记某项目数据落地的交换机组网方式

By JiangLingJun at: 2020-05-31

post-cover

此篇博客记录某国际项目中数据落地的交换机组网以及配置方式。
目录一览:

  • 数据落地方案
  • Westermo交换机配置概要
  • to be defined

一、数据落地方案

1.Requirement Analysis

① Three Network on the wayside: TVSS network in red, LTE network in blue and WIFI network in yellow;
② The data server in OCC implement 3 network interface cards connect to three network.
③ There are 5 train to ground channels:

  • Channel 1:Main line TVSS network,main line active path
  • Channel 2:Main line CG1-LTE1 network,main line backup path, Depot backup path
  • Channel 3:Main line CG2-LTE2 network,main line backup path, Depot backup path
  • Channel 4:Depot WIFI 1 network, depot active path
  • Channel 5:Depot WIFI 2 network, depot active path

④ When the train is running on the main line, channel 2 and channel 3 are available when channel 1 fails, and the loading will balanced with each other.
⑤ When the train arrive depot, channel 2 and channel 3 are available when channel 4 and channel 5 fail, and the loading will balanced with each other.

2.Description of Solution

On the main line: Automatic channel switching by Router

  • Install 2 L3 switches in MI carriages, and 4 L2 switches in the rest of carriages, build up a FRNT redundant ring.
  • Run VRRP on routers, Router 1 is the master router for first 3 carriages, Router 2 is the backup one. Router 2 is the master router for last 3 carriages, Router 1 is the backup one. Load balance design.
  • Channel 1(TVSS network in red) is main path for T2G communication, Channel 2 & 3(CG-LTE1/2 network) is the secondary path. Device have multiple upstream Gateway with different priority.
  • end devices sent 3 frames with different destination address to red network,blue network and yellow network at same time, Router will select an available channel. when the red network is available, router will drop the two packets which destination address is not in red network.

In the depot: Automatic channel switching by CG box:

  • Channel switching between LTE and WiFi is done by CG box
  • end devices sent 2 frames with different destination address to yellow network and blue network at same time, CG box will select an available channel. Channel 4/5 (WIFI network) priority are higher than channel 2/3 (LTE network).

二、Westermo交互机配置概要

1.VLAN配置

Web界面Configuration -> VLAN -> VLANs可以看到,交换机中存在一个默认 vlan 1;默认 vlan1 是包含所有端口的,即可通过所有端口进入该交换机。



  • VID:VLAN号,定义了VLAN特定身份
  • Name:VLAN名称,自动按照从vlan1 依次下推,改名为系统自动分配,web界面不能修改,可用console更改
  • Enabled:启动或禁用该 VLAN
  • Prio:VLAN 优先级设定,等级:0-7 或者禁用
  • IGMP:是否启用,打钩表示启用;不打勾表示未启用
  • Interface:规定隶属 VLAN 的端口;Tagged 表示带有标签(一般用于交换机之间级联)。级联举例:两个交换机上分别都有VLAN10和VLAN20,一般来说VLAN10互连、VLAN20互连需要占用2根网线和4个端口,打tag后,只需1根网线和2个端口,交互机根据tag自动区分数据包出口方向。

新建 Vlan 后,在交换机 Interface 会出现该新建的 Vlan。 点击:Configuration -> Network -> Interface,进入 Vlan IP 地址修改和管理。

2.IP地址配置

① 通过Web页面配置
Web界面Configuration -> Network -> Interface

进入到 IP 修改界面后,开始进行 IP 地址修改,点击Apply完成 IP 修改。

3.FRNT配置

环网结构:

每个环网只有一个 Focal Point,阻塞点位于 Focal Point 上。收敛时间<20ms(200台交换机)
环网配置位于Web配置界面的Configuration L2Redundancy FRNT,点击 New新建一个 FRNT

  • Ring ID: FRNT 环网唯一标识符。目前只有一个 FRNT 环网
  • Focal Point:它是环网中代表拓扑结构改变的一个元素。如果你这是一个 Member(成员),这里就不打勾

注意:一个 FRNT 只有一个 Focal Point,它会响应环网中拓扑结构变化,决定通讯链路及备援链路。其他环网成员就是默认的 Member(社员)。设置 member 时不要在 Focal Point 打勾。
Port M/Port N:FRNT需要分配两个端口作为环网端口。他们连接到相邻设备来组成 FRNT环。
然后点击 Apply完成配置

4.VRRP配置

VRRP: 多台路由器共享一个虚拟IP(VIP)地址,具有高优先级的路由器充当VIP主机,即Master,而其他路由器处于热备状态,即Backup

VRRP Group 同步,即R1两端同为主或备保持同步切换,不需要做链路检测或Track.westermo支持最多两组同步,如下图中VRID33和VRID1

VRRP基本配置
Web界面Configuration -> Routing -> VRRP,点击New进入VRRP配置


5.CLI登录交换机

需要console线或者网线通过putty软件用SSH方式登录

用console登陆,请检查Windows“设备管理器”中的“端口(COM和LPT)”获取COM端口信息。如下可以通过COM15进入交换机。


登陆帐号是admin

6.默认网关配置

为不同的VLAN配置不同的网关和distance,例:

通过show命令展示VLAN信息

7.组播路由配置

Web界面Configuration -> Routing -> Common,钩选Multicast启用组播路由,点击Apply完成

Static Route设置组播路由

配置案例

参照如下拓扑测试

Server 发组播流,Client 跨网段接收

① 启用组播路由并配置

② IGMP Snooping 启动
a) IGMP 必须启动,否则client 无法接收到组播流

③ IGMP fast leave ports 钩选
a) 默认端口Fast leave ports 不启用,Server正常发流,当Client退出组播组时,Client所连端口还会继续接收组播流直至组播监听timeout(default 300 sec)
b) x10 端口Fast leave ports 钩选,Server正常发流,当Client退出组播组时,Client所连端口x10将快速切断组播流接收

④ Multicast router ports 启用
a) Multicast router ports 针对所连end device或者Switch不具备IGMP功能。
b) Multicast router ports 不启用,Server正常发流,当Client退出组播组时(如VLC关闭,停止接收视频流),Wireshark将抓不到UDP包。
c) Multicast router ports 启用,Server正常发流,当Client退出组播组时(如VLC关闭,停止接收视频流),Wireshark依然能抓到UDP包。

注意:以上测试设备—viper-212A-T3G,WeOS 4.27.0
当启用Multicast router ports功能,点击Apply,配置立即生效。
当取消Multicast router ports功能,点击Apply,配置无法立即生效,需将IGMP Snooping重新启用,即Disabled再Enabled。

8.端口镜像配置

通过端口镜像,可以对某个端口的流量进行监控


设置完成后,就可以将PC连接到设置好的端口(这里是X11),通过Wireshark进行抓包

注意:被设置了镜像的端口不能像正常端口一样使用,连接此端口的设备将ping不通其他端口,同Vlan下也ping不通

9.导出配置

进入Maintenance -> Backup & restore

10.导入配置

① 进入Maintenance -> Backup & restore -> Restore configuration 点击浏览

② 选择配置文件所在的位置

③ 点击Restore, 将配置导入即可

三、to be defined