Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 04-Track Configuration | 193.84 KB |
Collaboration application example·
Associating the Track module with a detection module
Associating Track with interface management
Associating the Track module with an application module
Associating Track with static routing
Associating Track with WLAN uplink detection
Displaying and maintaining track entries
VRRP-Track-NQA collaboration configuration example
Static routing-Track-NQA collaboration configuration example
VRRP-Track-interface management collaboration configuration example
Configuring Track
Overview
The Track module collaborates with application and detection modules, as shown in Figure 1.
After you associate the Track module with a detection module and an application module, collaboration is enabled. The detection module probes specific objects such as interface status, link status, network reachability, and network performance, and informs the Track module of detection results. The Track module sends the detection results to the associated application module. When notified of changes for the tracked object, the application modules can react to avoid communication interruption and network performance degradation.
Figure 1 Collaboration through the Track module
Collaboration fundamentals
The following describes collaboration of the Track module with detection modules and application modules.
Collaboration between the Track module and a detection module
The detection module sends the detection result of the associated tracked object to the Track module. Depending on the result, the Track module changes the status of the track entry:
· If the tracked object functions correctly, for example, the target interface is up or the target network is reachable, the state of the track entry is Positive.
· If the tracked object functions incorrectly, for example, the target interface is down or the target network is unreachable, the state of the track entry is Negative.
· If the detection result is not valid, for example, the NQA operation that is associated with the track entry does not exist, the state of the track entry is Invalid.
The following detection modules can be associated with the Track module:
· NQA.
· Interface management module.
Collaboration between the Track module and an application module
After you associate the Track module with an application module, and the status of the track entry changes, the Track module notifies the application module, which then takes actions as configured.
The following application modules can be associated with the Track module:
· VRRP.
· Static routing.
Support for VRRP depends on the device model. For more information, see About the H3C Access Controllers Configuration Guides.
When you configure a track entry for an application module, you can set a notification delay to avoid immediate notification of status changes, which can cause communication failure. This issue occurs when route convergence is slower than the link state change notification. For example, when the master in a VRRP group detects that the uplink interface fails through the Track module, the Track module notifies the master to decrease its priority so that a backup with higher priority preempts as the new master. When the failed uplink interface recovers, the Track module immediately notifies the original master to restore its priority and forward traffic. If the uplink route has not recovered, forwarding failure will occur.
Collaboration application example
This example shows how to implement collaboration between NQA, Track, and uplink detection.
If the uplink fails, the AC disables the radio on the AP that associates with the AC. If the uplink recovers, the AC enables the radio on the AP.
To configure collaboration between the NQA, Track, and uplink detection:
1. Configure an NQA operation to check the accessibility of the device.
2. Create a track entry and associate it with the NQA operation. When the device is reachable, the track entry is in Positive state. When the device becomes unreachable, the track entry is in Negative state.
3. Associate the track entry with the WLAN uplink detection feature. When the associated track entry changes to the Negative state, the uplink detection feature disables the radio on the AP so that wireless clients will not associate with the AP. When the track entry changes to the Positive state, the uplink detection feature enables the radio on the AP so that wireless clients can associate with the AP.
Track configuration task list
To implement the collaboration function, establish associations between the Track module and the detection modules, and between the Track module and the application modules.
Complete these tasks to configure the Track module:
|
Task |
Remarks |
|
|
Required. Use one of the methods. |
||
|
Required. Use one of the methods. |
||
Associating the Track module with a detection module
Associating Track with NQA
NQA supports multiple operation types to analyze network performance, services, service quality. For example, an NQA operation can periodically detect whether a destination is reachable, or whether the TCP connection to a TCP server can be established.
An NQA operation functions as follows when it is associated with a track entry:
· If the consecutive failures reach the specified threshold, the NQA module notifies the Track module that the tracked object malfunctions. The Track module sets the track entry to the Negative state.
· If the specified threshold is not reached, the NQA module notifies the Track module that the tracked object functions correctly. The Track module sets the track entry to the Positive state.
For more information about NQA, see Network Management and Monitoring Configuration Guide.
