设为首页收藏本站language 语言切换
开启辅助访问 切换到宽版

鸿鹄论坛

 找回密码
 论坛注册

QQ登录

先注册再绑定QQ

鸿鹄论坛»鸿鹄论坛 ≡□≡思科认证≡□≡ CCNA求助答疑 eigrp负载均衡问题
返回列表 发新帖
查看: 2247|回复: 9
收起左侧

[求助] eigrp负载均衡问题

[复制链接]
allbluelai
发表于 2017-12-16 15:30:38 | 显示全部楼层 |阅读模式
10鸿鹄币
本帖最后由 allbluelai 于 2017-12-16 15:33 编辑

1.环境:GNS3 2.1.0rc3+WIN7 64
2.拓扑: 1.png

3.配置
3.1 接口配置如图所示,路由选择eigrp,R3--R4直接的串口shutdown,暂时不用,快速以太口开启,实现负载均衡
3.2 ACL配置
R2的ACL:
R2(config)#interface FastEthernet0/0
R2(config-if)#ip address 12.1.1.2 255.255.255.0
R2(config-if)#ip access-group 100 in

R2(config-if)#exit
R2(config)#access-list 100 permit icmp any any
R2(config)#access-list 100 permit eigrp any any


R3的ACL:
R3(config)#interface FastEthernet0/1
R3(config-if)#ip address 13.1.1.3 255.255.255.0
R3(config-if)#ip access-group 100 in

R3(config-if)#exit
R3(config)#access-list 100 permit icmp any any
R3(config)#access-list 100 permit eigrp any any


