HCIP-2万人堆叠型网络设计

  |   0 评论   |   0 浏览

layout: post
title: 2~5万人堆叠型网络设计
subtitle: 2~5万人堆叠型网络设计
date: 2021-01-21
author: Shuaiqijun
header-img: img/blog1.jpg
catalog: true
tags:

  • 华为HCIP
  • 2~5万人堆叠型网络设计

2万人堆叠型网络设计

image.png

堆叠配置

[sw1]irf member 1 priority 5
[sw1]interface rang FortyGigE 1/0/53 FortyGigE 1/0/54
[sw1-if-range]shutdown
[sw1]irf-port 1/1
[sw1-irf-port1/1]port group interface FortyGigE 1/0/53
[sw1-irf-port1/1]port group interface FortyGigE 1/0/54
[sw1]interface rang FortyGigE 1/0/53 for 1/0/54
[sw1-if-range]undo shutdown
[sw1]irf-port-configuration active


[sw2]irf member 1 renumber 2
<sw2>save
<sw2>reboot
[sw2]interface range FortyGigE 2/0/53 FortyGigE 2/0/54
[sw2-if-range]shutdown
[sw2]irf-port 2/2
[sw2-irf-port2/2]port group interface FortyGigE 2/0/53
[sw2-irf-port2/2]port group interface FortyGigE 2/0/54
[sw2]interface range FortyGigE 2/0/53 FortyGigE 2/0/54
[sw2-if-range]undo shutdown
<sw2>save
[sw2]irf-port-configuration active

<sw1>dis irf
MemberID    Role    Priority  CPU-Mac         Description
  *1        Master  5         7858-9eac-0304  ---
  +2        Standby 1         7858-af42-0404  ---
--------------------------------------------------
 * indicates the device is the master.
 + indicates the device through which the user logs in.

 The bridge MAC of the IRF is: 7858-9eac-0300
 Auto upgrade                : yes
 Mac persistent              : 6 min
 Domain ID                   : 0


[sw3]irf domain 2
[sw3]irf member 1 priority 5
[sw3]interface range FortyGigE 1/0/53 FortyGigE 1/0/54
[sw3-if-range]shutdown
[sw3]irf-port 1/1
[sw3-irf-port1/1]port group  interface FortyGigE 1/0/53
[sw3-irf-port1/1]port group  interface FortyGigE 1/0/54
[sw3]interface range FortyGigE 1/0/53 FortyGigE 1/0/54
[sw3-if-range]undo shutdown
[sw3]irf-port-configuration active
<sw3>save


[sw4]irf domain 2
[sw4]irf member 1 renumber 2
<sw4>save
<sw4>reboot
[sw4]interface  range FortyGigE 2/0/53 FortyGigE 2/0/54
[sw4-if-range]shutdown
[sw4-if-range]irf-port 2/2
[sw4-irf-port2/2]port group interface FortyGigE 2/0/53
[sw4-irf-port2/2]port group interface FortyGigE 2/0/54
[sw4-irf-port2/2]interface  range FortyGigE 2/0/53 FortyGigE 2/0/54
[sw4-if-range]undo shutdown
<sw4>save
[sw4]irf-port-configuration active


<sw3>dis irf
MemberID    Role    Priority  CPU-Mac         Description
  *1        Master  5         7858-c678-0504  ---
  +2        Standby 1         7858-d2bc-0604  ---
--------------------------------------------------
 * indicates the device is the master.
 + indicates the device through which the user logs in.

