首先，现场的场景是上联二层SW，这个时候上联SW上行口down掉之后，上联SW的下行接口不会down，导致Fw感知不到光猫的接口有问题，所以要配置track+nqa，并且在RBM视图下调用，一定要记得，先保证track的状态是postive的

然后再在RBM视图下引用

nqa entry admin rbm

type icmp-echo

  destination ip x.x.x.x

  frequency 100

  out interface GigabitEthernet1/0/28

  reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only

#

nqa entry admin rbm1

type icmp-echo

  destination ip x.x.x.x

  frequency 100

  out interface GigabitEthernet1/0/29

  reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only

nqa schedule admin rbm start-time now lifetime forever

nqa schedule admin rbm1 start-time now lifetime forever

track 4 nqa entry admin rbm reaction 1

track 5 nqa entry admin rbm1 reaction 1

remote-backup group

backup-mode dual-active

data-channel interface Route-Aggregation1

configuration sync-check interval 1

delay-time 1

track 4     

track 5

local-ip 10.10.10.2

remote-ip 10.10.10.1

device-role primary

主设备上关于路由的配置要这样配置：

ip route-static 0.0.0.0 0 x.x.x.x track 4

ip route-static 0.0.0.0 0 x.x.x.x track 5 preference 70

其次，在两个出口下使用nat outbound 要使用地址池，并且要是对应的vrrp的虚地址

否则RBM主备切换，公网的流量回不来，并且对应地址池下要绑定VRRP的VID，否则会报地址冲突

nat address-group 1

address x.x.x.x x.x.x.x

vrrp vrid 1

#

nat address-group 2

address x.x.x.x x.x.x.x

vrrp vrid 2

interface GigabitEthernet1/0/28

port link-mode route

combo enable fiber

最后，要开启nat 链路转换重新创建会话，否则持续命中之前的会话，会有问题

nat link-switch recreate-session

#

补充一下，备机的RBM中不用track4 与track5