华为路由器配置 智能策略路由 的基本功能示例(策略路由、PBR)
华为路由器配置 智能策略路由 的基本功能示例(策略路由、PBR)
组网需求
如图所示,某金融企业分支通过ISP1的网络和ISP2的网络和企业的数据中心相连,并将交易数据保存在数据中心的ServerA上。
企业希望实现用ISP1的网络作为高速主用链路,用ISP2的网络作为备份链路。同时为了保证交易数据能及时反馈到数据中心,要求链路的时延不能大于1000毫秒。
配置智能策略路由组网图
配置思路
采用如下思路配置智能策略路由:
在RouterA上配置NQA客户端,在RouterB上配置NQA服务器,以实现对企业分支和数据中心间链路质量情况的动态检测。
在RouterA上配置区分业务流的ACL,以实现对目的地址为数据中心ServerA的IP地址的报文进行智能策略路由。
在RouterA上配置智能策略路由的路由参数,以实现将探测链路加入链路组等。
在RouterA上配置智能策略路由与业务关联,以实现ISP1的链路为主用链路,ISP2的链路为备份链路,且链路时延不大于1000毫秒。
操作步骤
配置各接口的IP地址
# 配置RouterA的各接口的IP地址。
<Huawei> system-view
[Huawei] sysname RouterA
[RouterA] interface gigabitethernet 1/0/0
[RouterA-GigabitEthernet1/0/0] ip address 202.1.1.1 255.255.255.0
[RouterA-GigabitEthernet1/0/0] quit
[RouterA] interface gigabitethernet 2/0/0
[RouterA-GigabitEthernet2/0/0] ip address 178.1.1.1 255.255.255.0
[RouterA-GigabitEthernet2/0/0] quit
# 配置RouterB的各接口的IP地址。
<Huawei> system-view
[Huawei] sysname RouterB
[RouterB] interface gigabitethernet 1/0/0
[RouterB-GigabitEthernet1/0/0] ip address 202.1.2.1 255.255.255.0
[RouterB-GigabitEthernet1/0/0] quit
[RouterB] interface gigabitethernet 2/0/0
[RouterB-GigabitEthernet2/0/0] ip address 178.1.2.1 255.255.255.0
[RouterB-GigabitEthernet2/0/0] quit
# 配置RouterC的各接口的IP地址。
<Huawei> system-view
[Huawei] sysname RouterC
[RouterC] interface gigabitethernet 1/0/0
[RouterC-GigabitEthernet1/0/0] ip address 202.1.1.2 255.255.255.0
[RouterC-GigabitEthernet1/0/0] quit
[RouterC] interface gigabitethernet 2/0/0
[RouterC-GigabitEthernet2/0/0] ip address 202.1.2.2 255.255.255.0
[RouterC-GigabitEthernet2/0/0] quit
# 配置RouterD的各接口的IP地址。
<Huawei> system-view
[Huawei] sysname RouterD
[RouterD] interface gigabitethernet 1/0/0
[RouterD-GigabitEthernet1/0/0] ip address 178.1.1.2 255.255.255.0
[RouterD-GigabitEthernet1/0/0] quit
[RouterD] interface gigabitethernet 2/0/0
[RouterD-GigabitEthernet2/0/0] ip address 178.1.2.2 255.255.255.0
[RouterD-GigabitEthernet2/0/0] quit
配置静态路由
# 在RouterA上配置静态路由。
[RouterA] ip route-static 202.1.2.0 255.255.255.0 202.1.1.2
[RouterA] ip route-static 178.1.2.0 255.255.255.0 178.1.1.2
# 在RouterB上配置静态路由。
[RouterB] ip route-static 202.1.1.0 255.255.255.0 202.1.2.2
[RouterB] ip route-static 178.1.1.0 255.255.255.0 178.1.2.2
配置NQA实例
# 在RouterA上配置NQA客户端。
[RouterA] nqa test-instance admin nqa1
[RouterA-nqa-admin-nqa1] test-type jitter
[RouterA-nqa-admin-nqa1] destination-address ipv4 202.1.2.1
[RouterA-nqa-admin-nqa1] destination-port 10000
[RouterA-nqa-admin-nqa1] hardware-based enable
[RouterA-nqa-admin-nqa1] frequency 10
[RouterA-nqa-admin-nqa1] source-interface gigabitethernet 1/0/0
[RouterA-nqa-admin-nqa1] start now
[RouterA-nqa-admin-nqa1] quit
[RouterA] nqa test-instance admin nqa2
[RouterA-nqa-admin-nqa2] test-type jitter
[RouterA-nqa-admin-nqa2] destination-address ipv4 178.1.2.1
[RouterA-nqa-admin-nqa2] destination-port 10001
[RouterA-nqa-admin-nqa2] hardware-based enable
[RouterA-nqa-admin-nqa2] frequency 10
[RouterA-nqa-admin-nqa2] source-interface gigabitethernet 2/0/0
[RouterA-nqa-admin-nqa2] start now
[RouterA-nqa-admin-nqa2] quit
# 在RouterB上配置NQA服务器。
[RouterB] nqa-server udpecho 202.1.2.1 10000
[RouterB] nqa-server udpecho 178.1.2.1 10001
配置区分业务流的ACL
# 在RouterA上配置ACL 3000,允许目的地址为196.1.1.1的数据流做智能策略路由。
[RouterA] acl 3000
[RouterA-acl-adv-3000] rule permit ip destination 196.1.1.1 0.0.0.0
[RouterA-acl-adv-3000] quit
配置RouterA的智能策略路由的路由参数
[RouterA] smart-policy-route
[RouterA-smart-policy-route] period 50
[RouterA-smart-policy-route] route flapping suppression 100
[RouterA-smart-policy-route] prober gigabitethernet 1/0/0 nqa admin nqa1
[RouterA-smart-policy-route] prober gigabitethernet 2/0/0 nqa admin nqa2
[RouterA-smart-policy-route] link-group group1