 The bridge MAC of the IRF is: 7858-c678-0500
 Auto upgrade                : yes
 Mac persistent              : 6 min
 Domain ID                   : 2

image.png

链路聚合配置

[sw1]int Bridge-Aggregation 1    //创建聚合组1
[sw1-Bridge-Aggregation1]link-aggregation mode dynamic
[sw1]interface range Ten-GigabitEthernet 1/0/49 Ten-GigabitEthernet 1/0/50 Ten-G
igabitEthernet 2/0/49 Ten-GigabitEthernet 2/0/50
[sw1-if-range]port link-aggregation group 1


[sw3]inte Bridge-Aggregation 1
[sw3-Bridge-Aggregation1]link-aggregation mode dynamic
[sw3-Bridge-Aggregation1]qu
[sw3]interface range Ten-GigabitEthernet 1/0/49 Ten-GigabitEthernet 1/0/50 Ten-G
igabitEthernet 2/0/49 Ten-GigabitEthernet 2/0/50
[sw3-if-range]port link-aggregation group 1


[sw1]dis int Bridge-Aggregation
Bridge-Aggregation1
Current state: UP
IP packet frame type: Ethernet II, hardware address: 7858-9eac-0300
Description: Bridge-Aggregation1 Interface
Bandwidth: 20000000 kbps
20Gbps-speed mode, full-duplex mode
Link speed type is autonegotiation, link duplex type is autonegotiation
PVID: 1
Port link-type: Access
 Tagged VLANs:   None
 Untagged VLANs: 1
Last clearing of counters: Never
 Last 300 second input:  0 packets/sec 0 bytes/sec 0%
 Last 300 second output:  0 packets/sec 0 bytes/sec 0%
 Input (total):  0 packets, 0 bytes
        0 unicasts, 0 broadcasts, 0 multicasts, 0 pauses
 Input (normal):  0 packets, 0 bytes
        0 unicasts, 0 broadcasts, 0 multicasts, 0 pauses
 Input:  0 input errors, 0 runts, 0 giants, 0 throttles
        0 CRC, 0 frame, 0 overruns, 0 aborts
        0 ignored, 0 parity errors
 Output (total): 0 packets, 0 bytes
        0 unicasts, 0 broadcasts, 0 multicasts, 0 pauses
 Output (normal): 0 packets, 0 bytes
        0 unicasts, 0 broadcasts, 0 multicasts, 0 pauses
 Output: 0 output errors, 0 underruns, 0 buffer failures
        0 aborts, 0 deferred, 0 collisions, 0 late collisions
        0 lost carrier, 0 no carrier

Bridge-Aggregation2
Current state: UP
IP packet frame type: Ethernet II, hardware address: 7858-9eac-0300
Description: Bridge-Aggregation2 Interface
Bandwidth: 20000000 kbps
20Gbps-speed mode, full-duplex mode
Link speed type is autonegotiation, link duplex type is autonegotiation
PVID: 1
Port link-type: Access
 Tagged VLANs:   None
 Untagged VLANs: 1
Last clearing of counters: Never
 Last 300 second input:  0 packets/sec 0 bytes/sec 0%
 Last 300 second output:  0 packets/sec 0 bytes/sec 0%
 Input (total):  0 packets, 0 bytes
        0 unicasts, 0 broadcasts, 0 multicasts, 0 pauses
 Input (normal):  0 packets, 0 bytes
        0 unicasts, 0 broadcasts, 0 multicasts, 0 pauses
 Input:  0 input errors, 0 runts, 0 giants, 0 throttles
        0 CRC, 0 frame, 0 overruns, 0 aborts
        0 ignored, 0 parity errors
 Output (total): 0 packets, 0 bytes
        0 unicasts, 0 broadcasts, 0 multicasts, 0 pauses
 Output (normal): 0 packets, 0 bytes
        0 unicasts, 0 broadcasts, 0 multicasts, 0 pauses
 Output: 0 output errors, 0 underruns, 0 buffer failures
        0 aborts, 0 deferred, 0 collisions, 0 late collisions
        0 lost carrier, 0 no carrier

