华为路由器配置 智能策略路由 的基本功能示例(策略路由、PBR)

华为路由器配置 智能策略路由 的基本功能示例(策略路由、PBR)

组网需求
如图所示,某金融企业分支通过ISP1的网络和ISP2的网络和企业的数据中心相连,并将交易数据保存在数据中心的ServerA上。
企业希望实现用ISP1的网络作为高速主用链路,用ISP2的网络作为备份链路。同时为了保证交易数据能及时反馈到数据中心,要求链路的时延不能大于1000毫秒。
配置智能策略路由组网图

华为路由器配置 智能策略路由 的基本功能示例(策略路由、BPR)(图1)

配置思路
采用如下思路配置智能策略路由:
    在RouterA上配置NQA客户端,在RouterB上配置NQA服务器,以实现对企业分支和数据中心间链路质量情况的动态检测。
    在RouterA上配置区分业务流的ACL,以实现对目的地址为数据中心ServerA的IP地址的报文进行智能策略路由。
    在RouterA上配置智能策略路由的路由参数,以实现将探测链路加入链路组等。
    在RouterA上配置智能策略路由与业务关联,以实现ISP1的链路为主用链路,ISP2的链路为备份链路,且链路时延不大于1000毫秒。

操作步骤
配置各接口的IP地址
    # 配置RouterA的各接口的IP地址。
    <Huawei> system-view
    [Huawei] sysname RouterA
    [RouterA] interface gigabitethernet 1/0/0
    [RouterA-GigabitEthernet1/0/0] ip address 202.1.1.1 255.255.255.0
    [RouterA-GigabitEthernet1/0/0] quit
    [RouterA] interface gigabitethernet 2/0/0
    [RouterA-GigabitEthernet2/0/0] ip address 178.1.1.1 255.255.255.0
    [RouterA-GigabitEthernet2/0/0] quit

# 配置RouterB的各接口的IP地址。
    <Huawei> system-view
    [Huawei] sysname RouterB
    [RouterB] interface gigabitethernet 1/0/0
    [RouterB-GigabitEthernet1/0/0] ip address 202.1.2.1 255.255.255.0
    [RouterB-GigabitEthernet1/0/0] quit
    [RouterB] interface gigabitethernet 2/0/0
    [RouterB-GigabitEthernet2/0/0] ip address 178.1.2.1 255.255.255.0
    [RouterB-GigabitEthernet2/0/0] quit

# 配置RouterC的各接口的IP地址。
    <Huawei> system-view
    [Huawei] sysname RouterC
    [RouterC] interface gigabitethernet 1/0/0
    [RouterC-GigabitEthernet1/0/0] ip address 202.1.1.2 255.255.255.0
    [RouterC-GigabitEthernet1/0/0] quit
    [RouterC] interface gigabitethernet 2/0/0
    [RouterC-GigabitEthernet2/0/0] ip address 202.1.2.2 255.255.255.0
    [RouterC-GigabitEthernet2/0/0] quit

 # 配置RouterD的各接口的IP地址。
    <Huawei> system-view
    [Huawei] sysname RouterD
    [RouterD] interface gigabitethernet 1/0/0
    [RouterD-GigabitEthernet1/0/0] ip address 178.1.1.2 255.255.255.0
    [RouterD-GigabitEthernet1/0/0] quit
    [RouterD] interface gigabitethernet 2/0/0
    [RouterD-GigabitEthernet2/0/0] ip address 178.1.2.2 255.255.255.0
    [RouterD-GigabitEthernet2/0/0] quit

配置静态路由
# 在RouterA上配置静态路由。
    [RouterA] ip route-static 202.1.2.0 255.255.255.0 202.1.1.2
    [RouterA] ip route-static 178.1.2.0 255.255.255.0 178.1.1.2

# 在RouterB上配置静态路由。
    [RouterB] ip route-static 202.1.1.0 255.255.255.0 202.1.2.2
    [RouterB] ip route-static 178.1.1.0 255.255.255.0 178.1.2.2

