MaxCapie 的 CCNP 筆記

HSRP主要是用來做線路備援機制，

簡單來說，當A線路斷線時或是ISP有問題，會切換至另B線路。

說明：

1. RouterA接Hinet ADSL使用PPPoE連至Internet

2. RouterB接SeedNet ADSL使用PPPoE至Internet

3. Default 由 Hinet 的線路至Internet              (Active 在 RouterA)

4. 當Hinet 線路斷線則由SeedNet 至Internet    (Standby 在 RouterB)

紅字部份為HSRP主要設定

以下是RouterA的Show Run

RouterA#show run
Building configuration...

Current configuration : 1440 bytes
!
version 12.4
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname RouterA
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
no network-clock-participate slot 1
no network-clock-participate wic 0
ip cef
!
!
interface FastEthernet0/0
 description LAN interface
 ip address 192.168.3.250 255.255.255.0
 ip nat inside
 duplex auto
 speed 100
 standby 1 ip 192.168.3.254      (設定Group 1 的 Virtual IP)
 standby 1 timers 1 5                (每1秒發一次Hello，5秒沒回應就切換線路)
 standby 1 preempt                  (設定搶奪，沒設定當Priority回復正常值時，會無法變回Active)
 standby 1 track Dialer1 51        (當Dialer1斷線則降低Priority 51) 註：track用途為降低Priority，Default值是100
!
interface Serial0/0
 no ip address
 shutdown
!
interface FastEthernet0/1
 description ADSL_WAN interface
 no ip address
 speed auto
 half-duplex
 pppoe enable
 pppoe-client dial-pool-number 1
 no cdp enable
!
interface Dialer1
 description ADSL_WAN dialer
 ip address negotiated
 no ip unreachables
 ip nat outside
 encapsulation ppp
 no ip mroute-cache
 dialer pool 1
 dialer-group 1
 ppp authentication chap pap callin
 ppp chap hostname 播接帳號@hinet.net
 ppp chap password 0 播接密碼
 ppp pap sent-username 播接帳號@hinet.net password 0 播接密碼
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
!
ip http server
ip nat inside source list 1 interface Dialer1 overload
!
access-list 1 permit 192.168.3.0 0.0.0.255
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
 login local
!
!
end

-----------------這是分格線-----------------

RouterB的Show Run

RouterB#show run
Building configuration...

Current configuration : 1411 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname RouterB
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
no network-clock-participate slot 1
no network-clock-participate wic 0
ip cef
!
!
interface FastEthernet0/0
 ip address 192.168.3.251 255.255.255.0
 ip nat inside
 duplex auto
 speed 100
 standby 1 ip 192.168.3.254       (設定Group 1 的 Virtual IP)
 standby 1 timers 1 5                 (每1秒發一次Hello，5秒沒回應就切換線路)
 standby 1 priority 50                 (設定Priority 50，預設100，Active會在Priority較大的那台)
 standby 1 preempt                   (設定搶奪，當RouterA斷線，要把Active搶過來RouterB)
!
interface Serial0/0
 no ip address
 shutdown
!
interface FastEthernet0/1
 description ADSL_WAN interface
 no ip address
 speed auto
 half-duplex
 pppoe enable
 pppoe-client dial-pool-number 1
 no cdp enable
!
interface Dialer1
 description ADSL_WAN dialer
 ip address negotiated
 no ip unreachables
 ip nat outside
 encapsulation ppp
 no ip mroute-cache
 dialer pool 1
 dialer-group 1
  ppp authentication chap pap callin
 ppp chap hostname 播接帳號
 ppp chap password 0 播接密碼
 ppp pap sent-username 播接帳號 password 0 播接密碼
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
!
no ip http server
ip nat inside source list 1 interface Dialer1 overload
!
access-list 1 permit 192.168.3.0 0.0.0.255
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
 login local
!
!
end