[RouterA-smart-policy-route-link-group-group1] link-member gigabitethernet 1/0/0
[RouterA-smart-policy-route-link-group-group1] quit
[RouterA-smart-policy-route] link-group group2
[RouterA-smart-policy-route-link-group-group2] link-member gigabitethernet 2/0/0
[RouterA-smart-policy-route-link-group-group2] quit
配置智能策略路由的业务参数
[RouterA-smart-policy-route] service-map map1
[RouterA-smart-policy-route-service-map-map1] match acl 3000
[RouterA-smart-policy-route-service-map-map1] set delay threshold 1000
[RouterA-smart-policy-route-service-map-map1] set link-group group1
[RouterA-smart-policy-route-service-map-map1] set link-group group2 backup
[RouterA-smart-policy-route-service-map-map1] quit
[RouterA-smart-policy-route] quit
验证配置结果
# 在RouterA上查看探测链路的探测结果。
[RouterA] display smart-policy-route link-state
--------------------------------------------------------------------------------
link-name Delay Jitter Loss
--------------------------------------------------------------------------------
GigabitEthernet1/0/0 5000 3000 1000
GigabitEthernet2/0/0 5000 3000 1000
--------------------------------------------------------------------------------
# 在RouterA上查看业务map1的选路信息。
[RouterA] display smart-policy-route service-map map1
--------------------------------------------------------------------------------
Match acl : 3000
DelayThreshold : 1000
LossThreshold : 1000
JitterThreshold : 3000
CmiThreshold : 0
GroupName : group1
BackupGroupName : group2
Description :
Cmi-Method : d+l+j
CurLinkName : GigabitEthernet1/0/0
--------------------------------------------------------------------------------
配置文件
RouterA的配置文件
sysname RouterA
#
acl number 3000
rule 5 permit ip destination 196.1.1.1 0
#
interface GigabitEthernet1/0/0
ip address 202.1.1.1 255.255.255.0
#
interface GigabitEthernet2/0/0
ip address 178.1.1.1 255.255.255.0
#
nqa test-instance admin nqa1
test-type jitter
destination-address ipv4 202.1.2.1
destination-port 10000
hardware-based enable
frequency 10
source-interface GigabitEthernet1/0/0
start now
nqa test-instance admin nqa2
test-type jitter
destination-address ipv4 178.1.2.1
destination-port 10001
hardware-based enable
frequency 10
source-interface GigabitEthernet2/0/0
start now
#
smart-policy-route
period 50
route flapping suppression 100
prober GigabitEthernet1/0/0 nqa admin nqa1
prober GigabitEthernet2/0/0 nqa admin nqa2
link-group group1
link-member GigabitEthernet1/0/0
link-group group2
link-member GigabitEthernet2/0/0
service-map map1
match acl 3000
set delay threshold 1000
set link-group group1
set link-group group2 backup
#
ip route-static 202.1.2.0 255.255.255.0 202.1.1.2
ip route-static 178.1.2.0 255.255.255.0 178.1.1.2
#
RouterB的配置文件
#
sysname RouterB
#
interface GigabitEthernet1/0/0
ip address 202.1.2.1 255.255.255.0
#
interface GigabitEthernet2/0/0
ip address 178.1.2.1 255.255.255.0
#
nqa-server udpecho 178.1.2.1 10001
nqa-server udpecho 202.1.2.1 10000
#
ip route-static 202.1.1.0 255.255.255.0 202.1.2.2
ip route-static 178.1.1.0 255.255.255.0 178.1.2.2
#
RouterC的配置文件
#
sysname RouterC
#
interface GigabitEthernet1/0/0
ip address 202.1.1.2 255.255.255.0
#
interface GigabitEthernet2/0/0
ip address 202.1.2.2 255.255.255.0
#
RouterD的配置文件
#
sysname RouterD
#
interface GigabitEthernet1/0/0
ip address 178.1.1.2 255.255.255.0
#
interface GigabitEthernet2/0/0
ip address 178.1.2.2 255.255.255.0
#
PBR策略路由(列表、list、全)策略路由list、pbrlist
http://www.zh-cjh.com/wenzhangguilei/975.html
文章归类、所有文章列表、LISTLIST
http://www.zh-cjh.com/wangzhangonggao/2195.html
2、本资源基本为原创,部分来源其他付费资源平台或互联网收集,如有侵权请联系及时处理。
3、本站大部分文章的截图来源实验测试环境,请不要在生产环境中随意模仿,以免带来灾难性后果。
转载请保留出处: www.zh-cjh.com珠海陈坚浩博客 » 华为路由器配置 智能策略路由 的基本功能示例(策略路由、PBR)
作者: cjh
手机扫一扫,手机上查看此文章: |
一切源于价值!
其他 模板文件不存在: ./template/plugins/comment/pc/index.htm