 Present PowerOn Registered Normal NA 1 EH1D2VS08000 Present PowerOn Registered Normal NA 3 - ET1D2G48SEC0 Present PowerOn Registered Normal NA 4 - ET1D2X16SSC0 Present PowerOn Registered Normal NA 9 - ET1D2MPUA000 Present PowerOn Registered Normal Slave 10 - ET1D2MPUA000 Present PowerOn Registered Normal Master12 - ET1D2SFUD000 Present PowerOn Registered Normal NA 1 EH1D2VS08000 Present PowerOn Registered Normal NA 13 - ET1D2SFUD000 Present PowerOn Registered Normal NA 1 EH1D2VS08000 Present PowerOn Registered Normal NA 14 - ET1D2SFUD000 Present PowerOn Registered Normal NA 1 EH1D2VS08000 Present PowerOn Registered Normal NA PWR1 - - Present PowerOn Registered Normal NA PWR2 - - Present PowerOn Registered Normal NA CMU1 - EH1D200CMU00 Present PowerOn Registered Normal MasterFAN1 - - Present PowerOn Registered Normal NA FAN2 - - Present PowerOn Registered Normal NA FAN3 - - Present PowerOn Registered Normal NA FAN4 - - Present PowerOn Registered Normal NA <SwitchB> display css statusCSS Enable switch On Chassis Id CSS Enable CSS Status CSS Mode Priority Master Force ------------------------------------------------------------------------------ 1 On Master CSS card 100 Off 2 On Standby CSS card 10 Off
以上顯示信息中,可以查看到兩臺成員交換機的單板狀態及集羣狀態,表示集羣創建完成。
# 查看集羣鏈路狀態是否正常。
<SwitchB> display css channel Chassis 1 || Chassis 2 --------------------------------------------------------------------------------Num [Port] [Speed] || [Speed] [Port] 1 1/1/0/1 10G 10G 2/1/0/1 2 1/1/0/2 10G 10G 2/1/0/2 3 1/1/0/3 10G 10G 2/1/0/3 4 1/1/0/4 10G 10G 2/1/0/4 5 1/1/0/5 10G 10G 2/1/0/5 6 1/1/0/6 10G 10G 2/1/0/6 7 1/1/0/7 10G 10G 2/1/0/7 8 1/1/0/8 10G 10G 2/1/0/8 9 1/12/0/1 10G 10G 2/12/0/1 10 1/12/0/2 10G 10G 2/12/0/2 11 1/12/0/3 10G 10G 2/12/0/3 12 1/12/0/4 10G 10G 2/12/0/4 13 1/12/0/5 10G 10G 2/12/0/5 14 1/12/0/6 10G 10G 2/12/0/6 15 1/12/0/7 10G 10G 2/12/0/7 16 1/12/0/8 10G 10G 2/12/0/8 17 1/13/0/1 10G 10G 2/13/0/1 18 1/13/0/2 10G 10G 2/13/0/2 19 1/13/0/3 10G 10G 2/13/0/3 20 1/13/0/4 10G 10G 2/13/0/4 21 1/13/0/5 10G 10G 2/13/0/5 22 1/13/0/6 10G 10G 2/13/0/6 23 1/13/0/7 10G 10G 2/13/0/7 24 1/13/0/8 10G 10G 2/13/0/8 25 1/14/0/1 10G 10G 2/14/0/1 26 1/14/0/2 10G 10G 2/14/0/2 27 1/14/0/3 10G 10G 2/14/0/3 28 1/14/0/4 10G 10G 2/14/0/4 29 1/14/0/5 10G 10G 2/14/0/5 30 1/14/0/6 10G 10G 2/14/0/6 31 1/14/0/7 10G 10G 2/14/0/7 32 1/14/0/8 10G 10G 2/14/0/8 --------------------------------------------------------------------------------
以上顯示信息中,全部集羣鏈接的鏈路都顯示正常,至此能夠說明集羣組建徹底成功。
02
配置SwitchA、SwitchB、SwitchC、AC1和AC2,使AP與AC之間可以傳輸CAPWAP報文
