要实现监控服务器能够和用户终端相互访问。
监控服务器归属 vpn-instance neiwang
核心交换机2eht0/0/0归属 vpn-instance CCTV
核心交换机1和核心交换机2的VLAN52起了vrrp。
现在关闭核心交换机1的情况下可以实现监控服务器和用户终端相互访问。
但是一旦核心交换机1启用后，成为vrrp的master后就不行了，核心交换机1的vpn-instance路由不知道怎么写。望大家一起讨论下，帮忙解决下。
核心交换机1配置：
#
vlan batch 52
#
ip vpn-instance CCTV
ipv4-family
route-distinguisher 100:2
#
ip vpn-instance neiwang
ipv4-family
route-distinguisher 100:1
#
interface Vlanif52
ip binding vpn-instance neiwang
ip address 10.129.86.2 255.255.255.0
vrrp vrid 52 virtual-ip 10.129.86.1
vrrp vrid 52 priority 105
#
interface Ethernet0/0/3
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#路由不知道怎么配置########
############################
核心交换机2配置：
#
vlan batch 52
#
#
ip vpn-instance CCTV
ipv4-family
route-distinguisher 100:2
#
ip vpn-instance neiwang
ipv4-family
route-distinguisher 100:1
#
#
interface Vlanif52
ip binding vpn-instance neiwang
ip address 10.129.86.3 255.255.255.0
vrrp vrid 52 virtual-ip 10.129.86.1
#
interface Ethernet0/0/0
undo portswitch
ip binding vpn-instance CCTV
ip address 10.14.0.2 255.255.255.252
#
interface Ethernet0/0/3
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/4
port link-type access
port default vlan 52
#
ip route-static vpn-instance CCTV 10.129.86.0 255.255.255.0 Vlanif52
ip route-static vpn-instance CCTV 172.16.17.0 255.255.255.0 10.14.0.1
ip route-static vpn-instance neiwang 10.14.0.0 255.255.255.252 vpn-instance CCTV 10.14.0.1
ip route-static vpn-instance neiwang 172.16.17.0 255.255.255.0 vpn-instance CCTV 10.14.0.1
#
###############
外部区域交换机配置
#
vlan batch 10 20
#
interface Vlanif10
ip address 10.14.0.1 255.255.255.252
#
interface Vlanif20
ip address 172.16.17.1 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 10
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 20
#
ip route-static 10.129.86.0 255.255.255.0 10.14.0.2
#########
监控服务器IP：10.129.86.20/24 网关10.129.86.1
外部区域用户终端ip： ip address 172.16.17.2/24 网关 172.16.17.1