Bridge-Aggregation3
Current state: UP
IP packet frame type: Ethernet II, hardware address: 7858-9eac-0300
Description: Bridge-Aggregation3 Interface
Bandwidth: 20000000 kbps
20Gbps-speed mode, full-duplex mode
Link speed type is autonegotiation, link duplex type is autonegotiation
PVID: 1
Port link-type: Access
 Tagged VLANs:   None
 Untagged VLANs: 1
Last clearing of counters: Never
 Last 300 second input:  0 packets/sec 0 bytes/sec 0%
 Last 300 second output:  0 packets/sec 0 bytes/sec 0%
 Input (total):  0 packets, 0 bytes
        0 unicasts, 0 broadcasts, 0 multicasts, 0 pauses
 Input (normal):  0 packets, 0 bytes
        0 unicasts, 0 broadcasts, 0 multicasts, 0 pauses
 Input:  0 input errors, 0 runts, 0 giants, 0 throttles
        0 CRC, 0 frame, 0 overruns, 0 aborts
        0 ignored, 0 parity errors
 Output (total): 0 packets, 0 bytes
        0 unicasts, 0 broadcasts, 0 multicasts, 0 pauses
 Output (normal): 0 packets, 0 bytes
        0 unicasts, 0 broadcasts, 0 multicasts, 0 pauses
 Output: 0 output errors, 0 underruns, 0 buffer failures
        0 aborts, 0 deferred, 0 collisions, 0 late collisions
        0 lost carrier, 0 no carrier

[sw1]int Route-Aggregation 10
[sw1-Route-Aggregation10]ip add 192.168.254.2 24
[sw1]interfa range g1/0/1 g2/0/1
[sw1-if-range]port link-mode route
[sw1-if-range]port link-aggregation group 10

[R1]interface Route-Aggregation 10
[R1-Route-Aggregation10]ip add 192.168.254.1 24
[R1]interface range g0/1 g0/2
[R1-if-range]port link-aggregation g 10

vlan trunk配置

[sw1]vlan 10
[sw1-vlan10]vlan 20
[sw1-vlan20]vlan 30
[sw1-vlan30]vlan 40
[sw1-vlan40]qu
[sw1]int Bridge-Aggregation 1
[sw1-Bridge-Aggregation1]port link-type trunk
Configuring Ten-GigabitEthernet1/0/49 done.
Configuring Ten-GigabitEthernet1/0/50 done.
Configuring Ten-GigabitEthernet2/0/49 done.
Configuring Ten-GigabitEthernet2/0/50 done.
[sw1-Bridge-Aggregation1]port trunk permit vlan 10 20
Configuring Ten-GigabitEthernet1/0/49 done.
Configuring Ten-GigabitEthernet1/0/50 done.
Configuring Ten-GigabitEthernet2/0/49 done.
Configuring Ten-GigabitEthernet2/0/50 done.
[sw1-Bridge-Aggregation1]qu
[sw1]interf Bridge-Aggregation 2
[sw1-Bridge-Aggregation2]port link-type trunk
Configuring Ten-GigabitEthernet1/0/51 done.
Configuring Ten-GigabitEthernet2/0/51 done.
[sw1-Bridge-Aggregation2]port trunk permit vlan 30
Configuring Ten-GigabitEthernet1/0/51 done.
Configuring Ten-GigabitEthernet2/0/51 done.
[sw1]interface Bridge-Aggregation 3
[sw1-Bridge-Aggregation3]port link-type  trunk
Configuring Ten-GigabitEthernet1/0/52 done.
Configuring Ten-GigabitEthernet2/0/52 done.
[sw1-Bridge-Aggregation3]port trunk permit vlan 40
Configuring Ten-GigabitEthernet1/0/52 done.
Configuring Ten-GigabitEthernet2/0/52 done.
[sw1]inter Vlan-interface 10
[sw1-Vlan-interface10]ip add 192.168.10.1 24
[sw1-Vlan-interface10]inter Vlan-interface 20
[sw1-Vlan-interface20]ip add 192.168.20.1 24
[sw1-Vlan-interface20]inter Vlan-interface 30
[sw1-Vlan-interface30]ip add 192.168.30.1 24
[sw1-Vlan-interface30]inter Vlan-interface 40
[sw1-Vlan-interface40]ip add 192.168.40.1 24