# 配置SwitchA鏈接AP的接口GE0/0/1的PVID爲VLAN100(管理VLAN)並加入VLAN100和VLAN101(業務VLAN),SwitchA鏈接SwitchB的接口GE0/0/2和SwitchA鏈接SwitchC的接口GE0/0/3加入Eth-Trunk10。
<HUAWEI> system-view[HUAWEI] sysname SwitchA[SwitchA] vlan batch 100 101[SwitchA] interface gigabitethernet 0/0/1[SwitchA-GigabitEthernet0/0/1] port link-type trunk[SwitchA-GigabitEthernet0/0/1] port trunk pvid vlan 100[SwitchA-GigabitEthernet0/0/1] undo port trunk allow-pass vlan 1[SwitchA-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 101[SwitchA-GigabitEthernet0/0/1] port-isolate enable[SwitchA-GigabitEthernet0/0/1] quit[SwitchA] interface eth-trunk 10[SwitchA-Eth-Trunk10] port link-type trunk[SwitchA-Eth-Trunk10] undo port trunk allow-pass vlan 1[SwitchA-Eth-Trunk10] port trunk allow-pass vlan 100 101[SwitchA-Eth-Trunk10] quit[SwitchA] interface gigabitethernet 0/0/2[SwitchA-GigabitEthernet0/0/2] undo port link-type[SwitchA-GigabitEthernet0/0/2] eth-trunk 10[SwitchA-GigabitEthernet0/0/2] quit[SwitchA] interface gigabitethernet 0/0/3[SwitchA-GigabitEthernet0/0/3] undo port link-type[SwitchA-GigabitEthernet0/0/3] eth-trunk 10[SwitchA-GigabitEthernet0/0/3] quit
# 配置SwitchB的接口GE1/1/0/2和SwitchC的接口GE2/1/0/2加入Eth-Trunk10,SwitchB的接口E1/1/0/1和SwitchC的接口GE2/1/0/1加入VLAN100和VLAN101。
[SwitchB] sysname CSS[CSS] vlan batch 100 101[CSS] interface gigabitethernet 1/1/0/1[CSS-GigabitEthernet1/1/0/1] port link-type trunk[CSS-GigabitEthernet1/1/0/1] undo port trunk allow-pass vlan 1[CSS-GigabitEthernet1/1/0/1] port trunk allow-pass vlan 100 101[CSS-GigabitEthernet1/1/0/1] quit[CSS] interface gigabitethernet 2/1/0/1[CSS-GigabitEthernet2/1/0/1] port link-type trunk[CSS-GigabitEthernet2/1/0/1] undo port trunk allow-pass vlan 1[CSS-GigabitEthernet2/1/0/1] port trunk allow-pass vlan 100 101[CSS-GigabitEthernet2/1/0/1] quit[CSS] interface eth-trunk 10[CSS-Eth-Trunk10] port link-type trunk[CSS-Eth-Trunk10] undo port trunk allow-pass vlan 1[CSS-Eth-Trunk10] port trunk allow-pass vlan 100 101[CSS-Eth-Trunk10] quit[CSS] interface gigabitethernet 1/1/0/2[CSS-GigabitEthernet1/1/0/2] undo port link-type[CSS-GigabitEthernet1/1/0/2] eth-trunk 10[CSS-GigabitEthernet1/1/0/2] quit[CSS] interface gigabitethernet 2/1/0/2[CSS-GigabitEthernet2/1/0/2] undo port link-type[CSS-GigabitEthernet2/1/0/2] eth-trunk 10[CSS-GigabitEthernet2/1/0/2] quit
# 配置AC1鏈接SwitchB的接口GE0/0/1加入VLAN100和VLAN101,並配置VLANIF100和VLANIF101。
<AC6605> system-view[AC6605] sysname AC1[AC1] vlan batch 100 101[AC1] interface gigabitethernet 0/0/1[AC1-GigabitEthernet0/0/1] port link-type trunk[AC1-GigabitEthernet0/0/1] undo port trunk allow-pass vlan 1[AC1-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 101[AC1-GigabitEthernet0/0/1] quit[AC1] interface vlanif 100[AC1-Vlanif100] ip address 10.23.100.1 24[AC1-Vlanif100] quit[AC1] interface vlanif 101[AC1-Vlanif101] ip address 10.23.101.1 24[AC1-Vlanif101] quit
