# 10.静态路由、Track与NQA联动,设置浮动备份路由 ## 1 简介 本案例介绍静态路由、Track与NQA联动的配置方法。 ## 2 组网需求 如[图](https://pic.chjina.com/2024/07/03/d0ce27a786811ee8d3666a23ec97c890.png)所示,Switch A、Switch B、Switch C和Switch D连接了20.1.1.0/24和30.1.1.0/24两个网段,在交换机上配置静态路由以实现两个网段的互通,并配置路由备份以提高网络的可靠性。 Switch A作为20.1.1.0/24网段内主机的缺省网关,在Switch A上存在两条到达30.1.1.0/24网段的静态路由,下一跳分别为Switch B和Switch C。这两条静态路由形成备份,其中: * 下一跳为Switch B的静态路由优先级高,作为主路由。该路由可达时,Switch A通过Switch B将报文转发到30.1.1.0/24网段。 * 下一跳为Switch C的静态路作为备份路由。 * 在Switch A上通过静态路由、Track与NQA联动,实时判断主路由是否可达。当主路由不可达时,备份路由生效,Switch A通过Switch C将报文转发到30.1.1.0/24网段。 同样地,Switch D作为30.1.1.0/24网段内主机的缺省网关,在Switch D上存在两条到达20.1.1.0/24网段的静态路由,下一跳分别为Switch B和Switch C。这两条静态路由形成备份,其中: * 下一跳为Switch B的静态路由优先级高,作为主路由。该路由可达时,Switch D通过Switch B将报文转发到20.1.1.0/24网段。 * 下一跳为Switch C的静态路作为备份路由。 * 在Switch D上通过静态路由、Track与NQA联动,实时判断主路由是否可达。当主路由不可达时,备份路由生效,Switch D通过Switch C将报文转发到20.1.1.0/24网段。 图6 静态路由、Track与NQA联动配置组网图 ![img](https://resource.h3c.com/cn/202303/28/20230328_8774740_x_Img_x_png_7_1816253_30005_0.png) 此应用场景下,请确保生成树协议处于未使能状态。 ## 3 配置思路 配置思路如下: (1) 配置各设备IP地址 (2) 配置静态路由 配置主备静态路由,其中下一跳为Switch B的静态路由优先级高,作为主路由,下一跳为Switch C的静态路作为备份路由。 (3) 配置NQA测试 分别在Switch A和Switch D上配置NQA检测Switch A-Switch B-Switch D这条路径的连通性。通过Track关联NQA测试组,实现静态路由、Track与NQA联动。 ## 4 配置步骤 ### 1. 配置Switch A \# 创建VLAN,在VLAN中加入对应的端口,并配置各VLAN接口的IP地址。 ``` system-view [SwitchA] vlan 2 [SwitchA-vlan2] port gigabitethernet 1/0/1 [SwitchA-vlan2] quit [SwitchA] vlan 3 [SwitchA-vlan3] port gigabitethernet 1/0/2 [SwitchA-vlan3] quit [SwitchA] vlan 6 [SwitchA-vlan6] port gigabitethernet 1/0/3 [SwitchA-vlan6] quit [SwitchA] interface vlan-interface 2 [SwitchA-Vlan-interface2] ip address 10.1.1.1 24 [SwitchA-Vlan-interface2] quit [SwitchA] interface vlan-interface 3 [SwitchA-Vlan-interface3] ip address 10.3.1.1 24 [SwitchA-Vlan-interface3] quit [SwitchA] interface vlan-interface 6 [SwitchA-Vlan-interface6] ip address 20.1.1.1 24 [SwitchA-Vlan-interface6] quit ``` \# 配置到达30.1.1.0/24网段的静态路由:下一跳地址为10.1.1.2,优先级为缺省值60,该路由与Track项1关联。 ``` [SwitchA] ip route-static 30.1.1.0 24 10.1.1.2 track 1 ``` \# 配置到达10.2.1.0/24网段的静态路由:下一跳地址为10.1.1.2,优先级为缺省值60。 ``` [SwitchA] ip route-static 10.2.1.0 24 10.1.1.2 ``` \# 配置到达30.1.1.0/24网段的静态路由:下一跳地址为10.3.1.3,优先级为80。 ``` [SwitchA] ip route-static 30.1.1.0 24 10.3.1.3 preference 80 ``` \# 配置到达10.4.1.0/24网段的静态路由:下一跳地址为10.3.1.3,优先级为80。 ``` [SwitchA] ip route-static 10.4.1.0 24 10.3.1.3 preference 80 ``` \# 配置到达10.2.1.4的静态路由:下一跳地址为10.1.1.2。 ``` [SwitchA] ip route-static 10.2.1.4 24 10.1.1.2 ``` \# 创建管理员名为admin、操作标签为test的NQA测试组。 ``` [SwitchA] nqa entry admin test ``` \# 配置测试类型为ICMP-echo。 ``` [SwitchA-nqa-admin-test] type icmp-echo ``` \# 配置测试的目的地址为10.2.1.4,下一跳地址为10.1.1.2,以便通过NQA检测Switch A-Switch B-Switch D这条路径的连通性。 ``` [SwitchA-nqa-admin-test-icmp-echo] destination ip 10.2.1.4 [SwitchA-nqa-admin-test-icmp-echo] next-hop ip 10.1.1.2 ``` \# 配置测试频率为100ms。 ``` [SwitchA-nqa-admin-test-icmp-echo] frequency 100 ``` \# 配置联动项1(连续失败5次触发联动)。 ``` [SwitchA-nqa-admin-test-icmp-echo] reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only [SwitchA-nqa-admin-test-icmp-echo] quit ``` \# 启动探测。 ``` [SwitchA] nqa schedule admin test start-time now lifetime forever ``` \# 配置Track项1,并进入Track视图,关联NQA测试组(管理员为admin,操作标签为test)的联动项1。 ``` [SwitchA] track 1 nqa entry admin test reaction 1 [SwitchA-track-1] quit ``` \# 保存配置。 ``` [SwitchA] save force ``` ### 2. 配置Switch B \# 创建VLAN,在VLAN中加入对应的端口,并配置各VLAN接口的IP地址。并配置全网路由 ``` system-view [SwitchB] vlan 2 [SwitchB-vlan2] port gigabitethernet 1/0/1 [SwitchB-vlan2] quit [SwitchB] vlan 5 [SwitchB-vlan5] port gigabitethernet 1/0/2 [SwitchB-vlan5] quit [SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] ip address 10.1.1.2 24 [SwitchB-Vlan-interface2] quit [SwitchB] interface vlan-interface 5 [SwitchB-Vlan-interface5] ip address 10.2.1.2 24 [SwitchB-Vlan-interface5] quit ``` \# 配置到达30.1.1.0/24网段的静态路由:下一跳地址为10.2.1.4。 ``` [SwitchB] ip route-static 30.1.1.0 24 10.2.1.4 ``` \# 配置到达20.1.1.0/24网段的静态路由:下一跳地址为10.1.1.1。 ``` [SwitchB] ip route-static 20.1.1.0 24 10.1.1.1 ``` \# 保存配置。 ``` [SwitchB] save force ``` ### 3. 配置Switch C \# 创建VLAN,在VLAN中加入对应的端口,并配置各VLAN接口的IP地址。 ``` system-view [SwitchC] vlan 3 [SwitchC-vlan3] port gigabitethernet 1/0/1 [SwitchC-vlan3] quit [SwitchC] vlan 4 [SwitchC-vlan4] port gigabitethernet 1/0/2 [SwitchC-vlan4] quit [SwitchC] interface vlan-interface 3 [SwitchC-Vlan-interface3] ip address 10.3.1.3 24 [SwitchC-Vlan-interface3] quit [SwitchC] interface vlan-interface 4 [SwitchC-Vlan-interface4] ip address 10.4.1.3 24 [SwitchC-Vlan-interface4] quit ``` \# 配置到达30.1.1.0/24网段的静态路由:下一跳地址为10.4.1.4。 ``` [SwitchC] ip route-static 30.1.1.0 24 10.4.1.4 ``` \# 配置到达20.1.1.0/24网段的静态路由:下一跳地址为10.3.1.1。 ``` [SwitchC] ip route-static 20.1.1.0 24 10.3.1.1 ``` \# 保存配置。 ``` [SwitchC] save force ``` ### 4. 配置Switch D \# 创建VLAN,在VLAN中加入对应的端口,并配置各VLAN接口的IP地址。 ``` system-view [SwitchD] vlan 4 [SwitchD-vlan4] port gigabitethernet 1/0/1 [SwitchD-vlan4] quit [SwitchD] vlan 5 [SwitchD-vlan5] port gigabitethernet 1/0/2 [SwitchD-vlan5] quit [SwitchD] vlan 7 [SwitchD-vlan7] port gigabitethernet 1/0/3 [SwitchD-vlan7] quit [SwitchD] interface vlan-interface 4 [SwitchD-Vlan-interface6] ip address 10.4.1.4 24 [SwitchD-Vlan-interface6] quit [SwitchD] interface vlan-interface 5 [SwitchD-Vlan-interface5] ip address 10.2.1.4 24 [SwitchD-Vlan-interface5] quit [SwitchD] interface vlan-interface 7 [SwitchD-Vlan-interface7] ip address 30.1.1.1 24 [SwitchD-Vlan-interface7] quit ``` \# 配置到达20.1.1.0/24网段的静态路由:下一跳地址为10.2.1.2,优先级为缺省值60,该路由与Track项1关联。 ``` [SwitchD] ip route-static 20.1.1.0 24 10.2.1.2 track 1 ``` \# 配置到达10.1.1.0/24网段的静态路由:下一跳地址为10.2.1.2,优先级为缺省值60。 ``` [SwitchD] ip route-static 10.1.1.0 24 10.2.1.2 ``` \# 配置到达20.1.1.0/24网段的静态路由:下一跳地址为10.4.1.3,优先级为80。 ``` [SwitchD] ip route-static 20.1.1.0 24 10.4.1.3 preference 80 ``` \# 配置到达10.3.1.0/24网段的静态路由:下一跳地址为10.4.1.3,优先级为80。 ``` [SwitchD] ip route-static 10.3.1.0 24 10.4.1.3 preference 80 ``` \# 配置到达10.1.1.1的静态路由:下一跳地址为10.2.1.2。 ``` [SwitchD] ip route-static 10.1.1.1 24 10.2.1.2 ``` \# 创建管理员名为admin、操作标签为test的NQA测试组。 ``` [SwitchD] nqa entry admin test ``` \# 配置测试类型为ICMP-echo。 ``` [SwitchD-nqa-admin-test] type icmp-echo ``` \# 配置测试的目的地址为10.1.1.1,下一跳地址为10.2.1.2,以便通过NQA检测Switch D-Switch B-Switch A这条路径的连通性。 ``` [SwitchD-nqa-admin-test-icmp-echo] destination ip 10.1.1.1 [SwitchD-nqa-admin-test-icmp-echo] next-hop ip 10.2.1.2 ``` \# 配置测试频率为100ms。 ``` [SwitchD-nqa-admin-test-icmp-echo] frequency 100 ``` \# 配置联动项1(连续失败5次触发联动)。 ``` [SwitchD-nqa-admin-test-icmp-echo] reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only [SwitchD-nqa-admin-test-icmp-echo] quit ``` \# 启动探测。 ``` [SwitchD] nqa schedule admin test start-time now lifetime forever ``` \# 配置Track项1,并进入Track视图,关联NQA测试组(管理员为admin,操作标签为test)的联动项1。 ``` [SwitchD] track 1 nqa entry admin test reaction 1 [SwitchD-track-1] quit ``` \# 保存配置。 ``` [SwitchD] save force ``` ## 5 验证配置 显示Switch A上Track项的信息。 ``` [SwitchA] display track all Track ID: 1 State: Positive Duration: 0 days 0 hours 0 minutes 32 seconds Tracked object type: NQA Notification delay: Positive 0, Negative 0 (in seconds) Tracked object: NQA entry: admin test Reaction: 1 Remote IP/URL: 10.2.1.4 Local IP: -- Interface: -- ``` 显示Switch A的路由表。 ``` [SwitchA] display ip routing-table Destinations : 10 Routes : 10 Destination/Mask Proto Pre Cost NextHop Interface 10.1.1.0/24 Direct 0 0 10.1.1.1 Vlan2 10.1.1.1/32 Direct 0 0 127.0.0.1 InLoop0 10.2.1.0/24 Static 60 0 10.1.1.2 Vlan2 10.3.1.0/24 Direct 0 0 10.3.1.1 Vlan3 10.3.1.1/32 Direct 0 0 127.0.0.1 InLoop0 20.1.1.0/24 Direct 0 0 20.1.1.1 Vlan6 20.1.1.1/32 Direct 0 0 127.0.0.1 InLoop0 30.1.1.0/24 Static 60 0 10.1.1.2 Vlan2 127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0 ``` 以上显示信息表示,NQA测试的结果为主路由可达(Track项状态为Positive),Switch A通过Switch B将报文转发到30.1.1.0/24网段。 \# 在Switch B上关闭VLAN接口2对应的以太网接口。 ``` system-view [SwitchB] interface gigabitethernet 1/0/1 [SwitchB-Gigabitethernet 1/0/1] shutdown ``` \# 显示Switch A上Track项的信息。 ``` [SwitchA] display track all Track ID: 1 State: Negative Duration: 0 days 0 hours 0 minutes 32 seconds Tracked object type: NQA Notification delay: Positive 0, Negative 0 (in seconds) Tracked object: NQA entry: admin test Reaction: 1 Remote IP/URL: 10.2.1.4 Local IP: -- Interface: -- ``` \# 显示Switch A的路由表。 ``` [SwitchA] display ip routing-table Destinations : 10 Routes : 10 Destination/Mask Proto Pre Cost NextHop Interface 10.1.1.0/24 Direct 0 0 10.1.1.1 Vlan2 10.1.1.1/32 Direct 0 0 127.0.0.1 InLoop0 10.2.1.0/24 Static 60 0 10.1.1.2 Vlan2 10.3.1.0/24 Direct 0 0 10.3.1.1 Vlan3 10.3.1.1/32 Direct 0 0 127.0.0.1 InLoop0 20.1.1.0/24 Direct 0 0 20.1.1.1 Vlan6 20.1.1.1/32 Direct 0 0 127.0.0.1 InLoop0 30.1.1.0/24 Static 80 0 10.3.1.3 Vlan3 127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0 ``` 以上显示信息表示,NQA测试的结果为主路由不可达(Track项状态为Negative),则备份路由生效,Switch A通过Switch C将报文转发到30.1.1.0/24网段。 \# 主路由出现故障后,20.1.1.0/24网段内的主机仍然可以与30.1.1.0/24网段内的主机通信。 ``` [SwitchA] ping -a 20.1.1.1 30.1.1.1 Ping 30.1.1.1: 56 data bytes, press CTRL+C to break Reply from 30.1.1.1: bytes=56 Sequence=1 ttl=254 time=2 ms Reply from 30.1.1.1: bytes=56 Sequence=2 ttl=254 time=1 ms Reply from 30.1.1.1: bytes=56 Sequence=3 ttl=254 time=1 ms Reply from 30.1.1.1: bytes=56 Sequence=4 ttl=254 time=2 ms Reply from 30.1.1.1: bytes=56 Sequence=5 ttl=254 time=1 ms --- Ping statistics for 30.1.1.1 --- 5 packet(s) transmitted, 5 packet(s) received, 0.00% packet loss round-trip min/avg/max/std-dev = 1/1/2/1 ms ``` \# Switch D上的显示信息与Switch A类似。主路由出现故障后,30.1.1.0/24网段内的主机仍然可以与20.1.1.0/24网段内的主机通信。 ``` [SwitchD] ping -a 30.1.1.1 20.1.1.1 Ping 20.1.1.1: 56 data bytes, press CTRL+C to break Reply from 20.1.1.1: bytes=56 Sequence=1 ttl=254 time=2 ms Reply from 20.1.1.1: bytes=56 Sequence=2 ttl=254 time=1 ms Reply from 20.1.1.1: bytes=56 Sequence=3 ttl=254 time=1 ms Reply from 20.1.1.1: bytes=56 Sequence=4 ttl=254 time=1 ms Reply from 20.1.1.1: bytes=56 Sequence=5 ttl=254 time=1 ms --- Ping statistics for 20.1.1.1 --- 5 packet(s) transmitted, 5 packet(s) received, 0.00% packet loss round-trip min/avg/max/std-dev = 1/1/2/1 ms ``` ## 6 配置文件 * Switch A: ``` # vlan 2 \# vlan 3 \# vlan 6 \# nqa entry admin test type icmp-echo destination ip 10.2.1.4 frequency 100 next-hop ip 10.1.1.2 reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only \# nqa schedule admin test start-time now lifetime forever \# interface Vlan-interface2 ip address 10.1.1.1 255.255.255.0 \# interface Vlan-interface3 ip address 10.3.1.1 255.255.255.0 \# interface Vlan-interface6 ip address 20.1.1.1 255.255.255.0 \# interface GigabitEthernet1/0/1 port link-mode bridge port access vlan 2 \# interface GigabitEthernet1/0/2 port link-mode bridge port access vlan 3 \# interface GigabitEthernet1/0/3 port link-mode bridge port access vlan 6 \# ip route-static 10.2.1.0 24 10.1.1.2 ip route-static 30.1.1.0 24 10.1.1.2 track 1 ip route-static 10.4.1.0 24 10.3.1.3 preference 80 ip route-static 30.1.1.0 24 10.3.1.3 preference 80 \# track 1 nqa entry admin test reaction 1 \# ``` * Switch D ``` # vlan 4 \# vlan 5 \# vlan 7 \# nqa entry admin test type icmp-echo destination ip 10.1.1.1 frequency 100 next-hop ip 10.2.1.2 reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only \# nqa schedule admin test start-time now lifetime forever \# interface Vlan-interface4 ip address 10.4.1.4 255.255.255.0 \# interface Vlan-interface5 ip address 10.2.1.4 255.255.255.0 \# interface Vlan-interface7 ip address 30.1.1.1 255.255.255.0 \# interface GigabitEthernet1/0/1 port link-mode bridge port access vlan 4 \# interface GigabitEthernet1/0/2 port link-mode bridge port access vlan 5 \# interface GigabitEthernet1/0/3 port link-mode bridge port access vlan 7 \# ip route-static 10.1.1.0 24 10.2.1.2 ip route-static 20.1.1.0 24 10.2.1.2 track 1 ip route-static 10.3.1.0 24 10.4.1.3 preference 80 ip route-static 20.1.1.0 24 10.4.1.3 preference 80 \# track 1 nqa entry admin test reaction 1 \# ``` ## 注意事项 ### 1.nqa启动报错 Incomplete NQA operation parameters. Can't start the NQA operation. 检查配置 ``` [DeviceA-nqa-admin-test1] type icmp-echo [DeviceA-nqa-admin-test1-icmp-echo] destination ip 10.2.2.2 是否写成了description ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.chjina.com/it-zhi-shi-ku/lu-you-jiao-huan/hua-san/10.-jing-tai-lu-you-track-yu-nqa-lian-dong-she-zhi-fu-dong-bei-fen-lu-you.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.