4.实验
4.1 逐流负载均衡
在R1上关闭ip cef,在R2和R3上开启ACL匹配ICMP报文,在R1上ping 46.1.1.6/24,同时打开debug查看ICMP发包情况
R1(config)#access-list10 permit 46.1.1.0 0.0.0.255
R1(config)#no ip cef
R1(config)#end
R1#debug ip packetdetail 10
IP packet debuggingis on (detailed) for access list 10
R1#ping 46.1.1.4source 1.1.1.1 repeat 10
Type escape sequenceto abort.
Sending 10, 100-byteICMP Echos to 46.1.1.4, timeout is 2 seconds:
Packet sent with asource address of 1.1.1.1
!!!!!!!!!!
Success rate is 100percent (10/10), round-trip min/avg/max = 36/56/84 ms
R1#
*Mar  1 02:14:42.779: IP: tableid=0, s=46.1.1.4(FastEthernet0/1), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:14:42.779: IP: s=46.1.1.4(FastEthernet0/1), d=1.1.1.1, len 100, rcvd 4
*Mar  1 02:14:42.779:     ICMPtype=0, code=0
*Mar  1 02:14:42.843: IP: tableid=0, s=46.1.1.4(FastEthernet0/1), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:14:42.843: IP: s=46.1.1.4(FastEthernet0/1), d=1.1.1.1, len 100, rcvd 4
*Mar  1 02:14:42.843:     ICMP type=0, code=0
*Mar  1 02:14:42.887: IP: tableid=0, s=46.1.1.4(FastEthernet0/1), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:14:42.887: IP: s=46.1.1.4(FastEthernet0/1), d=1.1.1.1, len 100, rcvd 4
*Mar  1 02:14:42.887:     ICMP type=0, code=0
*Mar  1 02:14:42.923: IP: tableid=0, s=46.1.1.4(FastEthernet0/1), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:14:42.923: IP: s=46.1.1.4(FastEthernet0/1), d=1.1.1.1, len 100, rcvd 4
*Mar  1 02:14:42.923:     ICMP type=0, code=0
*Mar  1 02:14:42.987: IP: tableid=0, s=46.1.1.4(FastEthernet0/1), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:14:42.987: IP: s=46.1.1.4(FastEthernet0/1), d=1.1.1.1, len 100, rcvd 4
*Mar  1 02:14:42.987:     ICMP type=0, code=0
*Mar  1 02:14:43.043: IP: tableid=0, s=46.1.1.4(FastEthernet0/1), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:14:43.043: IP: s=46.1.1.4(FastEthernet0/1), d=1.1.1.1, len 100, rcvd 4
*Mar  1 02:14:43.043:     ICMP type=0, code=0
*Mar  1 02:14:43.087: IP: tableid=0, s=46.1.1.4(FastEthernet0/1), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:14:43.087: IP: s=46.1.1.4(FastEthernet0/1), d=1.1.1.1, len 100, rcvd 4
*Mar  1 02:14:43.087:     ICMP type=0, code=0
*Mar  1 02:14:43.171: IP: tableid=0, s=46.1.1.4(FastEthernet0/1), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:14:43.171: IP: s=46.1.1.4(FastEthernet0/1), d=1.1.1.1, len 100, rcvd 4
*Mar  1 02:14:43.171:     ICMP type=0, code=0
*Mar  1 02:14:43.215: IP: tableid=0, s=46.1.1.4(FastEthernet0/1), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:14:43.215: IP: s=46.1.1.4(FastEthernet0/1), d=1.1.1.1, len 100, rcvd 4
*Mar  1 02:14:43.215:     ICMP type=0, code=0
*Mar  1 02:14:43.279: IP: tableid=0, s=46.1.1.4(FastEthernet0/1), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:14:43.279: IP: s=46.1.1.4(FastEthernet0/1), d=1.1.1.1, len 100, rcvd 4
*Mar  1 02:14:43.279:     ICMP type=0, code=0
查看R2和R3上的匹配情况:
R2# show ip access-lists
Extended IP accesslist 100
    10 permit icmp any any (5 matches)
20 permit eigrp any any (9 matches)
R3# show ip access-lists
Extended IP accesslist 100
    10 permit icmp any any (5 matches)
    20 permit eigrp any any (9 matches)
问题1:R2和R3均匹配了5条ICMP报文,说明已经实现逐包的负载均衡,那么,debug信息中的红色字体的出接口为什么没有变换,理论上应该是FastEthernet0/0和FastEthernet0/1交替的把?
4.2 逐流的负载均衡
在R1上开启ip cef,并在R1上ping 46.1.1.6/24、46.1.1.4/24、4.4.4.4三条不同的目的地
R1#ping 46.1.1.6 source 1.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 46.1.1.6, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 64/84/124 ms
R1#
*Mar  1 02:29:21.655: IP: tableid=0, s=46.1.1.6 (FastEthernet0/0), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:29:21.655: IP: s=46.1.1.6 (FastEthernet0/0), d=1.1.1.1, len 100, rcvd 4
*Mar  1 02:29:21.655:     ICMP type=0, code=0
*Mar  1 02:29:21.719: IP: tableid=0, s=46.1.1.6 (FastEthernet0/0), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:29:21.719: IP: s=46.1.1.6 (FastEthernet0/0), d=1.1.1.1, len 100, rcvd 4
*Mar  1 02:29:21.719:     ICMP type=0, code=0
*Mar  1 02:29:21.783: IP: tableid=0, s=46.1.1.6 (FastEthernet0/0), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:29:21.783: IP: s=46.1.1.6 (FastEthernet0/0), d=1.1.1.1, len 100, rcvd 4
R1#
*Mar  1 02:29:21.783:     ICMP type=0, code=0
*Mar  1 02:29:21.887: IP: tableid=0, s=46.1.1.6 (FastEthernet0/0), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:29:21.887: IP: s=46.1.1.6 (FastEthernet0/0), d=1.1.1.1, len 100, rcvd 4
*Mar  1 02:29:21.887:     ICMP type=0, code=0
*Mar  1 02:29:21.951: IP: tableid=0, s=46.1.1.6 (FastEthernet0/0), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:29:21.951: IP: s=46.1.1.6 (FastEthernet0/0), d=1.1.1.1, len 100, rcvd 4
*Mar  1 02:29:21.951:     ICMP type=0, code=0
R1#ping 46.1.1.4 source 1.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 46.1.1.4, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/66/80 ms
R1#
*Mar  1 02:29:35.859: IP: tableid=0, s=46.1.1.4 (FastEthernet0/1), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:29:35.859: IP: s=46.1.1.4 (FastEthernet0/1), d=1.1.1.1, len 100, rcvd 4
*Mar  1 02:29:35.859:     ICMP type=0, code=0
*Mar  1 02:29:35.923: IP: tableid=0, s=46.1.1.4 (FastEthernet0/1), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:29:35.923: IP: s=46.1.1.4 (FastEthernet0/1), d=1.1.1.1, len 100, rcvd 4
*Mar  1 02:29:35.923:     ICMP type=0, code=0
*Mar  1 02:29:35.987: IP: tableid=0, s=46.1.1.4 (FastEthernet0/1), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:29:35.987: IP: s=46.1.1.4 (FastEthernet0/1), d=1.1.1.1, len 100, rcvd 4
R1#
*Mar  1 02:29:35.987:     ICMP type=0, code=0
*Mar  1 02:29:36.051: IP: tableid=0, s=46.1.1.4 (FastEthernet0/1), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:29:36.051: IP: s=46.1.1.4 (FastEthernet0/1), d=1.1.1.1, len 100, rcvd 4
*Mar  1 02:29:36.051:     ICMP type=0, code=0
*Mar  1 02:29:36.115: IP: tableid=0, s=46.1.1.4 (FastEthernet0/1), d=1.1.1.1 (Loopback0), routed via RIB
*Mar  1 02:29:36.115: IP: s=46.1.1.4 (FastEthernet0/1), d=1.1.1.1, len 100, rcvd 4
*Mar  1 02:29:36.115:     ICMP type=0, code=0
R1#ping 4.4.4.4 source 1.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 40/52/80 ms
在R2和R3上查看ACL匹配情况:
R2#show ip access-lists
Extended IP access list 100
    10 permit icmp any any
    20 permit eigrp any any (18 matches)
R2#show ip access-lists
Extended IP access list 100
    10 permit icmp any any
    20 permit eigrp any any (24 matches)
R2#show ip access-lists
Extended IP access list 100
    10 permit icmp any any
    20 permit eigrp any any (30 matches)