# 配置AC2鏈接SwitchC的接口GE0/0/1加入VLAN100和101,並配置VLANIF100和VLANIF101。
<AC6605> system-view[AC6605] sysname AC2[AC2] vlan batch 100 101[AC2] interface gigabitethernet 0/0/1[AC2-GigabitEthernet0/0/1] port link-type trunk[AC2-GigabitEthernet0/0/1] undo port trunk allow-pass vlan 1[AC2-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 101[AC2-GigabitEthernet0/0/1] quit[AC2] interface vlanif 100[AC2-Vlanif100] ip address 10.23.100.2 24[AC2-Vlanif100] quit[AC2] interface vlanif 101[AC2-Vlanif101] ip address 10.23.101.2 24[AC2-Vlanif101] quit
03
配置AC1和AC2互通
# 配置AC1鏈接AC2的接口GE0/0/2加入VLAN102。
[AC1] vlan batch 102[AC1] interface gigabitethernet 0/0/2[AC1-GigabitEthernet0/0/2] port link-type trunk[AC1-GigabitEthernet0/0/2] undo port trunk allow-pass vlan 1[AC1-GigabitEthernet0/0/2] port trunk allow-pass vlan 102[AC1-GigabitEthernet0/0/2] quit[AC1] interface vlanif 102[AC1-Vlanif102] ip address 10.23.102.1 24[AC1-Vlanif102] quit
# 配置AC2鏈接AC1的接口GE0/0/2加入VLAN102。
[AC2] vlan batch 102[AC2] interface gigabitethernet 0/0/2[AC2-GigabitEthernet0/0/2] port link-type trunk[AC2-GigabitEthernet0/0/2] undo port trunk allow-pass vlan 1[AC2-GigabitEthernet0/0/2] port trunk allow-pass vlan 102[AC2-GigabitEthernet0/0/2] quit[AC2] interface vlanif 102[AC2-Vlanif102] ip address 10.23.102.2 24[AC2-Vlanif102] quit
04
配置DHCP服務器
# 配置AC1做爲DHCP服務器爲AP和STA分配IP地址。
[AC1] dhcp enable[AC1] dhcp server database enable[AC1] dhcp server database recover[AC1] interface vlanif 100[AC1-Vlanif100] dhcp select interface[AC1-Vlanif100] dhcp server excluded-ip-address 10.23.100.2[AC1-Vlanif100] quit[AC1] interface vlanif 101[AC1-Vlanif101] dhcp select interface[AC1-Vlanif101] dhcp server excluded-ip-address 10.23.101.2[AC1-Vlanif101] quit
# AC2的配置與AC1相似。
05
在AC1上配置VRRP方式的雙機熱備份
# 配置VRRP備份組的狀態恢復延遲時間爲60秒。
[AC1] vrrp recover-delay 60
# 在AC1上建立管理VRRP備份組,配置AC1在該備份組中的優先級爲120,並配置搶佔時間爲1800秒,配置備份組中Master發送VRRP報文的時間間隔爲2秒。
[AC1] interface vlanif 100[AC1-Vlanif100] vrrp vrid 1 virtual-ip 10.23.100.3[AC1-Vlanif100] vrrp vrid 1 priority 120[AC1-Vlanif100] vrrp vrid 1 preempt-mode timer delay 1800[AC1-Vlanif100] admin-vrrp vrid 1[AC1-Vlanif100] vrrp vrid 1 timer advertise 2[AC1-Vlanif100] quit
# 在AC1上建立業務VRRP備份組,並配置搶佔時間爲1800秒,配置備份組中Master發送VRRP報文的時間間隔爲2秒。
[AC1] interface vlanif 101[AC1-Vlanif101] vrrp vrid 2 virtual-ip 10.23.101.3[AC1-Vlanif101] vrrp vrid 2 preempt-mode timer delay 1800[AC1-Vlanif101] vrrp vrid 2 track admin-vrrp interface vlanif 100 vrid 1 unflowdown[AC1-Vlanif101] vrrp vrid 2 timer advertise 2[AC1-Vlanif101] quit
# 在AC1上建立HSB主備服務0,並配置其主備通道IP地址和端口號,配置HSB主備服務報文的重傳次數和發送間隔。
[AC1] hsb-service 0[AC1-hsb-service-0] service-ip-port local-ip 10.23.102.1 peer-ip 10.23.102.2 local-data-port 10241 peer-data-port 10241[AC1-hsb-service-0] service-keep-alive detect retransmit 3 interval 6[AC1-hsb-service-0] quit
