登录到sw2上配置二层转发交换机, 这里我们使用Cumulus提供的命令行工具NCLU(Network Command Line Utility):
1 2 3
vagrant@sw2:~$ sudo su - cumulus cumulus@sw2:~$ net add bridge br1 ports swp1-3 cumulus@sw2:~$ net commit
查看接口情况:
1 2 3 4 5 6 7 8 9 10
root@sw2:~# net show interface State Name Spd MTU Mode LLDP Summary ----- ---- --- ----- --------- ---- ---------------------- UP lo N/A 65536 Loopback IP: 127.0.0.1/8 lo IP: ::1/128 UP eth0 1G 1500 Mgmt IP: 10.0.2.15/24(DHCP) UP swp1 1G 1500 Access/L2 Master: br1(UP) UP swp2 1G 1500 Access/L2 Master: br1(UP) UP swp3 1G 1500 Access/L2 Master: br1(UP) UP br1 N/A 1500 Bridge/L2
此时再次从lb2访问lb1, 访问成功:
1 2 3 4 5 6 7 8
root@lb2:/home/vagrant# ping -c2 192.168.100.2 PING 192.168.100.2 (192.168.100.2) 56(84) bytes of data. 64 bytes from 192.168.100.2: icmp_seq=1 ttl=64 time=2.25 ms 64 bytes from 192.168.100.2: icmp_seq=2 ttl=64 time=1.39 ms
--- 192.168.100.2 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1002ms rtt min/avg/max/mdev = 1.398/1.825/2.253/0.429 ms
接下来我们配置router:
1 2 3
cumulus@router:~$ net add interface swp1 ip address 172.16.100.1/24 cumulus@router:~$ net add interface swp2 ip address 192.168.100.1/24 cumulus@router:~$ net commit
查看接口情况:
1 2 3 4 5 6 7 8
cumulus@router:~$ net show interface State Name Spd MTU Mode LLDP Summary ----- ---- --- ----- ------------ ---------- ---------------------- UP lo N/A 65536 Loopback IP: 127.0.0.1/8 lo IP: ::1/128 UP eth0 1G 1500 Mgmt IP: 10.0.2.15/24(DHCP) UP swp1 1G 1500 Interface/L3 IP: 172.16.100.1/24 UP swp2 1G 1500 Interface/L3 sw2 (swp1) IP: 192.168.100.1/24
配置二层交换机sw1:
1 2
root@sw1:~# net add bridge br1 ports swp1-2 root@sw1:~# net commit
查看接口:
1 2 3 4 5 6 7 8 9
root@sw1:~# net show interface State Name Spd MTU Mode LLDP Summary ----- ---- --- ----- --------- ------------- ---------------------- UP lo N/A 65536 Loopback IP: 127.0.0.1/8 lo IP: ::1/128 UP eth0 1G 1500 Mgmt IP: 10.0.2.15/24(DHCP) UP swp1 1G 1500 Access/L2 router (swp1) Master: br1(UP) UP swp2 1G 1500 Access/L2 Master: br1(UP) UP br1 N/A 1500 Bridge/L2
配置客户端虚拟机cli:
1 2 3 4
ip addr add 172.16.100.2/24 dev enp0s8 ip link set up enp0s8 ip route del default ip route add default via 172.16.100.1
此时从客户端cli访问两个LB的自身IP地址,访问都可以成功:
1 2 3 4 5 6 7 8
root@cli:/home/vagrant# ping -c2 192.168.100.2 PING 192.168.100.2 (192.168.100.2) 56(84) bytes of data. 64 bytes from 192.168.100.2: icmp_seq=1 ttl=63 time=2.85 ms 64 bytes from 192.168.100.2: icmp_seq=2 ttl=63 time=3.17 ms
--- 192.168.100.2 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1001ms rtt min/avg/max/mdev = 2.854/3.012/3.170/0.158 ms
1 2 3 4 5 6 7 8
root@cli:/home/vagrant# ping -c2 192.168.100.3 PING 192.168.100.3 (192.168.100.3) 56(84) bytes of data. 64 bytes from 192.168.100.3: icmp_seq=1 ttl=63 time=2.80 ms 64 bytes from 192.168.100.3: icmp_seq=2 ttl=63 time=3.81 ms
--- 192.168.100.3 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1002ms rtt min/avg/max/mdev = 2.806/3.308/3.811/0.505 ms
接下来我们在router上配置OSPF:
1 2 3
net add ospf router-id 192.168.100.1 net add ospf network 192.168.100.0/24 area 0.0.0.0 net commit
ip addr add 10.10.10.10/32 dev lo ip addr add 10.10.10.11/32 dev lo ip addr add 10.10.10.12/32 dev lo
接着,修改/etc/frr/daemons文件, 确保ospfd配置开启:
1
ospfd=yes
创建ospfd.conf文件, 没有该文件ospfd进程不会启动:
1
touch /etc/frr/ospfd.conf
修改配置文件/etc/frr/frr.conf, 添加内容:
1 2 3 4 5 6 7 8
router ospf ospf router-id 192.168.100.2 network 192.168.100.0/24 area 0.0.0.0 network 10.10.10.0/24 area 0.0.0.0 ! interface enp0s8 ip ospf area 0.0.0.0 !
启动FRR:
1
systemctl start frr
在lb2上也完成相应修改。
此时我们在router上查看OSPF路由信息, 可以看到3个VIP的路由信息都已学习到:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
root@router:~# net show route ospf RIB entry for ospf ================== Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, > - selected route, * - FIB route
O>* 10.10.10.10/32 [110/100] via 192.168.100.2, swp2, 00:24:08 * via 192.168.100.3, swp2, 00:24:08 O>* 10.10.10.11/32 [110/100] via 192.168.100.2, swp2, 00:24:08 * via 192.168.100.3, swp2, 00:24:08 O>* 10.10.10.12/32 [110/100] via 192.168.100.2, swp2, 00:24:08 * via 192.168.100.3, swp2, 00:24:08 O 192.168.100.0/24 [110/100] is directly connected, swp2, 02:07:49
fib_multipath_hash_policy - INTEGER Controls which hash policy to use for multipath routes. Only valid for kernels built with CONFIG_IP_ROUTE_MULTIPATH enabled. Default: 0 (Layer 3) Possible values: 0 - Layer 3 1 - Layer 4 2 - Layer 3 or inner Layer 3 if present