To associate Track with NQA:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Create a track entry, and associate it with an NQA reaction entry. |
track track-entry-number nqa entry admin-name operation-tag reaction item-number [ delay { negative negative-time | positive positive-time } * ] |
No track entry is created by default. |
|
|
NOTE: If the specified NQA operation or the reaction entry in the track entry does not exist, the status of the track entry is Invalid. |
Associating Track with interface management
The interface management module monitors the physical status or network-layer protocol status of the interface. The interface management module functions as follows when it is associated with a track entry:
· When the physical or network-layer protocol status of the interface changes to up, the interface management module notifies the Track module of the change and the Track module sets the track entry to Positive.
· When the physical or network-layer protocol status of the interface changes to down, the interface management module notifies the Track module of the change and the Track module sets the track entry to Negative.
To associate Track with interface management:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Associating Track with interface management. |
· Create a track entry, and associate it with the interface
management module to monitor the physical status of an interface: · Create a track entry, and
associate it with the interface management module to
monitor the Layer 3 protocol status of an interface: |
Use either method. No track entry is created by default. |
Associating the Track module with an application module
|
|
NOTE: The term "router" in this section refers to both routers and routing-capable H3C access controllers. |
Associating Track with VRRP
VRRP is an error-tolerant protocol. It adds a group of routers that can act as network gateways to a VRRP group, which forms a virtual router. Routers in the VRRP group elect the master acting as the gateway according to the routers' priorities. A router with a higher priority is more likely to become the master. The other routers function as the backups. When the master fails, the backups in the VRRP group elect a new gateway to take over. This makes sure the hosts in the network segment can uninterruptedly communicate with external networks.
When VRRP is operating in standard protocol mode or load balancing mode, associate the Track module with the VRRP group to implement the following actions:
· Change the priority of a router according to the status of the uplink. If a fault occurs on the uplink of the router, the VRRP group is not aware of the uplink failure. If the router is the master, hosts in the LAN cannot access the external network. To solve this problem, establish a Track-VRRP group association. Use the detection modules to monitor the status of the uplink of the router and establish collaborations between the detection modules, Track module and VRRP. When the uplink fails, the detection modules notify the Track module to change the status of the monitored track entry to Negative, and the priority of the master decreases by a specific value. This allows a higher priority router in the VRRP group to become the master, and maintains communication between the hosts in the LAN and the external network.
· Monitor the master on a backup. If a fault occurs on the master, the backup working in switchover mode will switch to the master immediately to maintain normal communication.
When VRRP is operating in load balancing mode, associate the Track module with the VRRP Virtual Forwarder (VF) to implement the following functions:
· Change the priority of the active VF (AVF) according to its uplink state. When the uplink of the AVF fails, the track entry changes to Negative state and the weight of the AVF decreases by a specific value so that the VF with a higher priority becomes the new AVF to forward packets.
· Monitor the AVF status from the listening VF (LVF), which refers to the VF in listening state. When the AVF fails, the LVF that is operating in switchover mode becomes the new AVF to ensure continuous forwarding.
Follow these guidelines when you associate Track with VRRP:
· VRRP tracking is not valid on an IP address owner. An IP address owner refers to a router when the IP address of the virtual router is the IP address of an interface on the router in the VRRP group.
· When the status of the track entry changes from Negative to Positive or Invalid, the associated router or VF restores its priority automatically.
· You can associate a nonexistent track entry with a VRRP group or VF. The association takes effect only after you use the track command to create the track entry. For more information about VRRP, see "Configuring VRRP."