# 在AC1上建立HSB備份組0,並配置其綁定HSB主備服務0和管理VRRP備份組。
[AC1] hsb-group 0[AC1-hsb-group-0] bind-service 0[AC1-hsb-group-0] track vrrp vrid 1 interface vlanif 100[AC1-hsb-group-0] quit
# 配置NAC業務綁定HSB備份組。
[AC1] hsb-service-type access-user hsb-group 0
# 配置WLAN業務綁定HSB備份組。
[AC1] hsb-service-type ap hsb-group 0
# 配置DHCP業務綁定HSB備份組。
[AC1] hsb-service-type dhcp hsb-group 0
# 使能雙機熱備功能。
[AC1] hsb-group 0[AC1-hsb-group-0] hsb enable[AC1-hsb-group-0] quit
06
在AC2上配置VRRP方式的雙機熱備份
# 配置VRRP備份組的狀態恢復延遲時間爲60秒。
[AC2] vrrp recover-delay 60
# 在AC2上建立管理VRRP備份組,配置備份組中Master發送VRRP報文的時間間隔爲2秒。
[AC2] interface vlanif 100[AC2-Vlanif100] vrrp vrid 1 virtual-ip 10.23.100.3[AC2-Vlanif100] admin-vrrp vrid 1[AC2-Vlanif100] vrrp vrid 1 timer advertise 2[AC2-Vlanif100] quit
# 在AC2上建立業務VRRP備份組,配置備份組中Master發送VRRP報文的時間間隔爲2秒。
[AC2] interface vlanif 101[AC2-Vlanif101] vrrp vrid 2 virtual-ip 10.23.101.3[AC2-Vlanif101] vrrp vrid 2 track admin-vrrp interface vlanif 100 vrid 1 unflowdown[AC2-Vlanif101] vrrp vrid 2 timer advertise 2[AC2-Vlanif101] quit
# 在AC2上建立HSB主備服務0,並配置其主備通道IP地址和端口號,配置HSB主備服務報文的重傳次數和發送間隔。
[AC2] hsb-service 0[AC2-hsb-service-0] service-ip-port local-ip 10.23.102.2 peer-ip 10.23.102.1 local-data-port 10241 peer-data-port 10241[AC2-hsb-service-0] service-keep-alive detect retransmit 3 interval 6[AC2-hsb-service-0] quit
# 在AC2上建立HSB備份組0,並配置其綁定HSB主備服務0和管理VRRP備份組。
[AC2] hsb-group 0[AC2-hsb-group-0] bind-service 0[AC2-hsb-group-0] track vrrp vrid 1 interface vlanif 100[AC2-hsb-group-0] quit
# 配置NAC業務綁定HSB備份組。
[AC2] hsb-service-type access-user hsb-group 0
# 配置WLAN業務綁定HSB備份組。
[AC2] hsb-service-type ap hsb-group 0
# 配置DHCP業務綁定HSB備份組。
[AC2] hsb-service-type dhcp hsb-group 0
# 使能雙機熱備功能。
[AC2] hsb-group 0[AC2-hsb-group-0] hsb enable[AC2-hsb-group-0] quit
07
配置AC1的WLAN業務
a、配置AC1的系統參數。
[AC1] wlan[AC1-wlan-view] ap-group name ap-group1[AC1-wlan-ap-group-ap-group1] quit[AC1-wlan-view] regulatory-domain-profile name default[AC1-wlan-regulate-domain-default] country-code cn[AC1-wlan-regulate-domain-default] quit[AC1-wlan-view] ap-group name ap-group1[AC1-wlan-ap-group-ap-group1] regulatory-domain-profile defaultWarning: Modifying the country code will clear channel, power and antenna gain configurations of the radio and reset the AP. Continue?[Y/N]:y [AC1-wlan-ap-group-ap-group1] quit[AC1-wlan-view] quit[AC1] capwap source ip-address 10.23.100.3
b、在AC1上離線導入AP。
[AC1] wlan[AC1-wlan-view] ap auth-mode mac-auth[AC1-wlan-view] ap-id 0 ap-mac 60de-4476-e360[AC1-wlan-ap-0] ap-name area_1[AC1-wlan-ap-0] ap-group ap-group1Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configurations of the radio, Whether to continue? [Y/N]:y [AC1-wlan-ap-0] quit[AC1-wlan-view] display ap allTotal AP information:nor : normal [1]-------------------------------------------------------------------------------------ID MAC Name Group IP Type State STA Uptime-------------------------------------------------------------------------------------0 60de-4476-e360 area_1 ap-group1 10.23.100.254 AP5030DN nor 0 10S-------------------------------------------------------------------------------------Total: 1
