配置IPv4静态路由与NQA联动案例

知识改变命运，技术就是要分享，有问题随时联系，免费答疑，欢迎联系！

厦门微思网络?????? https://www.xmws.cn
华为认证\华为HCIA-Datacom\华为HCIP-Datacom\华为HCIE-Datacom
Linux\RHCE\RHCE 9.0\RHCA\
Oracle OCP\CKA\K8S\
CISP\CISSP\PMP

IPv4静态路由与NQA联动简介

网络质量分析NQA（Network Quality Analysis）是一种实时的网络性能探测和统计技术，可以对响应时间、网络抖动、丢包率等网络信息进行统计。NQA能够实时监视网络QoS，在网络发生故障时进行有效的故障诊断和定位。

当网络比较简单，或者交换机不能通过动态路由协议建立到达目的网络的路由时，可以配置静态路由。但是，与动态路由协议不同，静态路由自身没有检测机制，当网络发生故障时，静态路由无法感知，需要由管理员介入，这样无法保证及时进行链路切换，可能造成业务较长时间中断。

部署IPv4静态路由与BFD联动的方案可以适应链路的变化情况，但是IPv4静态路由与BFD联动要求链路两端的设备都支持BFD功能。如果链路两端有设备不支持BFD功能，可以配置IPv4静态路由与NQA联动，当NQA测试例检测到链路故障后，会把与其绑定的静态路由从IP路由表删除，使业务流量切换到无链路故障的路由，避免业务的长时间中断。

组网需求

如图1所示，某公司网络在SwitchA上通过配置两条静态缺省路由连接到两个出口路由器RouterA和RouterB，实现负载分担。公司希望实现为静态缺省路由部署检测机制，使其能够感知到链路故障，保证在链路出现故障时能及时进行链路切换，避免造成业务较长时间中断。

图1 配置IPv4静态路由与NQA联动组网图

配置思路

1. 创建VLAN并配置各接口所属VLAN，配置各VLANIF接口的IP地址，实现相邻设备网络互通。
2. 创建ICMP类型的NQA测试例，用来检测链路故障。在NQA测试例客户端SwitchA与被测试设备RouterA和RouterB之间建立ICMP类型的NQA测试例，检测链路是否正常。
3. 配置静态缺省路由，并绑定NQA测试例。在SwitchA上配置到RouterA和RouterB的静态缺省路由并绑定NQA测试例，当NQA测试例检测到链路故障时，实现链路切换。