To associate Track with a VRRP group:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Create a VRRP group and configure its virtual IP address. |
vrrp vrid virtual-router-id virtual-ip virtual-address |
No VRRP group is created by default. |
|
4. Associate a track entry with a VRRP group. |
vrrp [ ipv6 ] vrid virtual-router-id track track-entry-number [ reduced priority-reduced | switchover ] |
No track entry is specified for a VRRP group by default. This command is supported when VRRP is operating in both standard protocol mode and load balancing mode. |
To associate Track with a VRRP VF:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Create a VRRP group and configure its virtual IP address. |
vrrp vrid virtual-router-id virtual-ip virtual-address |
No VRRP group is created by default. |
|
4. Associate Track with a VRRP VF. |
· Associate a track entry with the VRRP
VF: · Configure the LVF to monitor the AVF status
through the track entry: |
Use at least one command. By default, no track entry is specified for a VF. This command is configurable when VRRP is operating in standard mode or load balancing mode. However, this function takes effect only when VRRP is operating in load balancing mode. |
Associating Track with static routing
A static route is a manually configured route. When a static route is configured, packets to the specified destination are forwarded through the path specified by the administrator.
Static routes cannot adapt to network topology changes. Faults or topological changes in the network can make the routes unreachable and cause network breaks and unreliability.
To prevent this problem, configure another route to back up the static route. When the static route is reachable, packets are forwarded through the static route. When the static route is unreachable, packets are forwarded through the backup route.
To check the accessibility of a static route in real time, establish association between Track and the static route.
If you specify the next hop but not the output interface when configuring a static route, you can establish collaborations among the static route, the Track module, and detection modules. This enables you to check the accessibility of the static route by the state of the track entry:
· The Positive state of the track entry shows that the next hop of the static route is reachable, and that the configured static route is valid.
· The Negative state of the track entry shows that the next hop of the static route is not reachable, and that the configured static route is invalid.
· The Invalid state of the track entry shows that the accessibility of the next hop of the static route is unknown, and that the static route is valid.
Follow these guidelines when you associate Track with static routing:
· You can associate a nonexistent track entry with a static route. The association takes effect only after you use the track command to create the track entry.
· If the Track module detects the next hop accessibility of the static route in a private network through NQA, the VPN instance name of the next hop of the static route must be consistent with that configured for the NQA operation. Otherwise, accessibility detection cannot function correctly.
· If a static route needs route recursion, the associated track entry must monitor the next hop of the recursive route instead of the next hop of the static route. Otherwise, a valid route may be considered invalid. For more information about static route configuration, see Layer 3 Configuration Guide.
To associate Track with static routing:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Associate the static route with a track entry to check the accessibility of the next hop. |
· Method 1: · Method 2: |
Use either method. Not configured by default. |
Associating Track with WLAN uplink detection
When the uplink of an AC fails, clients cannot access external networks through the AP that is connected to the AC. To check the accessibility of the uplink in real time, establish association between Track and WLAN uplink detection:
· When the track entry is in Positive state, the AC enables the radio of the AP. Wireless clients can associate with the AP.
· When the track entry is in Negative state, the AC disables the radio of the AP. Wireless clients cannot associate with the AP.
· When the track entry is in Invalid state, the AC does not change the radio state of the AP.
The association makes sure when the uplink of an AC fails, clients can associate with APs connected to another AC.
For more information about configuration on AC, AP, and WLAN uplink detection, see WLAN Service Configuration Guide.
To associate Track with the WLAN uplink detection feature:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Associate the WLAN uplink detection feature with a track entry. |
wlan uplink track track-entry-number |
Not configured by default. |
Displaying and maintaining track entries
|
Task |
Command |
Remarks |
|
Display information about the specified or all track entries. |
display track { track-entry-number | all } [ | { begin | exclude | include } regular-expression ] |
Available in any view. |
Track configuration examples
VRRP-Track-NQA collaboration configuration example
Network requirements
As shown in Figure 3:
· The client requires access to the host. The default gateway of the client is 10.1.1.10/24.
· AC 1 and AC 2 belong to VRRP group 1. The virtual IP address of VRRP group 1 is 10.1.1.10.
Configure VRRP-Track-NQA collaboration to monitor the uplink on the master and meet the following requirements:
· When AC 1 operates correctly, it forwards packets from the client to the host.
· When NQA detects a fault on the uplink of AC 1, AC 2 forwards packets from the client to the host.
Configuration procedure
1. Create VLANs, assign ports to the VLANs, and configure the IP address of each VLAN interface, as shown in Figure 3. (Details not shown.)