配置NQA实例
# 在RouterA上配置NQA客户端。
    [RouterA] nqa test-instance admin nqa1
    [RouterA-nqa-admin-nqa1] test-type jitter
    [RouterA-nqa-admin-nqa1] destination-address ipv4 202.1.2.1
    [RouterA-nqa-admin-nqa1] destination-port 10000
    [RouterA-nqa-admin-nqa1] hardware-based enable
    [RouterA-nqa-admin-nqa1] frequency 10
    [RouterA-nqa-admin-nqa1] source-interface gigabitethernet 1/0/0
    [RouterA-nqa-admin-nqa1] start now
    [RouterA-nqa-admin-nqa1] quit
    [RouterA] nqa test-instance admin nqa2
    [RouterA-nqa-admin-nqa2] test-type jitter
    [RouterA-nqa-admin-nqa2] destination-address ipv4 178.1.2.1
    [RouterA-nqa-admin-nqa2] destination-port 10001
    [RouterA-nqa-admin-nqa2] hardware-based enable
    [RouterA-nqa-admin-nqa2] frequency 10
    [RouterA-nqa-admin-nqa2] source-interface gigabitethernet 2/0/0
    [RouterA-nqa-admin-nqa2] start now
    [RouterA-nqa-admin-nqa2] quit

# 在RouterB上配置NQA服务器。
    [RouterB] nqa-server udpecho 202.1.2.1 10000
    [RouterB] nqa-server udpecho 178.1.2.1 10001

配置区分业务流的ACL
# 在RouterA上配置ACL 3000,允许目的地址为196.1.1.1的数据流做智能策略路由。
    [RouterA] acl 3000
    [RouterA-acl-adv-3000] rule permit ip destination 196.1.1.1 0.0.0.0
    [RouterA-acl-adv-3000] quit

配置RouterA的智能策略路由的路由参数
    [RouterA] smart-policy-route
    [RouterA-smart-policy-route] period 50
    [RouterA-smart-policy-route] route flapping suppression 100
    [RouterA-smart-policy-route] prober gigabitethernet 1/0/0 nqa admin nqa1
    [RouterA-smart-policy-route] prober gigabitethernet 2/0/0 nqa admin nqa2
    [RouterA-smart-policy-route] link-group group1
    [RouterA-smart-policy-route-link-group-group1] link-member gigabitethernet 1/0/0
    [RouterA-smart-policy-route-link-group-group1] quit
    [RouterA-smart-policy-route] link-group group2
    [RouterA-smart-policy-route-link-group-group2] link-member gigabitethernet 2/0/0
    [RouterA-smart-policy-route-link-group-group2] quit

配置智能策略路由的业务参数
    [RouterA-smart-policy-route] service-map map1
    [RouterA-smart-policy-route-service-map-map1] match acl 3000
    [RouterA-smart-policy-route-service-map-map1] set delay threshold 1000
    [RouterA-smart-policy-route-service-map-map1] set link-group group1
    [RouterA-smart-policy-route-service-map-map1] set link-group group2 backup
    [RouterA-smart-policy-route-service-map-map1] quit
    [RouterA-smart-policy-route] quit

验证配置结果
    # 在RouterA上查看探测链路的探测结果。

    [RouterA] display smart-policy-route link-state
    --------------------------------------------------------------------------------
    link-name                               Delay         Jitter       Loss         
    --------------------------------------------------------------------------------
    GigabitEthernet1/0/0                    5000          3000         1000         
    GigabitEthernet2/0/0                    5000          3000         1000         
    --------------------------------------------------------------------------------

    # 在RouterA上查看业务map1的选路信息。

    [RouterA] display smart-policy-route service-map map1
    --------------------------------------------------------------------------------
    Match acl         : 3000                                                        
    DelayThreshold    : 1000                                                        
    LossThreshold     : 1000                                                        
    JitterThreshold   : 3000                                                        
    CmiThreshold      : 0                                                           
    GroupName         : group1                                                      
    BackupGroupName   : group2                                                      
    Description       :                                                             
    Cmi-Method        : d+l+j                                                       
    CurLinkName       : GigabitEthernet1/0/0                                               
    --------------------------------------------------------------------------------

