华为无线ac双链路冷备和热备配置案例

所谓的冷备和热备，冷备就是不用vrrp和hsb协议同步ap和用户信息，主的断了等七十五秒后，备的capwap和ap连接上去。

双链路冷备不用vrrp和hsb

双链路热备份只用hsb同步ap和用户信息，不用vrrp，两个ac可以不用在同一个二层广播域

现网中常用冷备

AC1

vlan batch 10 30

interface Vlanif10
ip address 10.0.10.2 255.255.255.0

interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 30

ip route-static 0.0.0.0 0.0.0.0 10.0.10.1

capwap source ip-address 10.0.10.2

wlan
security-profile name test
security wpa-wpa2 psk pass-phrase adminadmin aes

ssid-profile name test
ssid admin

vap-profile name test
service-vlan vlan-id 30
ssid-profile test
security-profile test

ap-group name test
vap-profile test wlan 1 radio all

ap-id 0 type-id 69 ap-mac 00e0-fcc9-0500
ap-name 1-lay-01
ap-group test

AC2

vlan batch 11 30

interface Vlanif11
ip address 10.0.11.2 255.255.255.0

interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 11 30

ip route-static 0.0.0.0 0.0.0.0 10.0.11.1

capwap source ip-address 10.0.11.2

wlan
security-profile name test
security wpa-wpa2 psk pass-phrase adminadmin aes

ssid-profile name test
ssid admin

vap-profile name test
service-vlan vlan-id 30
ssid-profile test
security-profile test

ap-group name test
vap-profile test wlan 1 radio all

ap-id 0 type-id 69 ap-mac 00e0-fcc9-0500
ap-name 1-lay-01
ap-group test

SW1

vlan batch 10 to 11 20 30

dhcp enable
interface Vlanif10
ip address 10.0.10.1 255.255.255.0

interface Vlanif11
ip address 10.0.11.1 255.255.255.0

interface Vlanif20
ip address 172.16.0.1 255.255.255.0
dhcp select interface
dhcp server option 43 sub-option 2 ip-address 10.0.10.2 10.0.11.2 //写两台ac地址

interface Vlanif30
ip address 192.168.0.1 255.255.255.0
dhcp select interface

interface MEth0/0/1

interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 30

interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 11 30

interface GigabitEthernet0/0/3
port link-type trunk
port trunk pvid vlan 20
port trunk allow-pass vlan 20 30

双链路冷备份

（主挂了，备的75秒后切上去，因为capwap25秒发一次，3倍的时间才认为断开找备的，因为是用直接转发的所以业务不会中断。）

[ac1]wlan
[ac1-wlan-view]ac protect enable protect-ac 10.0.11.2 priority 0
//指定对端备ac的capwap地址并设置自己的优先级为0，值越小越优，如果优先级相同比较看哪个ac下面带的负载小
Warning: This operation maybe cause AP reset, continue?[Y/N]:y
[ac1-wlan-view]ac protect enable

[ac2]wlan
[ac2-wlan-view]ac protect enable protect-ac 10.0.10.2 priority 1
Warning: This operation maybe cause AP reset, continue?[Y/N]:y
[ac2-wlan-view]ac protect enable

[ac1-wlan-view] ap-reset all //重启ap生效

查看主备情况

接上终端用户后查看：

备的ac2目前看是没有信息，如果主的挂了，等75秒后这里就会有信息了

双链路热备份（无vrrp）

两个ac的capwap地址不用在同一个广播域中，因为没有用vrrp

[ac1]hsb-service 0
[ac1-hsb-service-0]service-ip-port local-ip 10.0.10.2 peer-ip 10.0.11.2 local-data-port 10241 peer-data-port 10241

[ac1]hsb-service-type access-user hsb-service 0 //同步用户信息
[ac1]hsb-service-type ap hsb-service 0 //同步ap信息

[ac2]hsb-service 0
[ac2-hsb-service-0]service-ip-port local-ip 10.0.11.2 peer-ip 10.0.10.2 local-data-port 10241 peer-data-port 10241

[ac2]hsb-service-type access-user hsb-service 0 //同步用户信息
[ac2]hsb-service-type ap hsb-service 0 //同步ap信息