R3#show ip access-lists
Extended IP access list 100
    10 permit icmp any any (5 matches)
    20 permit eigrp any any (15 matches)
R3#show ip access-lists
Extended IP access list 100
    10 permit icmp any any (10 matches)
    20 permit eigrp any any (21 matches)
R3#show ip access-lists
Extended IP access list 100
    10 permit icmp any any (15 matches)
    20 permit eigrp any any (27 matches)

问题2:R2一次都没有匹配中,三次ping包均走的R3路径,说明去往不同目的地的流量走了相同路径,难道eigrp没有实现负载均衡吗?
因为刚开始学习,可能还没理解透彻,还望各位前辈不吝赐教,谢谢
附上配置文件。

eigrp-route.zip (32.63 KB, 下载次数: 7)




最佳答案

jsjsboy

查看完整内容

cef默认是基于目的地址负载均衡,也就是你去往一个IP的数据包只会走一条路径,就算你的路由表是负载均衡也是一样 R1#show ip cef exact-route source-address destination-address 你可以清楚的看到到底使用的是哪条路径 在R1的两个接口上 配置基于数据包的负载均衡 :ip load-sharing per-packet
回复

使用道具 举报

jsjsboy
发表于 2017-12-16 15:30:39 | 显示全部楼层
本帖最后由 jsjsboy 于 2017-12-19 20:19 编辑
allbluelai 发表于 2017-12-18 21:26
traceroute不管是否开启ip cef得到的结果都是R2和R3各走一半,以下是开启ip cef的结果,并未实现逐流的负 ...

cef默认是基于目的地址负载均衡,也就是你去往一个IP的数据包只会走一条路径,就算你的路由表是负载均衡也是一样           R1#show ip cef exact-route  source-address  destination-address    你可以清楚的看到到底使用的是哪条路径

在R1的两个接口上 配置基于数据包的负载均衡 :ip load-sharing per-packet





沙发 2017-12-16 15:30:39 回复 收起回复
回复

使用道具 举报

q466265670
发表于 2017-12-16 18:13:02 | 显示全部楼层
学习学习,谢谢分享
板凳 2017-12-16 18:13:02 回复 收起回复
回复

使用道具 举报

jsjsboy
发表于 2017-12-16 18:27:36 | 显示全部楼层
你搞的太复杂了,直接traceroute查看不就行了
地板 2017-12-16 18:27:36 回复 收起回复
回复

使用道具 举报

Rockyw
发表于 2017-12-16 21:32:33 | 显示全部楼层
把其中一条链路断开看看
5# 2017-12-16 21:32:33 回复 收起回复
回复

使用道具 举报

allbluelai
 楼主| 发表于 2017-12-18 20:36:06 | 显示全部楼层
jsjsboy 发表于 2017-12-16 18:27
你搞的太复杂了,直接traceroute查看不就行了

traceroute查看不现象,不管开不开ip cef都是逐包负载均衡的:
R1#traceroute
Protocol [ip]:
Target IP address: 46.1.1.4
Source address: 1.1.1.1
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]: 10
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 46.1.1.4

