본문 바로가기
업무이야기/Network

Juniper VRRP and Load Sharing

by 쫑콩아빠 2021. 6. 14.
반응형

“파트너스 활동을 통해 일정액의 수수료를 제공받을 수 있음"


https://www.juniper.net/documentation/us/en/software/junos/high-availability/topics/example/VRRP-qfx-series-load-sharing.html

 

Example: Configuring VRRP for Load Sharing | High Availability User Guide | Juniper Networks TechLibrary

This example uses two VRRP groups, each of which has its own virtual IP address. Devices on the LAN use one of these virtual IP addresses as their default gateway. If one of the switches fails, the other switch takes over for it. In the topology shown in F

www.juniper.net

 

Example: Configuring VRRP for Load Sharing

date_range17-Feb-21

Product and Release Support

arrow_backward arrow_forward

If you do not want to dedicate a switch to be a VRRP backup (and therefore leave it idle unless the primary fails), you can create a load-sharing configuration in which each participating switch simultaneously acts as a primary and a backup.

One reason to use a load-sharing (active-active) configuration is that you are more likely to actively monitor and maintain both switches and notice if a problem occurs on either of them. If you use a configuration in which one switch is only a backup (an active-backup configuration), you might be less likely to pay attention to the backup switch while it is idle. In the worst case, this could lead to the backup switch developing an undetected problem and not being able to perform adequately when a failover occurs.

Requirements

This example uses the following hardware and software components:

  • Two switches
  • Junos OS Release 11.3 or later
  • Static routing or a dynamic routing protocol enabled on both switches.

Overview and Topology

This example uses two VRRP groups, each of which has its own virtual IP address. Devices on the LAN use one of these virtual IP addresses as their default gateway. If one of the switches fails, the other switch takes over for it. In the topology shown in Figure 1, for example, Switch A is the primary for VRRP group 100. If Switch A fails, Switch B takes over and forwards traffic that the end devices send to the default gateway address 10.1.1.1.

Figure 1: VRRP Load-Sharing Configuration

This example shows a simple configuration to illustrate the basic steps for configuring two switches running VRRP to back each other up.Table 1 lists VRRP settings for each switch.

Topology

Table 1: Settings for VRRP Load-Sharing ExampleSwitch ASwitch B

VRRP Group 100:
  • Interface address: 10.1.1.251
  • VIP: 10.1.1.1
  • Priority: 250
 VRRP Group 100:
  • Interface address: 10.1.1.252
  • VIP: 10.1.1.1
  • Priority: 200
VRRP Group 200:
  • Interface address: 10.1.1.251
  • VIP: 10.1.1.2
  • Priority: 200
 VRRP Group 200:
  • Interface address: 10.1.1.252
  • VIP: 10.1.1.2
  • Priority: 250

In addition to configuring the two switches as shown, you must configure your end devices so that some of them use one of the virtual IP addresses as their default gateway and the remaining end devices use the other virtual IP address as their default gateway.

Note that if a failover occurs, the remaining switch might be unable to handle all of the traffic, depending on the demand.

Configuring VRRP on Both Switches

Procedure

CLI Quick Configuration

Enter the following on Switch A:

content_copy zoom_out_map

[edit] set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.251/24 vrrp-group 100 virtual-address 10.1.1.1 set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.251/24 vrrp-group 100 priority 250 set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.251/24 vrrp-group 200 virtual-address 10.1.1.2 set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.251/24 vrrp-group 200 priority 200

Enter the following on Switch B:

content_copy zoom_out_map

[edit] set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.252/24 vrrp-group 100 virtual-address 10.1.1.1 set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.252/24 vrrp-group 100 priority 200 set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.252/24 vrrp-group 200 virtual-address 10.1.1.2 set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.252/24 vrrp-group 200 priority 250

Step-by-Step Procedure

Configure the VRRP groups and priorities on Switch A:

  1. Create VRRP group 100 on Switch A and configure the virtual IP address for the group:
  2. content_copy zoom_out_map
  3. [edit] user@switch# set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.252/24 vrrp-group 100 virtual-address 10.1.1.1
  4. Assign the VRRP priority for this interface in this group:
  5. content_copy zoom_out_map
  6. [edit] user@switch# set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.251/24 vrrp-group 100 priority 250
  7. Create VRRP group 200 on Switch A and configure the virtual IP address for the group:
  8. content_copy zoom_out_map
  9. [edit] user@switch# set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.251/24 vrrp-group 200 virtual-address 10.1.1.2
  10. Assign the VRRP priority for this interface in this group:
  11. content_copy zoom_out_map
  12. [edit] user@switch# set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.251/24 vrrp-group 100 priority 200

