古河電工ネットワーク機器の総合ブランド ファイテルネット
古河電工
FITELnetトップ製品ラインナップイベント&セミナーセールス&サポート
Routing to the Future FITELnet
設定例
2組の回線とルータで冗長する構成
全機種対応
説明
LAN側はプライベートアドレスを設定しNAT(IPマスカレード)を使用します。
簡易DNS(Proxy DNS)機能により、DNSサーバへ代理でリクエストを送信します。
LAN側に2つのグループを設け、グループ1はRouter Aをグループ2はRouter Bをゲートウェイとします。
LANインターフェースはポート1番のみを使用し、それ以外のポートはshutdownします。
VRRPによりRouterを冗長化し、一方のRouterでLANまたはPPPoEインタフェースに障害が発生した場合は、アクティブなRouterに切り替えます。また障害が復旧した際は元の状態に自動的に復旧します。
PPPoEインタフェースの障害はevent-mapにより検知します。
構成
コマンド設定

Router A

ip route 0.0.0.0 0.0.0.0 pppoe 1
ip vrrp enable
access-list 1 permit 192.168.0.0 0.0.0.255
proxydns mode v4
hostname Router_A
event-class 1
 check interface status pppoe 1 invert
exit
event-action 1
 vrrp 1 track 1 decrement 100
exit
event-map
 event-class 1 event-action 1
exit
interface lan 1
 ip address 192.168.0.11 255.255.255.0
 vrrp 1 address 192.168.0.1
 vrrp 1 priority 254
 vrrp 1 preempt
 vrrp 2 address 192.168.0.2
 vrrp 2 priority 200
 vrrp 2 preempt
exit
interface pppoe 1
 ip nat inside source list 1 interface
 pppoe server internet
 pppoe account ********@***.***.ne.jp ******
 pppoe type host
exit
line lan 1
 shutdown 2
 shutdown 3
 shutdown 4
exit
end

Router B

ip route 0.0.0.0 0.0.0.0 pppoe 1
ip vrrp enable
access-list 1 permit 192.168.0.0 0.0.0.255
proxydns mode v4
hostname Router_B
event-class 1
 check interface status pppoe 1 invert
exit
event-action 1
 vrrp 2 track 1 decrement 100
exit
event-map
 event-class 1 event-action 1
exit
interface lan 1
 ip address 192.168.0.12 255.255.255.0
 vrrp 1 address 192.168.0.1
 vrrp 1 priority 200
 vrrp 1 preempt
 vrrp 2 address 192.168.0.2
 vrrp 2 priority 254
 vrrp 2 preempt
exit
interface pppoe 1
 ip nat inside source list 1 interface
 pppoe server internet
 pppoe account ********@***.***.ne.jp ******
 pppoe type host
exit
line lan 1
 shutdown 2
 shutdown 3
 shutdown 4
exit
end
設定手順 1

Router A

設定内容 画面表示例
特権ユーザモードへの移行
パスワードの入力

設定情報の初期化

設定モードの変更
設定入力





































設定保存



装置再起動 		Router>enable
Enter password:
Router#
Router#clear working.cfg
Router#
Router#configure terminal
Router(config)#ip route 0.0.0.0 0.0.0.0 pppoe 1
Router(config)#ip vrrp enable
Router(config)#access-list 1 permit 192.168.0.0 0.0.0.255
Router(config)#proxydns mode v4
Router(config)#hostname Router_A
Router_A(config)#event-class 1
Router_A(config-event-class 1)# check interface status pppoe 1 invert
Router_A(config-event-class 1)#exit
Router_A(config)#event-action 1
Router_A(config-event-action 1)# vrrp 1 track 1 decrement 100
Router_A(config-event-action 1)#exit
Router_A(config)#event-map
Router_A(config-event-map)# event-class 1 event-action 1
Router_A(config-event-map)#exit
Router_A(config)#interface lan 1
Router_A(config-if lan 1)# ip address 192.168.0.11 255.255.255.0
Router_A(config-if lan 1)# vrrp 1 address 192.168.0.1
Router_A(config-if lan 1)# vrrp 1 priority 254
Router_A(config-if lan 1)# vrrp 1 preempt
Router_A(config-if lan 1)# vrrp 2 address 192.168.0.2
Router_A(config-if lan 1)# vrrp 2 priority 200
Router_A(config-if lan 1)# vrrp 2 preempt
Router_A(config-if lan 1)#exit
Router_A(config)#interface pppoe 1
Router_A(config-if pppoe 1)# ip nat inside source list 1 interface
Router_A(config-if pppoe 1)# pppoe server internet
Router_A(config-if pppoe 1)# pppoe account ********@***.***.ne.jp ******
Router_A(config-if pppoe 1)# pppoe type host
Router_A(config-if pppoe 1)#exit
Router_A(config)#line lan 1
Router_A(config-line lan 1)# shutdown 2
Router_A(config-line lan 1)# shutdown 3
Router_A(config-line lan 1)# shutdown 4
Router_A(config-line lan 1)#exit
Router_A(config)#
Router_A(config)#end
Router_A#
Router_A#save SIDE-A
% saving working-config
% finished saving