  1 13.1.1.3 !A
    12.1.1.2 !A
    13.1.1.3 !A
    12.1.1.2 !A
    13.1.1.3 !A
    12.1.1.2 !A
    13.1.1.3 !A
    12.1.1.2 !A
    13.1.1.3 !A
    12.1.1.2 !A
难道是我的IOS版本问题?
R1#show version
Cisco Internetwork Operating System Software
IOS (tm) 3600 Software (C3660-IS-M), Version 12.3(23), RELEASE SOFTWARE (fc5)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2007 by cisco Systems, Inc.
Compiled Tue 24-Jul-07 17:40 by stshen
Image text-base: 0x60008AF4, data-base: 0x61D80000

ROM: ROMMON Emulation Microcode
ROM: 3600 Software (C3660-IS-M), Version 12.3(23), RELEASE SOFTWARE (fc5)

R1 uptime is 11 minutes
System returned to ROM by unknown reload cause - suspect boot_data[BOOT_COUNT] 0x0, BOOT_COUNT 0, BOOTDATA 19
System image file is "tftp://255.255.255.255/unknown"

cisco 3660 (R527x) processor (revision 1.0) with 188416K/8192K bytes of memory.
Processor board ID FTX0945W0MY
R527x CPU at 250MHz, Implementation 40, Rev 1.2, 512KB L2 Cache
Bridging software.
X.25 software, Version 3.0.0.
SuperLAT software (copyright 1990 by Meridian Technology Corp).


3660 Chassis type: ENTERPRISE
3 FastEthernet/IEEE 802.3 interface(s)
DRAM configuration is 64 bits wide with parity enabled.
253K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read/Write)

Configuration register is 0x2102
6# 2017-12-18 20:36:06 回复 收起回复
回复

使用道具 举报

allbluelai
 楼主| 发表于 2017-12-18 21:21:55 | 显示全部楼层
Rockyw 发表于 2017-12-16 21:32
把其中一条链路断开看看

通过在R1上打开debug信息查看的报文是回包,因此,上面的debug信息分析错了,
另外通过断开R2或者R3的链路,R1上的46.1.1.0/24和4.4.4.4/32的路由只有一条路径,但是当R2和R3实现负载均衡时,通过ACL匹配的ICMP报文只在R2中看到(这次不是只走R3),两次实验结果不一致,不知道各种原因,还请指点一下,谢谢
7# 2017-12-18 21:21:55 回复 收起回复
回复

使用道具 举报

allbluelai
 楼主| 发表于 2017-12-18 21:26:08 | 显示全部楼层
jsjsboy 发表于 2017-12-16 18:27
你搞的太复杂了,直接traceroute查看不就行了

traceroute不管是否开启ip cef得到的结果都是R2和R3各走一半,以下是开启ip cef的结果,并未实现逐流的负载均衡
R1#traceroute
Protocol [ip]:        
Target IP address: 46.1.1.6
Source address: 1.1.1.1
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 46.1.1.6

  1 12.1.1.2 !A
    13.1.1.3 !A
    12.1.1.2 !A
R1#traceroute
Protocol [ip]: 46.1.1.4  
% Unknown protocol - "46.1.1.4", type "trace ?" for help
R1#traceroute
Protocol [ip]:
Target IP address: 46.1.1.4  
Source address: 1.1.1.1   
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 46.1.1.4

  1 13.1.1.3 !A
    12.1.1.2 !A
    13.1.1.3 !A
R1#traceroute
Protocol [ip]:
Target IP address: 4.4.4.4
Source address: 1.1.1.1   
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 4.4.4.4

  1 12.1.1.2 !A
    13.1.1.3 !A
    12.1.1.2 !A
R1#
8# 2017-12-18 21:26:08 回复 收起回复
回复

使用道具 举报

jim.hou
发表于 2017-12-23 21:38:55 | 显示全部楼层
CEF转发: 默认情况下是基于目地的负载均衡,当源和目地不变的时候就是走的一条路,在接口下改为基于数据包就可以:ip load-sharping per-packet .
9# 2017-12-23 21:38:55 回复 收起回复
回复

使用道具 举报

Tomtwo
发表于 2018-3-3 01:50:28 来自手机 | 显示全部楼层
感谢
10# 2018-3-3 01:50:28 回复 收起回复
回复

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 论坛注册

本版积分规则

QQ|Archiver|手机版|小黑屋|sitemap|鸿鹄论坛 ( 京ICP备14027439号 )  

GMT+8, 2025-5-7 13:09 , Processed in 0.162395 second(s), 26 queries , Redis On.  

  Powered by Discuz!

  © 2001-2025 HH010.COM

快速回复 返回顶部 返回列表