操作步骤

1. 配置SwitchA各接口所属的VLAN

<HUAWEI> system-view

[HUAWEI] sysname SwitchA

[SwitchA] vlan batch 100 200 300

[SwitchA] interface gigabitethernet 1/0/1

[SwitchA-GigabitEthernet1/0/1] port link-type trunk

[SwitchA-GigabitEthernet1/0/1] port trunk allow-pass vlan 100

[SwitchA-GigabitEthernet1/0/1] quit

[SwitchA] interface gigabitethernet 1/0/2

[SwitchA-GigabitEthernet1/0/2] port link-type trunk

[SwitchA-GigabitEthernet1/0/2] port trunk allow-pass vlan 200

[SwitchA-GigabitEthernet1/0/2] quit

[SwitchA] interface gigabitethernet 1/0/3

[SwitchA-GigabitEthernet1/0/3] port link-type trunk

[SwitchA-GigabitEthernet1/0/3] port trunk allow-pass vlan 300

[SwitchA-GigabitEthernet1/0/3] quit

1. 配置SwitchA各VLANIF接口的IP地址

[SwitchA] interface vlanif 100

[SwitchA-Vlanif100] ip address 10.1.10.2 24

[SwitchA-Vlanif100] quit

[SwitchA] interface vlanif 200

[SwitchA-Vlanif200] ip address 10.1.20.2 24

[SwitchA-Vlanif200] quit

[SwitchA] interface vlanif 300

[SwitchA-Vlanif300] ip address 10.1.30.2 24

[SwitchA-Vlanif300] quit

1. 在SwitchA上配置NQA测试例

[SwitchA] nqa test-instance user test1

[SwitchA-nqa-user-test1] test-type icmp

[SwitchA-nqa-user-test1] destination-address ipv4 10.1.10.1

[SwitchA-nqa-user-test1] frequency 11

[SwitchA-nqa-user-test1] probe-count 2

[SwitchA-nqa-user-test1] interval seconds 5

[SwitchA-nqa-user-test1] timeout 4

[SwitchA-nqa-user-test1] start now

[SwitchA-nqa-user-test1] quit

[SwitchA] nqa test-instance user test2

[SwitchA-nqa-user-test2] test-type icmp

[SwitchA-nqa-user-test2] destination-address ipv4 10.1.20.1

[SwitchA-nqa-user-test2] frequency 11

[SwitchA-nqa-user-test2] probe-count 2

[SwitchA-nqa-user-test2] interval seconds 5

[SwitchA-nqa-user-test2] timeout 4

[SwitchA-nqa-user-test2] start now

[SwitchA-nqa-user-test2] quit

1. 配置静态缺省路由，并绑定NQA测试例

[SwitchA] ip route-static 0.0.0.0 0.0.0.0 10.1.10.1 track nqa user test1

[SwitchA] ip route-static 0.0.0.0 0.0.0.0 10.1.20.1 track nqa user test2

1. 验证配置结果

#查看NQA for静态缺省路由的配置，可以看到静态缺省路由已经绑定NQA测试例。

[SwitchA] display current-configuration | include nqa

ip route-static 0.0.0.0 0.0.0.0 10.1.10.1 track nqa user test1

ip route-static 0.0.0.0 0.0.0.0 10.1.20.1 track nqa user test2

nqa test-instance user test1

nqa test-instance user test2

查看NQA测试结果。

[SwitchA] display nqa results test-instance user test1

NQA entry(user, test1) :testflag is active ,testtype is icmp
1 . Test 10 result ? The test is finished
Send operation times: 2 ? ? ? ? ? ? ?Receive response times: 2
Completion:success ? ? ? ? ? ? ? ?RTD OverThresholds number: 0
Attempts number:1 ? ? ? ? ? ? ? ? ? ?Drop operation number:0
Disconnect operation number:0 ? ? ? ?Operation timeout number:0
System busy operation number:0 ? ? ? Connection fail number:0
Operation sequence errors number:0 ? RTT Status errors number:0
Destination ip address:10.1.10.1
Min/Max/Average Completion Time: 30/30/30
Sum/Square-Sum ?Completion Time: 7/25
Last Good Probe Time: 2014-09-09 09:55:38.2
Lost packet ratio: 0 %

[SwitchA] display nqa results test-instance user test2

NQA entry(user, test2) :testflag is active ,testtype is icmp

1 . Test 11 result The test is finished

Send operation times: 2 Receive response times: 2

Completion:success RTD OverThresholds number: 0

Attempts number:1 Drop operation number:0

Disconnect operation number:0 Operation timeout number:0

System busy operation number:0 Connection fail number:0

Operation sequence errors number:0 RTT Status errors number:0

Destination ip address:10.1.20.1

Min/Max/Average Completion Time: 30/30/30

Sum/Square-Sum Completion Time: 7/25

Last Good Probe Time: 2014-09-09 09:56:38.2

Lost packet ratio: 0 %

“Completion:success”、“Lost packet ratio: 0 %”表示SwitchA到RouterA和RouterB的链路状态完好。

查看路由表，可以看到存在两条静态缺省路由分别指向RouterA和RouterB。

[SwitchA] display ip routing-table

Route Flags: R - relay, D - download to fib, T - to vpn-instance

------------------------------------------------------------------------------

Routing Tables: Public

Destinations : 9 Routes : 10

Destination/Mask Proto Pre Cost Flags NextHop Interface

0.0.0.0/0 Static 60 0 RD 10.1.10.1 Vlanif100

Static 60 0 RD 10.1.20.1 Vlanif200

10.1.10.0/24 Direct 0 0 D 10.1.10.2 Vlanif100

10.1.10.2/32 Direct 0 0 D 127.0.0.1 Vlanif100

10.1.20.0/24 Direct 0 0 D 10.1.20.2 Vlanif200

10.1.20.2/32 Direct 0 0 D 127.0.0.1 Vlanif200

10.1.30.0/24 Direct 0 0 D 10.1.30.2 Vlanif300

10.1.30.2/32 Direct 0 0 D 127.0.0.1 Vlanif300

127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0

127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0

关闭SwitchA的GigabitEthernet1/0/2 接口，模拟链路故障。

[SwitchA] interface gigabitethernet 1/0/2
[SwitchA-GigabitEthernet1/0/2] shutdown
[SwitchA-GigabitEthernet1/0/2] quit

查看NQA测试结果。

[SwitchA] display nqa results test-instance user test1

NQA entry(user, test1) :testflag is active ,testtype is icmp
1 . Test 12 result ? The test is finished
Send operation times: 2 ? ? ? ? ? ? ?Receive response times: 2
Completion:success ? ? ? ? ? ? ? ?RTD OverThresholds number: 0
Attempts number:1 ? ? ? ? ? ? ? ? ? ?Drop operation number:0
Disconnect operation number:0 ? ? ? ?Operation timeout number:0
System busy operation number:0 ? ? ? Connection fail number:0
Operation sequence errors number:0 ? RTT Status errors number:0
Destination ip address:10.1.10.1
Min/Max/Average Completion Time: 30/30/30
Sum/Square-Sum ?Completion Time: 7/25
Last Good Probe Time: 2014-09-09 09:57:38.2
Lost packet ratio: 0 %

[SwitchA] display nqa results test-instance user test2

NQA entry(user, test2) :testflag is active ,testtype is icmp
1 . Test 13 result ? The test is finished
Send operation times: 2 ? ? ? ? ? ? ?Receive response times: 0
Completion:failed ? ? ? ? ? ? ? ? ?RTD OverThresholds number: 0
Attempts number:1 ? ? ? ? ? ? ? ? ? ?Drop operation number:0
Disconnect operation number:0 ? ? ? ?Operation timeout number:2
System busy operation number:0 ? ? ? Connection fail number:0
Operation sequence errors number:0 ? RTT Status errors number:0
Destination ip address:10.1.20.1
Min/Max/Average Completion Time: 0/0/0
Sum/Square-Sum ?Completion Time: 0/0
Last Good Probe Time: 2014-09-09 09:58:38.2
Lost packet ratio: 100 %

“Completion:failed”、“Lost packet ratio: 100 %”表示SwitchA到RouterB的链路发生故障。

查看路由表，可以看到仅存在指向RouterA的静态缺省路由。

[SwitchA] display ip routing-table

Route Flags: R - relay, D - download to fib, T - to vpn-instance

------------------------------------------------------------------------------

Routing Tables: Public

Destinations : 7 Routes : 7

Destination/Mask Proto Pre Cost Flags NextHop Interface

0.0.0.0/0 Static 60 0 RD 10.1.10.1 Vlanif100

10.1.10.0/24 Direct 0 0 D 10.1.10.2 Vlanif100

10.1.10.2/32 Direct 0 0 D 127.0.0.1 Vlanif100

10.1.30.0/24 Direct 0 0 D 10.1.30.2 Vlanif300

10.1.30.2/32 Direct 0 0 D 127.0.0.1 Vlanif300

127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0

127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0