2. Configure an NQA operation on AC 1:
# Create an NQA operation with the administrator name admin and the operation tag test.
<AC1> system-view
[AC1] nqa entry admin test
# Configure the operation type as ICMP echo.
[AC1-nqa-admin-test] type icmp-echo
# Specify 10.1.2.2 as the destination address of ICMP echo requests.
[AC1-nqa-admin-test-icmp-echo] destination ip 10.1.2.2
# Configure the ICMP echo operation to repeat at an interval of 100 milliseconds.
[AC1-nqa-admin-test-icmp-echo] frequency 100
# Configure reaction entry 1, and specify that five consecutive probe failures trigger the Track module.
[AC1-nqa-admin-test-icmp-echo] reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only
[AC1-nqa-admin-test-icmp-echo] quit
# Start the NQA operation.
[AC1] nqa schedule admin test start-time now lifetime forever
3. On AC 1, configure track entry 1, and associate it with reaction entry 1 of the NQA operation.
[AC1] track 1 nqa entry admin test reaction 1
4. Configure VRRP on AC 1:
# Create VRRP group 1, and configure the virtual IP address 10.1.1.10 for the group.
[AC1] interface vlan-interface 2
[AC1-Vlan-interface2] vrrp vrid 1 virtual-ip 10.1.1.10
# Set the priority of AC 1 in VRRP group 1 to 110.
[AC1-Vlan-interface2] vrrp vrid 1 priority 110
# Set the authentication mode of VRRP group 1 to simple, and the authentication key to hello.
[AC1-Vlan-interface2] vrrp vrid 1 authentication-mode simple hello
# Configure the master to send VRRP packets at an interval of 5 seconds.
[AC1-Vlan-interface2] vrrp vrid 1 timer advertise 5
# Configure AC 1 to operate in preemptive mode, and set the preemption delay to 5 seconds.
[AC1-Vlan-interface2] vrrp vrid 1 preempt-mode timer delay 5
# Configure to monitor track entry 1 and specify the priority decrement to 30.
[AC1-Vlan-interface2] vrrp vrid 1 track 1 reduced 30
5. Configure VRRP on AC 2:
# Create VRRP group 1, and configure the virtual IP address 10.1.1.10 for the group.
<AC2> system-view
[AC2] interface vlan-interface 2
[AC2-Vlan-interface2] vrrp vrid 1 virtual-ip 10.1.1.10
# Set the authentication mode of VRRP group 1 to simple, and the authentication key to hello.
[AC2-Vlan-interface2] vrrp vrid 1 authentication-mode simple hello
# Configure the master to send VRRP packets at an interval of 5 seconds.
[AC2-Vlan-interface2] vrrp vrid 1 timer advertise 5
# Configure AC 2 to operate in preemptive mode, and set the preemption delay to 5 seconds.
[AC2-Vlan-interface2] vrrp vrid 1 preempt-mode timer delay 5
Verifying the configuration
# Ping the host from the client to verify that the host is reachable. (Details not shown.)
# Display detailed information about VRRP group 1 on AC 1.
[AC1-Vlan-interface2] display vrrp verbose
IPv4 Standby Information:
Run Mode : Standard
Run Method : Virtual MAC
Total number of virtual routers : 1
Interface Vlan-interface2
VRID : 1 Adver Timer : 5
Admin Status : Up State : Master
Config Pri : 110 Running Pri : 110
Preempt Mode : Yes Delay Time : 5
Auth Type : Simple Key : ******
Virtual IP : 10.1.1.10
Virtual MAC : 0000-5e00-0101
Master IP : 10.1.1.1
VRRP Track Information:
Track Object : 1 State : Positive Pri Reduced : 30
# Display detailed information about VRRP group 1 on AC 2.
[AC2-Vlan-interface2] display vrrp verbose
IPv4 Standby Information:
Run Mode : Standard
Run Method : Virtual MAC
Total number of virtual routers : 1
Interface Vlan-interface2
VRID : 1 Adver Timer : 5
Admin Status : Up State : Backup
Config Pri : 100 Running Pri : 100
Preempt Mode : Yes Delay Time : 5
Become Master : 2200ms left
Auth Type : Simple Key : ******
Virtual IP : 10.1.1.10
Master IP : 10.1.1.1
The output shows that in VRRP group 1, AC 1 is the master and AC 2 is a backup. Packets from the client to the host are forwarded through AC 1.
