基于策略路由应用实例:多链路负载均衡
在网络中实施基于策略的路由有以下优点:
1、基于源的供应商选择:通过策略路由使源于不同用户组的数据流选择经过不同的Internet连接。
2、服务质量:可以通过在网络边缘路由器上设置IP数据包包头中的优先级或TOS值,并利用队列机制在网络核心或主干中为数据流划分不同的优先级,来为不同的数据流提供不同级别的QoS。
3、负载均衡:网络管理员可以通过策略路由在多条路径上分发数据流。
4、网络管理更加灵活。
二、双出口配置实例
(一)实验拓朴:
(二)实验要求:
1、R1连接本地子网,R2为边缘策略路由器,R3模拟双ISP接入的Internet环境。
2、要求R1所连接的局域网部分流量走R2-R3间上条链路(ISP1链路),部分流量走R2-R3间下条链路(ISP2链路)从而实现基于源的供应商链路选择和网络负载均衡。
(三)各路由器配置如下:
R1#sh run //路由器R1的配置
……
interface Loopback0 //模拟子网一:192.168.1.0/24
ip address 192.168.1.1 255.255.255.0 //模拟子网中第一台主机
ip address 192.168.1.2 255.255.255.0 secondary //模拟子网中第二台主机
!
interface Loopback2 //模拟子网二:192.168.2.0/24
ip address 192.168.2.1 255.255.255.0
ip address 192.168.2.2 255.255.255.0 secondary
!
interface FastEthernet0/0
ip address
duplex half
!
……
!
router rip //通过RIP协议配置网络的连通性
version 2
network 192.168.1.0
network 192.168.1.0
network
……
end
-----------------------------
R3#sh run //路由器R3的配置
Building configuration...
……
interface Loopback0 //模拟一个连接目标
description to internet
ip address 100.100.100.100 255.255.255.0
!
interface Serial1/1 //模拟ISP1的接入端口
ip address 123.0.0.3 255.255.255.0
serial restart-delay 0
!
……
interface Serial1/3 //模拟ISP2的接入端口
ip address 223.0.0.3 255.255.255.0
serial restart-delay 0
!
router rip
version 2
network 100.0.0.0
network 123.0.0.0
network 223.0.0.0
no auto-summary
!
……
end
---------------------------------------------------------------------------------
R2#sh run //策略路由器R2的配置
Building configuration...
……
interface FastEthernet0/0
ip address
ip policy route-map isp-test //在接口上启用策略路由isp-test进行流量控制
duplex half
!
……
interface Serial1/1
ip address 123.0.0.1 255.255.255.0
serial restart-delay 0
!
interface Serial1/3
ip address 223.0.0.1 255.255.255.0
serial restart-delay 0
……
router rip
version 2
network
network 123.0.0.0
network 223.0.0.0
no auto-summary
……
logging alarm informational
access-list 101 permit ip 192.168.1.0
access-list 102 permit ip 192.168.2.0
!
route-map isp-test permit 10 //定义route-map,取名为isp-test,序列为10
match ip address 101 //检查源地址,匹配acl 101
set ip default next-hop 123.0.0.3 //指定下一跳地址
!
route-map isp-test permit 20 //定义isp-test的第二条语句,序列号为20
match ip address 102 //检查源地下,匹配acl102
set ip default next-hop 223.0.0.3
!
route-map isp-test permit 30 //定义isp-test的第三条语句,序列号为30
set default interface Null0 //丢弃不匹配规定标准的包
……
end
---------------------------------------------------------------------------------
(四)调试
R2#sh ip policy //显示应用的策略
Interface Route map
Fa0/0 isp-acc
R2#sh route-map isp-test //显示配置的路由映射图
route-map isp-test, permit, sequence 10
Match clauses:
ip address (access-lists): 101
Set clauses:
ip default next-hop 123.0.0.3
Policy routing matches: 0 packets, 0 bytes
route-map isp-test, permit, sequence 20
Match clauses:
ip address (access-lists): 102
Set clauses:
ip default next-hop 223.0.0.3
Policy routing matches: 0 packets, 0 bytes
route-map isp-test, permit, sequence 30
Match clauses:
Set clauses:
default interface Null0
Policy routing matches: 0 packets, 0 bytes
========================================================================
R1#traceroute //路由跟踪
Protocol [ip]: //ip流量
Target IP address: 100.100.100.100 //目标地
Source address: 192.168.1.1 //源地址为子网一的第一台主机
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 100.100.100.100
1
2 123.0.0.3 288 msec 360 msec * //ISP1入口
-------------------------------------------------------------------------------
R1# traceroute
Protocol [ip]:
Target IP address: 100.100.100.100
Source address: 192.168.1.2 //源地址为子网一的第二台主机
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 100.100.100.100
1
2 123.0.0.3 416 msec 436 msec * //ISP1入口
----------------------------------------------------------------------------------
R1#traceroute
Protocol [ip]:
Target IP address: 100.100.100.100
Source address: 192.168.2.1 //源地址为子网二的第一台主机
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 100.100.100.100
1
2 223.0.0.3 356 msec * 132 msec //ISP2入口
---------------------------------------------------------
R1#traceroute
Protocol [ip]:
Target IP address: 100.100.100.100
Source address: 192.168.2.2 //源地址为子网二中第二台主机
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 100.100.100.100
1
2 223.0.0.3 300 msec * 196 msec //ISP2入口
-----------------------------------------------------
(五)小结:
通过以上实验,可以看到子网一(192.168.1.0/24)的流量都经过R2-R3的上一条链路选择了ISP1链路,子网二(192.168.2.0/24)的流量都经过R2-R3的下一条链路选择了ISP2链路。所以通过策略路由实现基于源的供应商选择和网络的负载均衡。
本文来源:不详 作者:佚名
天下网吧·网吧天下
闽公网安备35010202000238号