Step-by-Step Procedure

Configure the VRRP groups and priorities on Switch B:

  1. Create VRRP group 100 on Switch B and configure the virtual IP address for the group:
  2. content_copy zoom_out_map
  3. [edit] user@switch# set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.252/24 vrrp-group 100 virtual-address 10.1.1.1
  4. Assign the VRRP priority for this interface in this group:Switch A remains the primary for group 100 because it has the highest priority for this group.
  5. content_copy zoom_out_map
  6. [edit] user@switch# set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.252/24 vrrp-group 100 priority 200
  7. Create VRRP group 200 on Switch A and configure the virtual IP address for the group:
  8. content_copy zoom_out_map
  9. [edit] user@switch# set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.252/24 vrrp-group 200 virtual-address 10.1.1.2
  10. Assign the VRRP priority for this interface in this group:Switch B becomes the primary for group 200 because it has the highest priority for this group.
  11. content_copy zoom_out_map
  12. [edit] user@switch# set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.251/24 vrrp-group 100 priority 250

Results

Display the results of the configuration on Switch A:

content_copy zoom_out_map

user@switch> show configuration interfaces { xe-0/0/0 { unit 0 { family inet { address 10.1.1.251 { vrrp-group 100 { virtual address 10.1.1.1 priority 250 } vrrp-group 200 { virtual address 10.1.1.2 priority 200 } } } } } }

Display the results of the configuration on Switch B:

content_copy zoom_out_map

user@switch> show configuration interfaces { xe-0/0/0 { unit 0 { family inet { address 10.1.1.252 { vrrp-group 100 { virtual address 10.1.1.1 priority 200 } vrrp-group 200 { virtual address 10.1.1.2 priority 250 } } } } } }

Verification

Verifying that VRRP Is Working on Switch A

Purpose

Verify that VRRP is active on Switch A and that the primary and backup roles are correct.

Action

Use the following command to verify that VRRP is active on Switch A and that the switch is primary for group 100 and backup for group 200.

content_copy zoom_out_map

user@switch> show vrrp Interface State Group VR state Timer Type Address xe-0/0/0.0 up 100 master A .0327 lcl 10.1.1.251 vip 10.1.1.1 xe-0/0/0.0 up 200 backup A .0327 lcl 10.1.1.251 vip 10.1.1.2

Meaning

The show vrrp command displays fundamental information about the VRRP configuration. This output shows that both VRRP groups are active and that this switch has assumed the correct primary and backup roles. The lcl address is the physical address of the interface and the vip address is the virtual address shared by both switches. The Timer value (A .0327) indicates the remaining time (in seconds) in which this switch expects to receive a VRRP advertisement from the other switch. If an advertisement for group 200 does not arrive before the timer expires, Switch A asserts itself as the primary for this group.

Verifying that VRRP Is Working on Switch B

Purpose

Verify that VRRP is active on Switch B and that the primary and backup roles are correct.

Action

Use the following command to verify that VRRP is active on Switch B and that the switch is backup for group 100 and primary for group 200.

content_copy zoom_out_map

user@switch> show vrrp Interface State Group VR state Timer Type Address xe-0/0/0.0 up 100 backup A .0327 lcl 10.1.1.252 vip 10.1.1.1 xe-0/0/0.0 up 200 master A .0327 lcl 10.1.1.252 vip 10.1.1.2

Meaning

The show vrrp command displays fundamental information about the VRRP configuration. This output shows that both VRRP groups are active and that this switch has assumed the correct primary and backup roles. The lcl address is the physical address of the interface and the vip address is the virtual address shared by both switches. The Timer value (A .0327) indicates the remaining time (in seconds) in which this switch expects to receive a VRRP advertisement from the other switch. If an advertisement for group 100 does not arrive before the timer expires, Switch B asserts itself as the primary for this group.


“파트너스 활동을 통해 일정액의 수수료를 제공받을 수 있음"


반응형
저작자표시

'업무이야기 > Network' 카테고리의 다른 글

Juniper Switch Virtual-Chassis (STACK)  (0) 2023.05.02
Juniper RestAPI Sample  (0) 2021.08.06
Juniper show command (RSI : request support information)  (0) 2021.03.29
Juniper Troubleshooting Commands  (0) 2021.03.29
Juniper request chassis cluster failover redundancy-group  (0) 2021.03.16

관련글

티스토리툴바