|
|
有时候为了保证我们网络的稳定性和可靠性,可能会申请两条出口链路,使用两个路由器。在其中的一个路由器无法正常工作时,由另外一个路由器来接管相应的工作。实现的原理是利用RFC2338中描述的VRRP(Virtual Router Redundancy Protocol)协议。实现的工具是keepalived。
实验名称:利用VRRP功能实现简单的路由器备份
操作系统:RedHat 7.3
所使用的内核:linux-2.4.24
实验用到的模块: keepalived-1.16.tar.gz(如果对VRRP和Keepalived不太了解,先看看这里)
网络结构如下图所示:图中的V-Gate就是VRRP中的VIP。
网络中有两个Linux Router:
(1), Master(eth0:192.168.1.10/24接外网; eth1:192.168.3.1/24接内网)
(2), Backup(eth0:192.168.2.10/24接外网; eth1:192.168.3.2/24接内网)
内网的IP地址段为192.168.3.0/24,网关(V-Gate)为192.168.3.3/24,记住192.168.3.3/24这个地址是在Keepalived启动时生效的。
首先我们在Linux Router Master上安装keepalived-1.1.6.tar.gz
(1),下载keepalived-1.1.6.tar.gz (http://www.keepalived.org)
(2),解压缩:
#tar zxvf keepalived-1.1.6.tar.gz
(3)编译keepalived
#cd keepalived-1.1.6
#./configure –prefix=/usr/local/keepalived
#make
(4)安装keepalived
#make install
(5)配置Linux Router Master的VRRP,
#vi /usr/local/keepalived/etc/keepalived/keepalived.conf
内容如下:
--------------------------------------------------------------------------------
vrrp_instance VI_1 {
state MASTER
interface eth1
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.3.3
}
}
--------------------------------------------------------------------------------
在Linux Router Backup上安装keepalived的方法是相同的,不同的是配置文件/usr/local/keepalived/etc/keepalived/keepalived.conf,如下:
--------------------------------------------------------------------------------
vrrp_instance VI_1 {
state BACKUP
interface eth1
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.3.3
}
}
--------------------------------------------------------------------------------
在启动Master上的keepalived之前,我们先看一下Master上eth1的情况:
--------------------------------------------------------------
# ip add show eth1
8: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:e0:4c:3a:d7:25 brd ff:ff:ff:ff:ff:ff
inet 192.168.3.1/24 brd 192.168.3.255 scope global eth1
inet6 fe80::2e0:4cff:fe3a:d725/64 scope link
--------------------------------------------------------------
我们看到只有一个IP地址:192.168.3.1/24,现在我们启动Master上的keepalived
#/usr/local/keepalived/sbin/keepalived –D –f /usr/local/keepalived/etc/keepalived/keepalived.conf
现在我们再看一下Master上eth1的情况:
--------------------------------------------------------------
# ip add show eth1
8: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:e0:4c:3a:d7:25 brd ff:ff:ff:ff:ff:ff
inet 192.168.3.1/24 brd 192.168.3.255 scope global eth1
inet 192.168.3.3/32 scope global eth1
inet6 fe80::2e0:4cff:fe3a:d725/64 scope link
---------------------------------------------------------------
我们看到有两个IP地址,其中一个就是V-Gate:192.168.3.3/32
用同样的方法启动Backup上的keepalived
#/usr/local/keepalived/sbin/keepalived –D –f /usr/local/keepalived/etc/keepalived/keepalived.conf
这样,当Master失效时,Backup就会通过MultiCast地址:224.0.0.18这个组播地址,获得这个消息,并将192.168.3.3这个地址接管过来。
总结,请你注意一下我们这个实验的题目“利用Keepalived的VRRP功能实现简单的路由器备份”,而不是路由备份。我们这个实验的目的,是让大家熟悉VRRP协议和如何利用Keepalived实现VRRP协议。 |
|
|手机版|小黑屋|林海谐缘论坛
( 豫ICP备07015145号 ) |
IP卡
狗仔卡
发表于 2006-5-13 15:07:51
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡
发表于 2008-10-19 14:27:35