配置文件
RouterA的配置文件                                                                            
     sysname RouterA                                                                
    #                                                                               
    acl number 3000                                                                 
     rule 5 permit ip destination 196.1.1.1 0                                       
    #                                                                               
    interface GigabitEthernet1/0/0                                                         
     ip address 202.1.1.1 255.255.255.0                                             
    #                                                                               
    interface GigabitEthernet2/0/0                                                         
     ip address 178.1.1.1 255.255.255.0                                             
    #                                                                               
    nqa test-instance admin nqa1                                                    
     test-type jitter                                                               
     destination-address ipv4 202.1.2.1                                             
     destination-port 10000                                                         
     hardware-based enable                                                          
     frequency 10                                                                   
     source-interface GigabitEthernet1/0/0                                                 
     start now                                                                      
    nqa test-instance admin nqa2                                                    
     test-type jitter                                                               
     destination-address ipv4 178.1.2.1                                             
     destination-port 10001                                                         
     hardware-based enable                                                          
     frequency 10                                                                   
     source-interface GigabitEthernet2/0/0                                                 
     start now                                                                      
    #                                                                               
    smart-policy-route                                                              
     period 50                                                                      
     route flapping suppression 100                                                 
     prober GigabitEthernet1/0/0 nqa admin nqa1                                            
     prober GigabitEthernet2/0/0 nqa admin nqa2                                            
     link-group group1                                                              
      link-member GigabitEthernet1/0/0                                                     
     link-group group2                                                              
      link-member GigabitEthernet2/0/0                                                     
     service-map map1                                                               
      match acl 3000                                                                
      set delay threshold 1000                                                      
      set link-group group1                                                         
      set link-group group2 backup                                                  
    #                                                                               
     ip route-static 202.1.2.0 255.255.255.0 202.1.1.2                              
     ip route-static 178.1.2.0 255.255.255.0 178.1.1.2                              
    #                                                                               

RouterB的配置文件
    #
     sysname RouterB
    #                                                                               
    interface GigabitEthernet1/0/0                                                         
     ip address 202.1.2.1 255.255.255.0                                             
    #                                                                               
    interface GigabitEthernet2/0/0                                                  
     ip address 178.1.2.1 255.255.255.0                                             
    #                                                                               
    nqa-server udpecho 178.1.2.1 10001                                              
    nqa-server udpecho 202.1.2.1 10000                                              
    #                                                                               
     ip route-static 202.1.1.0 255.255.255.0 202.1.2.2                              
     ip route-static 178.1.1.0 255.255.255.0 178.1.2.2                              
    #                                                                               

RouterC的配置文件
    #
     sysname RouterC
    #                                                                               
    interface GigabitEthernet1/0/0                                                         
     ip address 202.1.1.2 255.255.255.0                                             
    #                                                                               
    interface GigabitEthernet2/0/0                                                  
     ip address 202.1.2.2 255.255.255.0                                             
    #                                                                               

RouterD的配置文件
    #
     sysname RouterD
    #                                                                               
    interface GigabitEthernet1/0/0                                                         
     ip address 178.1.1.2 255.255.255.0                                             
    #                                                                               
    interface GigabitEthernet2/0/0                                                  
     ip address 178.1.2.2 255.255.255.0                                             
    #                                                     


PBR策略路由(列表、list、全)策略路由list、pbrlist
http://www.zh-cjh.com/wenzhangguilei/975.html
文章归类、所有文章列表、LISTLIST
http://www.zh-cjh.com/wangzhangonggao/2195.html

1、本站资源长期持续更新。
2、本资源基本为原创,部分来源其他付费资源平台或互联网收集,如有侵权请联系及时处理。
3、本站大部分文章的截图来源实验测试环境,请不要在生产环境中随意模仿,以免带来灾难性后果。

转载请保留出处:  www.zh-cjh.com珠海陈坚浩博客 » 华为路由器配置 智能策略路由 的基本功能示例(策略路由、PBR)

作者: cjh


手机扫一扫,手机上查看此文章:

一切源于价值!

其他 模板文件不存在: ./template/plugins/comment/pc/index.htm

未雨绸缪、居安思危!

数据安全、有备无患!

注意操作、数据无价!

一切源于价值!