[sw3]vlan 10
[sw3-vlan10]vlan 20
[sw3-vlan20]qu
[sw3]inter g1/0/1
[sw3-GigabitEthernet1/0/1]port link-type access
[sw3-GigabitEthernet1/0/1]port access vlan 10
[sw3-GigabitEthernet1/0/2]inter g2/0/1
[sw3-GigabitEthernet2/0/1]port link-type access
[sw3-GigabitEthernet2/0/1]port access vlan 20
[sw3]interface Bridge-Aggregation 1
[sw3-Bridge-Aggregation1]port link-type trunk
Configuring Ten-GigabitEthernet1/0/49 done.
Configuring Ten-GigabitEthernet1/0/50 done.
Configuring Ten-GigabitEthernet2/0/49 done.
Configuring Ten-GigabitEthernet2/0/50 done.
[sw3-Bridge-Aggregation1]port trunk permit vlan 10 20
Configuring Ten-GigabitEthernet1/0/49 done.
Configuring Ten-GigabitEthernet1/0/50 done.
Configuring Ten-GigabitEthernet2/0/49 done.
Configuring Ten-GigabitEthernet2/0/50 done.


[sw5]vlan 30
[sw5-vlan30]qu
[sw5]interface g1/0/1
[sw5-GigabitEthernet1/0/1]port link-type access
[sw5-GigabitEthernet1/0/1]port access vlan 30
[sw5]interface Bridge-Aggregation 2
[sw5-Bridge-Aggregation2]port link-type trunk
Configuring Ten-GigabitEthernet1/0/49 done.
Configuring Ten-GigabitEthernet1/0/50 done.
[sw5-Bridge-Aggregation2]port trunk permit vlan 30
Configuring Ten-GigabitEthernet1/0/49 done.
Configuring Ten-GigabitEthernet1/0/50 done.

MAD多主检测

[sw1]int Bridge-Aggregation 2
[sw1-Bridge-Aggregation2]mad enable
You need to assign a domain ID (range: 0-4294967295)
[Current domain is: 0]:
The assigned domain ID is: 0
MAD LACP only enable on dynamic aggregation interface.
[sw1-Bridge-Aggregation2]int Bridge-Aggregation 3
[sw1-Bridge-Aggregation3]mad enable
You need to assign a domain ID (range: 0-4294967295)
[Current domain is: 0]:
The assigned domain ID is: 0
MAD LACP only enable on dynamic aggregation interface.
[sw1-Bridge-Aggregation3]int Bridge-Aggregation 1
[sw1-Bridge-Aggregation1]mad enable
You need to assign a domain ID (range: 0-4294967295)
[Current domain is: 0]:
The assigned domain ID is: 0
MAD LACP only enable on dynamic aggregation interface.


[sw3]interface Bridge-Aggregation 1
[sw3-Bridge-Aggregation1]mad enable
You need to assign a domain ID (range: 0-4294967295)
[Current domain is: 2]: 0
The assigned domain ID is: 0
MAD LACP only enable on dynamic aggregation interface.


[sw5]int Bridge-Aggregation 2
[sw5-Bridge-Aggregation2]mad enable
You need to assign a domain ID (range: 0-4294967295)
[Current domain is: 0]:
The assigned domain ID is: 0
MAD LACP only enable on dynamic aggregation interface.

[sw6]interface Bridge-Aggregation 3
[sw6-Bridge-Aggregation3]mad enable
You need to assign a domain ID (range: 0-4294967295)
[Current domain is: 0]:
The assigned domain ID is: 0
MAD LACP only enable on dynamic aggregation interface.

出口路由和NAT配置

[sw1]ip route-static 0.0.0.0 0 192.168.254.1

[R1]ip route-static 0.0.0.0 0 12.1.1.2
[R1]ip route-static 192.168.0.0 255.255.0.0  192.168.254.2
[R1]acl basic 2000
[R1-acl-ipv4-basic-2000]rule 0 permit source 192.168.0.0 0.0.255.255
[R1-acl-ipv4-basic-2000]qu
[R1]interface g0/0
[R1-GigabitEthernet0/0]nat outbound 2000


Title:HCIP-2万人堆叠型网络设计
Link:https://shuaiqijun.com/articles/2021/02/01/1612171416488.html