# Disconnect the link between AC 1 and Switch A, and verify that the client can still ping the host. (Details not shown.)
# Display detailed information about VRRP group 1 on AC 1.
IPv4 Standby Information:
Run Mode : Standard
Run Method : Virtual MAC
Total number of virtual routers : 1
Interface Vlan-interface2
VRID : 1 Adver Timer : 5
Admin Status : Up State : Backup
Config Pri : 110 Running Pri : 80
Preempt Mode : Yes Delay Time : 5
Become Master : 2200ms left
Auth Type : Simple Key : ******
Virtual IP : 10.1.1.10
Master IP : 10.1.1.2
VRRP Track Information:
Track Object : 1 State : Negative Pri Reduced : 30
# Display detailed information about VRRP group 1 on AC 2.
[AC2-Vlan-interface2] display vrrp verbose
IPv4 Standby Information:
Run Mode : Standard
Run Method : Virtual MAC
Total number of virtual routers : 1
Interface Vlan-interface2
VRID : 1 Adver Timer : 5
Admin Status : Up State : Master
Config Pri : 100 Running Pri : 100
Preempt Mode : Yes Delay Time : 5
Auth Type : Simple Key : ******
Virtual IP : 10.1.1.10
Virtual MAC : 0000-5e00-0101
Master IP : 10.1.1.2
The output shows that AC 1 becomes the backup, and AC 2 becomes the master. Packets from the client to the host are forwarded through AC 2.
Static routing-Track-NQA collaboration configuration example
Network requirements
As shown in Figure 4:
· AC 1 is the default gateway of the hosts in network 20.1.1.0/24.
· AC 4 is the default gateway of the hosts in network 30.1.1.0/24.
· The clients in the two networks communicate with each other through static routes.
To ensure network availability, configure route backup and static routing-Track-NQA collaboration on AC 1 and AC 4 as follows:
· On AC 1, assign a higher priority to the static route to 30.1.1.0/24 with the next hop AC 2. This route is the master route. The static route to 30.1.1.0/24 with the next hop AC 3 acts as the backup route. When the master route is unavailable, the backup route takes effect.
· On AC 4, assign a higher priority to the static route to 20.1.1.0/24 with the next hop AC 2. This route is the master route. The static route to 20.1.1.0/24 with the next hop AC 3 acts as the backup route. When the master route is unavailable, the backup route takes effect.
Configuration procedure
1. Create VLANs, assign ports to the VLANs, and configure the IP address of each VLAN interface, as shown in Figure 4. (Details not shown.)
2. Configure AC 1:
# Configure a static route to 30.1.1.0/24 with the next hop 10.1.1.2 and the default priority 60. Associate this static route with track entry 1.