Router_A#reset
Going to reset with SIDE-A.frm and SIDE-A
Boot-back not scheduled for next boot.
Next rebooting firmware SIDE-A.frm is fine.
Are you OK to cold start?(y/n)y
設定手順 2

Router B

設定内容 画面表示例
特権ユーザモードへの移行
パスワードの入力

設定情報の初期化

設定モードの変更
設定入力





































設定保存



装置再起動 		Router>enable
Enter password:
Router#
Router#clear working.cfg
Router#
Router#configure terminal
Router(config)#ip route 0.0.0.0 0.0.0.0 pppoe 1
Router(config)#ip vrrp enable
Router(config)#access-list 1 permit 192.168.0.0 0.0.0.255
Router(config)#proxydns mode v4
Router(config)#hostname Router_B
Router_B(config)#event-class 1
Router_B(config-event-class 1)# check interface status pppoe 1 invert
Router_B(config-event-class 1)#exit
Router_B(config)#event-action 1
Router_B(config-event-action 1)# vrrp 2 track 1 decrement 100
Router_B(config-event-action 1)#exit
Router_B(config)#event-map
Router_B(config-event-map)# event-class 1 event-action 1
Router_B(config-event-map)#exit
Router_B(config)#interface lan 1
Router_B(config-if lan 1)# ip address 192.168.0.12 255.255.255.0
Router_B(config-if lan 1)# vrrp 1 address 192.168.0.1
Router_B(config-if lan 1)# vrrp 1 priority 200
Router_B(config-if lan 1)# vrrp 1 preempt
Router_B(config-if lan 1)# vrrp 2 address 192.168.0.2
Router_B(config-if lan 1)# vrrp 2 priority 254
Router_B(config-if lan 1)# vrrp 2 preempt
Router_B(config-if lan 1)#exit
Router_B(config)#interface pppoe 1
Router_B(config-if pppoe 1)# ip nat inside source list 1 interface
Router_B(config-if pppoe 1)# pppoe server internet
Router_B(config-if pppoe 1)# pppoe account ********@***.***.ne.jp ******
Router_B(config-if pppoe 1)# pppoe type host
Router_B(config-if pppoe 1)#exit
Router_B(config)#line lan 1
Router_B(config-line lan 1)# shutdown 2
Router_B(config-line lan 1)# shutdown 3
Router_B(config-line lan 1)# shutdown 4
Router_B(config-line lan 1)#exit
Router_B(config)#
Router_B(config)#end
Router_B#
Router_B#save SIDE-A
% saving working-config
% finished saving

Router_B#reset
Going to reset with SIDE-A.frm and SIDE-A
Boot-back not scheduled for next boot.
Next rebooting firmware SIDE-A.frm is fine.
Are you OK to cold start?(y/n)y
設定状態の確認1

vrrpの状態を表示します(起動直後の状態)。

Router A Router B
Router_A#show vrrp
VRRP action enable

lan 1 Vrid 1
 Priority 254 (Current 254)
 Preempt mode “on”
 Advertisement interval 1
 Local ip address is 192.168.0.11
 Virtual router ip address is 192.168.0.1
 Virtual MAC address is 00:00:5e:00:01:01
 Authentication type is “auth-none”
※  state: Master
    uptime(sec): 22
    become master count: 1
    advertise receive: 0
    error advertise receive: 0

lan 1 Vrid 2
 Priority 200 (Current 200)
 Preempt mode “on”
 Advertisement interval 1
 Local ip address is 192.168.0.11
 Virtual router ip address is 192.168.0.2
 Virtual MAC address is 00:00:5e:00:01:02
 Authentication type is “auth-none”
    state: Backup
    uptime(sec): -----
    become master count: 1
    advertise receive: 11
    error advertise receive: 0 		Router_B#show vrrp
VRRP action enable