c、配置AC1的WLAN業務參數。
# 建立名爲「wlan-net」的安全模板,並配置安全策略。
[AC1-wlan-view] security-profile name wlan-net[AC1-wlan-sec-prof-wlan-net] security wpa-wpa2 psk pass-phrase a1234567 aes[AC1-wlan-sec-prof-wlan-net] quit
# 建立名爲「wlan-net」的SSID模板,並配置SSID名稱爲「wlan-net」。
[AC1-wlan-view] ssid-profile name wlan-net[AC1-wlan-ssid-prof-wlan-net] ssid wlan-net[AC1-wlan-ssid-prof-wlan-net] quit
# 建立名爲「wlan-net」的VAP模板,配置業務數據轉發模式、業務VLAN,而且引用安全模板和SSID模板。
[AC1-wlan-view] vap-profile name wlan-net[AC1-wlan-vap-prof-wlan-net] forward-mode direct-forward[AC1-wlan-vap-prof-wlan-net] service-vlan vlan-id 101[AC1-wlan-vap-prof-wlan-net] security-profile wlan-net[AC1-wlan-vap-prof-wlan-net] ssid-profile wlan-net[AC1-wlan-vap-prof-wlan-net] quit
# 配置AP組引用VAP模板,AP上射頻0和射頻1都使用VAP模板「wlan-net」的配置。
[AC1-wlan-view] ap-group name ap-group1[AC1-wlan-ap-group-ap-group1] vap-profile wlan-net wlan 1 radio 0[AC1-wlan-ap-group-ap-group1] vap-profile wlan-net wlan 1 radio 1[AC1-wlan-ap-group-ap-group1] quit[AC1-wlan-view] quit
08
配置AC2的WLAN私有配置
# 配置AC2的源地址。
[AC2] capwap source ip-address 10.23.100.3
09
配置VRRP熱備份場景下的無線配置同步功能
# 配置AC1上的無線配置同步功能。
[AC1] wlan[AC1-wlan-view] master controller[AC1-master-controller] master-redundancy peer-ip ip-address 10.23.102.2 local-ip ip-address 10.23.102.1 psk H@123456[AC1-master-controller] master-redundancy track-vrrp vrid 1 interface vlanif 100[AC1-master-controller] quit[AC1-wlan-view] quit
# 配置AC2上的無線配置同步功能。
[AC2] wlan[AC2-wlan-view] master controller[AC2-master-controller] master-redundancy peer-ip ip-address 10.23.102.1 local-ip ip-address 10.23.102.2 psk H@123456[AC2-master-controller] master-redundancy track-vrrp vrid 1 interface vlanif 100[AC2-master-controller] quit[AC2-wlan-view] quit
10
手動觸發無線配置同步
# 執行命令display sync-configuration status查看無線配置同步狀態信息,狀態爲「cfg-mismatch」。須要在Master AC上手動觸發無線配置同步到Backup Master AC上。等待Backup Master AC自動重啓完成。
[AC1] display sync-configuration statusController role:Master/Backup/Local------------------------------------------------------------------------------------Controller IP Role Device Type Version Status ------------------------------------------------------------------------------------10.23.102.2 Backup AC6605 V200R007C20 cfg-mismatch(config check fail) ------------------------------------------------------------------------------------Total: 1[AC1] synchronize-configurationWarning: This operation may reset the remote AC, synchronize configurations to it, and save all its configurations. Whether to continue? [Y/N]:y