<AC1> system-view
[AC1] ip route-static 30.1.1.0 24 10.1.1.2 track 1
# Configure a static route to 30.1.1.0/24 with the next hop 10.3.1.3 and the priority 80.
[AC1] ip route-static 30.1.1.0 24 10.3.1.3 preference 80
# Configure a static route to 10.2.1.4 with the next hop 10.1.1.2.
[AC1] ip route-static 10.2.1.4 24 10.1.1.2
# Create an NQA operation with the administrator admin and the operation tag test.
[AC1] nqa entry admin test
# Configure the operation type as ICMP echo.
[AC1-nqa-admin-test] type icmp-echo
# Specify 10.2.1.4 as the destination address of the operation.
[AC1-nqa-admin-test-icmp-echo] destination ip 10.2.1.4
# Specify 10.1.1.2 as the next hop of the operation.
[AC1-nqa-admin-test-icmp-echo] next-hop 10.1.1.2
# Configure the ICMP echo operation to repeat at an interval of 100 milliseconds.
[AC1-nqa-admin-test-icmp-echo] frequency 100
# Configure reaction entry 1, and specify that five consecutive probe failures trigger the Track module.
[AC1-nqa-admin-test-icmp-echo] reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only
[AC1-nqa-admin-test-icmp-echo] quit
# Start the NQA operation.
[AC1] nqa schedule admin test start-time now lifetime forever
# Configure track entry 1, and associate it with reaction entry 1 of the NQA operation.
[AC1] track 1 nqa entry admin test reaction 1
3. Configure AC 2:
# Configure a static route to 30.1.1.0/24 with the next hop 10.2.1.4.
<AC2> system-view
[AC2] ip route-static 30.1.1.0 24 10.2.1.4
# Configure a static route to 20.1.1.0/24 with the next hop 10.1.1.1.
[AC2] ip route-static 20.1.1.0 24 10.1.1.1
4. Configure AC 3:
# Configure a static route to 30.1.1.0/24 with the next hop 10.4.1.4.
<AC3> system-view
[AC3] ip route-static 30.1.1.0 24 10.4.1.4
# Configure a static route to 20.1.1.0/24 with the next hop 10.3.1.1.
[AC3] ip route-static 20.1.1.0 24 10.3.1.1
5. Configure AC 4:
# Configure a static route to 20.1.1.0/24 with the next hop 10.2.1.2 and the default priority 60. Associate this static route with track entry 1.
<AC4> system-view
[AC4] ip route-static 20.1.1.0 24 10.2.1.2 track 1
# Configure a static route to 20.1.1.0/24 with the next hop 10.4.1.3 and the priority 80.
[AC4] ip route-static 20.1.1.0 24 10.4.1.3 preference 80
# Configure a static route to 10.1.1.1 with the next hop 10.2.1.2.
[AC4] ip route-static 10.1.1.1 24 10.2.1.2
# Create an NQA operation with the administrator admin and the operation tag test.
[AC4] nqa entry admin test
# Configure the operation type as ICMP echo.
[AC4-nqa-admin-test] type icmp-echo
# Specify 10.1.1.1 as the destination address of the operation.
[AC4-nqa-admin-test-icmp-echo] destination ip 10.1.1.1
# Specify 10.2.1.2 as the next hop of the operation.
[AC4-nqa-admin-test-icmp-echo] next-hop 10.2.1.2
# Configure the operation frequency as 100 milliseconds.
[AC4-nqa-admin-test-icmp-echo] frequency 100
# Configure reaction entry 1, and specify that five consecutive probe failures trigger the Track module.
[AC4-nqa-admin-test-icmp-echo] reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only
[AC4-nqa-admin-test-icmp-echo] quit
# Start the NQA operation.
[AC4] nqa schedule admin test start-time now lifetime forever
# Configure track entry 1, and associate it with reaction entry 1 of the NQA operation.
[AC4] track 1 nqa entry admin test reaction 1
Verifying the configuration
# Display information of the track entry on AC 1.
[AC1] display track all
Track ID: 1
Status: Positive
Duration: 0 days 0 hours 0 minutes 32 seconds
Notification delay: Positive 0, Negative 0 (in seconds)
Reference object:
NQA entry: admin test
Reaction: 1
The output shows that the status of the track entry is Positive, indicating that the NQA operation has succeeded and the master route is available.
# Display the routing table of AC 1.
[AC1] display ip routing-table
Routing Tables: Public
Destinations : 10 Routes : 10
Destination/Mask Proto Pre Cost NextHop Interface
10.1.1.0/24 Direct 0 0 10.1.1.1 Vlan2
10.1.1.1/32 Direct 0 0 127.0.0.1 InLoop0
10.2.1.0/24 Static 60 0 10.1.1.2 Vlan2
10.3.1.0/24 Direct 0 0 10.3.1.1 Vlan3
10.3.1.1/32 Direct 0 0 127.0.0.1 InLoop0
20.1.1.0/24 Direct 0 0 20.1.1.1 Vlan6
20.1.1.1/32 Direct 0 0 127.0.0.1 InLoop0
30.1.1.0/24 Static 60 0 10.1.1.2 Vlan2
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
The output shows that AC 1 forwards packets to 30.1.1.0/24 through AC 2.