lan 1 Vrid 1
 Priority 200 (Current 200)
 Preempt mode “on”
 Advertisement interval 1
 Local ip address is 192.168.0.12
 Virtual router ip address is 192.168.0.1
 Virtual MAC address is 00:00:5e:00:01:01
 Authentication type is “auth-none”
    state: Backup
    uptime(sec): -----
    become master count: 0
    advertise receive: 16
    error advertise receive: 0

lan 1 Vrid 2
 Priority 254 (Current 254)
 Preempt mode “on”
 Advertisement interval 1
 Local ip address is 192.168.0.12
 Virtual router ip address is 192.168.0.2
 Virtual MAC address is 00:00:5e:00:01:02
 Authentication type is “auth-none”
※  state: Master
    uptime(sec): 10
    become master count: 1
    advertise receive: 6
    error advertise receive: 0

※:グループ1はRouter AがMaster、グループ2はRouter BがMasterになっていることを確認してください。

設定状態の確認2

Router AのPPPoEインタフェースがダウンしたときの状態を確認します。

1.event-classの状態(Router AのPPPoEインタフェースがダウンしたとき)

確認内容 画面表示例
event-class の状態を表示
状態がTrue であることを確認




PPPoE インタフェースのダウンを確認 		Router_A#show event-class
Event-class[1] : True
 Description
 Conditions : (Match-all)
  ICMP information
  I/F information
     pppoe1 is down : True (Inverted from False)
  VRRP information
  duration
 Logging disabled
 Dampening Penalty: Current/Suppress-Threshold/Reuse-Threshold
2457/20000/10000
 Flapped Frequency: 0
 Total State changes : 3 times
    Change to True : 2, False : 1, Unknown : 0
    Last state change : 17:59:28 2011/09/07

2.event-actionの状態(Router AのPPPoEインタフェースがダウンしたとき)

確認内容 画面表示例
event-action の状態を表示
状態がActivated であることを確認




vrid のプライオリティを確認 		Router_A#show event-action
Event-action[1] : Activated
 Descrioption :
 Activated from :
  Event-class[1]
Actions :
   vrrp 1 track 1 decrement 100
 Logging disabled
 Total State changes : 3 times
    Change to Activated : 2, Inactivated : 1
    Last state change : 17:59:28 2011/09/07

3.event-mapの状態(Router AのPPPoEインタフェースがダウンしたとき)

確認内容 画面表示例
event-map の状態を表示
event-class のステータスと
event-action の実行状態を確認 		Router_A#show event-map
Event-class[1] : True -> Event-Action[1] : Activated

4.vrrpの状態(Router AのPPPoEインタフェースがダウンしたとき)

Router A Router B
Router_A#show vrrp
VRRP action enable

lan 1 Vrid 1
 Priority 254 (Current 254)
 Preempt mode “on”
 Advertisement interval 1
 Local ip address is 192.168.0.11
 Virtual router ip address is 192.168.0.1
 Virtual MAC address is 00:00:5e:00:01:01
 Authentication type is “auth-none”
  state: Backup
    uptime(sec): -----
    become master count: 2
    advertise receive: 15
    error advertise receive: 0

lan 1 Vrid 2
 Priority 200 (Current 200)
 Preempt mode “on”
 Advertisement interval 1
 Local ip address is 192.168.0.11
 Virtual router ip address is 192.168.0.2
 Virtual MAC address is 00:00:5e:00:01:02
 Authentication type is “auth-none”
    state: Backup
    uptime(sec): -----
    become master count: 1
    advertise receive: 123
    error advertise receive: 0 		Router_B#show vrrp
VRRP action enable

lan 1 Vrid 1
 Priority 200 (Current 200)
 Preempt mode “on”
 Advertisement interval 1
 Local ip address is 192.168.0.12
 Virtual router ip address is 192.168.0.1
 Virtual MAC address is 00:00:5e:00:01:01
 Authentication type is “auth-none”
※  state: Master
    uptime(sec): 11
    become master count: 2
    advertise receive: 115
    error advertise receive: 0

lan 1 Vrid 2
 Priority 254 (Current 254)
 Preempt mode “on”
 Advertisement interval 1
 Local ip address is 192.168.0.12
 Virtual router ip address is 192.168.0.2
 Virtual MAC address is 00:00:5e:00:01:02
 Authentication type is “auth-none”
※  state: Master
    uptime(sec): 165
    become master count: 1
    advertise receive: 6
    error advertise receive: 0

※:グループ1、グループ2ともにRouter BがMasterになっていることを確認してください。

ページトップへ

All Rights Reserved, Copyright(C) FURUKAWA ELECTRIC CO., LTD. 2011