11
檢查配置結果
a、檢查VRRP。
# 完成上述配置之後,在AC1和AC2上分別執行display vrrp命令,能夠看到AC1的State字段的顯示爲Master,AC2的State字段的顯示爲Backup。
[AC1] display vrrp Vlanif100 | Virtual Router 1 State : Master Virtual IP : 10.23.100.3 Master IP : 10.23.100.1 PriorityRun : 120 PriorityConfig : 120 MasterPriority : 120 Preempt : YES Delay Time : 1800 s TimerRun : 2 s TimerConfig : 2 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : admin-vrrp Backup-forward : disabled Create time : 2020-08-17 16:58:22 Last change time : 2020-08-17 16:58:25
Vlanif101 | Virtual Router 2 State : Master Virtual IP : 10.23.101.3 Master IP : 10.23.101.1 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 100 Preempt : YES Delay Time : 1800 s TimerRun : 2 s TimerConfig : 2 s Auth type : NONE Virtual MAC : 0000-5e00-0102 Check TTL : YES Config type : member-vrrp Backup-forward : disabled Create time : 2020-08-17 16:58:35 Last change time : 2020-08-17 16:58:38
[AC2] display vrrp Vlanif100 | Virtual Router 1 State : Backup Virtual IP : 10.23.100.3 Master IP : 10.23.100.1 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 120 Preempt : YES Delay Time : 0 s TimerRun : 2 s TimerConfig : 2 s Auth type : NONE Virtual MAC : 0000-5e00-0101 Check TTL : YES Config type : admin-vrrp Backup-forward : disabled Create time : 2020-08-17 02:31:42 UTC-07:00 Last change time : 2020-08-17 02:32:21 UTC-07:00
Vlanif101 | Virtual Router 2 State : Backup Virtual IP : 10.23.101.3 Master IP : 0.0.0.0 PriorityRun : 100 PriorityConfig : 100 MasterPriority : 100 Preempt : YES Delay Time : 0 s TimerRun : 2 s TimerConfig : 2 s Auth type : NONE Virtual MAC : 0000-5e00-0102 Check TTL : YES Config type : member-vrrp Backup-forward : disabled Create time : 2020-08-17 02:31:42 UTC-07:00 Last change time : 2020-08-17 02:32:21 UTC-07:00
# 在AC1和AC2上執行display hsb-service 0命令,查看主備服務的創建狀況。能夠看到Service State字段的顯示爲Connected,說明主備服務通道已經成功創建。
[AC1] display hsb-service 0Hot Standby Service Information:---------------------------------------------------------- Local IP Address : 10.23.102.1 Peer IP Address : 10.23.102.2 Source Port : 10241 Destination Port : 10241 Keep Alive Times : 3 Keep Alive Interval : 6 Service State : Connected Service Batch Modules : Shared-key : -----------------------------------------------------------[AC2] display hsb-service 0Hot Standby Service Information:---------------------------------------------------------- Local IP Address : 10.23.102.2 Peer IP Address : 10.23.102.1 Source Port : 10241 Destination Port : 10241 Keep Alive Times : 3 Keep Alive Interval : 6 Service State : Connected Service Batch Modules : Shared-key : -----------------------------------------------------------