# Remove the IP address of interface VLAN-interface 2 on AC 2.
<AC2> system-view
[AC2] interface vlan-interface 2
[AC2-Vlan-interface2] undo ip address
# Display information of the track entry on AC1.
[AC1] display track all
Track ID: 1
Status: Negative
Duration: 0 days 0 hours 0 minutes 32 seconds
Notification delay: Positive 0, Negative 0 (in seconds)
Reference object:
NQA entry: admin test
Reaction: 1
The output shows that the status of the track entry is Negative, indicating that the NQA operation has failed and the master route is unavailable.
# Display the routing table of AC 1.
[AC1] display ip routing-table
Routing Tables: Public
Destinations : 10 Routes : 10
Destination/Mask Proto Pre Cost NextHop Interface
10.1.1.0/24 Direct 0 0 10.1.1.1 Vlan2
10.1.1.1/32 Direct 0 0 127.0.0.1 InLoop0
10.2.1.0/24 Static 60 0 10.1.1.2 Vlan2
10.3.1.0/24 Direct 0 0 10.3.1.1 Vlan3
10.3.1.1/32 Direct 0 0 127.0.0.1 InLoop0
20.1.1.0/24 Direct 0 0 20.1.1.1 Vlan6
20.1.1.1/32 Direct 0 0 127.0.0.1 InLoop0
30.1.1.0/24 Static 80 0 10.3.1.3 Vlan3
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
The output shows that the backup static route takes effect and AC 1 forwards packets to 30.1.1.0/24 through AC 3.
# Verify that the clients in 20.1.1.0/24 can still communicate with the clients in 30.1.1.0/24 when the master route fails.
[AC1] ping -a 20.1.1.1 30.1.1.1
PING 30.1.1.1: 56 data bytes, press CTRL_C to break
Reply from 30.1.1.1: bytes=56 Sequence=1 ttl=254 time=2 ms
Reply from 30.1.1.1: bytes=56 Sequence=2 ttl=254 time=1 ms
Reply from 30.1.1.1: bytes=56 Sequence=3 ttl=254 time=1 ms
Reply from 30.1.1.1: bytes=56 Sequence=4 ttl=254 time=2 ms
Reply from 30.1.1.1: bytes=56 Sequence=5 ttl=254 time=1 ms
--- 30.1.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/1/2 ms
# Verify that the clients in 30.1.1.0/24 can still communicate with the clients in 20.1.1.0/24 when the master route fails.
[AC2] ping -a 30.1.1.1 20.1.1.1
PING 20.1.1.1: 56 data bytes, press CTRL_C to break
Reply from 20.1.1.1: bytes=56 Sequence=1 ttl=254 time=2 ms
Reply from 20.1.1.1: bytes=56 Sequence=2 ttl=254 time=1 ms
Reply from 20.1.1.1: bytes=56 Sequence=3 ttl=254 time=1 ms
Reply from 20.1.1.1: bytes=56 Sequence=4 ttl=254 time=1 ms
Reply from 20.1.1.1: bytes=56 Sequence=5 ttl=254 time=1 ms
--- 20.1.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/1/2 ms
VRRP-Track-interface management collaboration configuration example
Network requirements
As shown in Figure 5:
· The client requires access to the host. The default gateway of the client is 10.1.1.10/24.
· AC 1 and AC 2 belong to VRRP group 1. The virtual IP address of VRRP group 1 is 10.1.1.10.
Configure VRRP-Track-interface management collaboration to monitor the uplink interface on the master and meet the following requirements:
· When AC 1 operates correctly, AC 1 forwards packets from the client to the host.
· When VRRP detects a fault on the uplink interface of AC 1 through the interface management module, AC 2 forwards packets from the client to the host.
Configuration procedure
1. Create VLANs, assign ports to the VLANs, and configure the IP address of each VLAN interface, as shown in Figure 5. (Details not shown.)