# 在AC1和AC2上執行display hsb-group 0命令,查看HSB備份組的運行狀況。
[AC1] display hsb-group 0Hot Standby Group Information:---------------------------------------------------------- HSB-group ID : 0 Vrrp Group ID : 1 Vrrp Interface : Vlanif100 Service Index : 0 Group Vrrp Status : Master Group Status : Active Group Backup Process : Realtime Peer Group Device Name : AC6605 Peer Group Software Version : V200R007C20 Group Backup Modules : Access-user AP DHCP----------------------------------------------------------
[AC2] display hsb-group 0Hot Standby Group Information:---------------------------------------------------------- HSB-group ID : 0 Vrrp Group ID : 1 Vrrp Interface : Vlanif100 Service Index : 0 Group Vrrp Status : Backup Group Status : Inactive Group Backup Process : Realtime Peer Group Device Name : AC6605 Peer Group Software Version : V200R007C20 Group Backup Modules : Access-user AP DHCP---------------------------------------------------------
b、檢查無線配置同步。
# 在Master AC和Backup Master AC上分別執行命令display sync-configuration status,查看無線配置同步狀態信息。狀態爲「up」表示無線配置同步功能正常。
[AC1] display sync-configuration statusController role:Master/Backup/Local-------------------------------------------------------------------------Controller IP Role Device Type Version Status -------------------------------------------------------------------------10.23.102.2 Backup AC6605 V200R007C20 up -------------------------------------------------------------------------Total: 1
[AC2] display sync-configuration statusController role:Master/Backup/Local-------------------------------------------------------------------------Controller IP Role Device Type Version Status -------------------------------------------------------------------------10.23.102.1 Master AC6605 V200R007C20 up -------------------------------------------------------------------------Total: 1
c、AP下的無線接入用戶能夠搜索到SSID標識爲「wlan-net」的WLAN網絡並正常上線。
當SwitchA與SwitchB、AC1與SwitchB之間的鏈路中斷後,AC2切換爲主AC,保證業務傳輸的穩定性。
相關文章
- 1. 無線局域網,有線局域網
- 2. 無線局域網
- 3. 802.11無線局域網
- 4. 0x03-無線局域網
- 5. 無線局域網技術
- 6. 無線局域網基礎
- 7. IEEE 802.11 無線局域網
- 8. 無線局域網標準
- 9. 八、無線局域網
- 10. WPAN(無線個域網)和WLAN(無線局域網)的區別
- 更多相關文章...
- • 網站 域名 - 網站主機教程
- • CIDR(無類域間路由)是什麼? - TCP/IP教程
- • TiDB 在摩拜單車在線數據業務的應用和實踐
- • Git可視化極簡易教程 — Git GUI使用方法
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. Window下Ribbit MQ安裝
- 2. Linux下Redis安裝及集羣搭建
- 3. shiny搭建網站填坑戰略
- 4. Mysql8.0.22安裝與配置詳細教程
- 5. Hadoop安裝及配置
- 6. Python爬蟲初學筆記
- 7. 部署LVS-Keepalived高可用集羣
- 8. keepalived+mysql高可用集羣
- 9. jenkins 公鑰配置
- 10. HA實用詳解
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. 無線局域網,有線局域網
- 2. 無線局域網
- 3. 802.11無線局域網
- 4. 0x03-無線局域網
- 5. 無線局域網技術
- 6. 無線局域網基礎
- 7. IEEE 802.11 無線局域網
- 8. 無線局域網標準
- 9. 八、無線局域網
- 10. WPAN(無線個域網)和WLAN(無線局域網)的區別