2. Configure AC 1:
# Configure track entry 1, and associate it with the physical status of the uplink interface VLAN-interface 3.
[AC1] track 1 interface vlan-interface 3
# Create VRRP group 1, and configure the virtual IP address 10.1.1.10 for the group.
[AC1] interface vlan-interface 2
[AC1-Vlan-interface2] vrrp vrid 1 virtual-ip 10.1.1.10
# Set the priority of AC 1 in VRRP group 1 to 110.
[AC1-Vlan-interface2] vrrp vrid 1 priority 110
# Configure to monitor track entry 1 and specify the priority decrement as 30.
[AC1-Vlan-interface2] vrrp vrid 1 track 1 reduced 30
3. On AC 2, create VRRP group 1, and configure the virtual IP address 10.1.1.10 for the group.
<AC2> system-view
[AC2] interface vlan-interface 2
[AC2-Vlan-interface2] vrrp vrid 1 virtual-ip 10.1.1.10
Verifying the configuration
# Ping the host from the client to verify that the host is reachable. (Details not shown.)
# Display detailed information about VRRP group 1 on AC 1.
[AC1-Vlan-interface2] display vrrp verbose
IPv4 Standby Information:
Run Mode : Standard
Run Method : Virtual MAC
Total number of virtual routers : 1
Interface Vlan-interface2
VRID : 1 Adver Timer : 1
Admin Status : Up State : Master
Config Pri : 110 Running Pri : 110
Preempt Mode : Yes Delay Time : 0
Auth Type : None
Virtual IP : 10.1.1.10
Virtual MAC : 0000-5e00-0101
Master IP : 10.1.1.1
VRRP Track Information:
Track Object : 1 State : Positive Pri Reduced : 30
# Display detailed information about VRRP group 1 on AC 2.
[AC2-Vlan-interface2] display vrrp verbose
IPv4 Standby Information:
Run Mode : Standard
Run Method : Virtual MAC
Total number of virtual routers : 1
Interface Vlan-interface2
VRID : 1 Adver Timer : 1
Admin Status : Up State : Backup
Config Pri : 100 Running Pri : 100
Preempt Mode : Yes Delay Time : 0
Become Master : 2200ms left
Auth Type : None
Virtual IP : 10.1.1.10
Master IP : 10.1.1.1
The output shows that in VRRP group 1, AC 1 is the master and AC 2 is a backup. Packets from the client to the host are forwarded through AC 1.
# Shut down the uplink interface VLAN-interface 3 on AC 1.
[AC1-Vlan-interface2] interface vlan-interface 3
[AC1-Vlan-interface3] shutdown
# Ping the host from the client to verify that the host is reachable. (Details not shown.)
# Display detailed information about VRRP group 1 on AC 1.
[AC1-Vlan-interface3] display vrrp verbose
IPv4 Standby Information:
Run Mode : Standard
Run Method : Virtual MAC
Total number of virtual routers : 1
Interface Vlan-interface2
VRID : 1 Adver Timer : 1
Admin Status : Up State : Backup
Config Pri : 110 Running Pri : 80
Preempt Mode : Yes Delay Time : 0
Become Master : 2200ms left
Auth Type : None
Virtual IP : 10.1.1.10
Master IP : 10.1.1.2
VRRP Track Information:
Track Object : 1 State : Negative Pri Reduced : 30
# Display detailed information about VRRP group 1 on AC 2.
[AC2-Vlan-interface2] display vrrp verbose
IPv4 Standby Information:
Run Mode : Standard
Run Method : Virtual MAC
Total number of virtual routers : 1
Interface Vlan-interface2
VRID : 1 Adver Timer : 1
Admin Status : Up State : Master
Config Pri : 100 Running Pri : 100
Preempt Mode : Yes Delay Time : 0
Auth Type : None
Virtual IP : 10.1.1.10
Virtual MAC : 0000-5e00-0101
Master IP : 10.1.1.2
The output shows that AC 1 becomes the backup, and AC 2 becomes the master. Packets from the client to the host are forwarded through AC 2.
