S6800 堆叠分裂导致业务受到影响
- 0关注
- 0收藏 2994浏览
组网及说明
S7500E-X和S6800分别是两台设备做堆叠,都配置了BFD MAD,两组设备而之间通过跨框聚合组49进行互联。两组设备都开启了STP,S7500E-X是根桥设备。
问题描述
现场进行S6800设备的IRF分裂演练,通过手工shutdown堆叠链路的方式来进行堆叠分裂,发现堆叠分裂后业务受到影响,undo shutdown堆叠链路恢复堆叠之后业务才恢复。现场查看日志信息,发现故障时候汇聚S6800设备存在STP端口老化的日志信息。
过程分析
1、现场反馈了S7500E-X的诊断信息、S6800设备恢复后的诊断、S6800 主机的logfile文件,但是S6800 备机的logfile文件是空的(由于无法看到故障时备机的情况,该特殊情况加大了问题分析的难度)。
2、查看S6800 主机的logfile信息,发现堆叠分裂后,S6800上显示Bridge-Aggregation49备机两个口处于未选中状态,过了会发现Bridge-Aggregation49收不到BPDU报文;同时,分裂的时候未看到BFD MAD生效的日志;
//堆叠分裂:
%Jun 25 14:08:09:194 2019 SH-CR-DI-ASW-1718 STM/3/STM_LINK_DOWN: IRF port 2 went down.
%Jun 25 14:08:09:337 2019 SH-CR-DI-ASW-1718 DEV/3/BOARD_REMOVED: Board was removed from slot 2, type is S6800-54QF.
//S6800 主机上提示Bridge-Aggregation49备机两个口处于未选中状态
%Jun 25 14:08:10:393 2019 SH-CR-DI-ASW-1718 LAGG/6/LAGG_INACTIVE_PHYSTATE: Member port XGE2/0/42 of aggregation group BAGG49 changed to the inactive state, because the physical state of the port is down.
%Jun 25 14:08:10:395 2019 SH-CR-DI-ASW-1718 LAGG/6/LAGG_INACTIVE_PHYSTATE: Member port XGE2/0/43 of aggregation group BAGG49 changed to the inactive state, because the physical state of the port is down.
//12S之后提示聚合组49没有收到BPDU报文导致STP端口状态老化
%Jun 25 14:08:22:573 2019 SH-CR-DI-ASW-1718 STP/5/STP_BPDU_RECEIVE_EXPIRY: VLAN 1's port Bridge-Aggregation49 received no BPDU within the rcvdInfoWhile interval. Information of the port aged out.
%Jun 25 14:08:22:574 2019 SH-CR-DI-ASW-1718 STP/5/STP_BPDU_RECEIVE_EXPIRY: VLAN 1723's port Bridge-Aggregation49 received no BPDU within the rcvdInfoWhile interval. Information of the port aged out.
%Jun 25 14:08:22:574 2019 SH-CR-DI-ASW-1718 STP/5/STP_BPDU_RECEIVE_EXPIRY: VLAN 1724's port Bridge-Aggregation49 received no BPDU within the rcvdInfoWhile interval. Information of the port aged out.
%Jun 25 14:08:22:575 2019 SH-CR-DI-ASW-1718 STP/5/STP_BPDU_RECEIVE_EXPIRY: VLAN 1955's port Bridge-Aggregation49 received no BPDU within the rcvdInfoWhile interval. Information of the port aged out.
%Jun 25 14:08:22:575 2019 SH-CR-DI-ASW-1718 STP/5/STP_BPDU_RECEIVE_EXPIRY: VLAN 1728's port Bridge-Aggregation49 received no BPDU within the rcvdInfoWhile interval. Information of the port aged out.
%Jun 25 14:08:22:576 2019 SH-CR-DI-ASW-1718 STP/5/STP_BPDU_RECEIVE_EXPIRY: VLAN 1729's port Bridge-Aggregation49 received no BPDU within the rcvdInfoWhile interval. Information of the port aged out.
3、查看上连S7506E-X的日志信息,没有报Bridge-Aggregation49成员端口出现过未选中的日志,并且在S6800设备报Bridge-Aggregation49收不到BPDU报文同时,S7506E-X设备报Bridge-Aggregation49收到低优先的BPDU报文触发dispute保护;
%@577961%Jun 25 14:06:10:468 2019 SH-CR-DI-DSW-0102 PING/6/PING_STATISTICS: Ping statistics for 172.16.255.5: 1000 packet(s) transmitted, 1000 packet(s) received, 0.0% packet loss, round-trip min/avg/max/std-dev = 2.228/3.188/25.090/1.886 ms.
%@577962%Jun 25 14:08:22:576 2019 SH-CR-DI-DSW-0102 STP/4/STP_DISPUTE: VLAN 1's port Bridge-Aggregation49 received an inferior BPDU from a designated port which is in forwarding or learning state.
%@577963%Jun 25 14:08:22:595 2019 SH-CR-DI-DSW-0102 STP/4/STP_DISPUTE: VLAN 1723's port Bridge-Aggregation49 received an inferior BPDU from a designated port which is in forwarding or learning state.
%@577964%Jun 25 14:08:22:596 2019 SH-CR-DI-DSW-0102 STP/4/STP_DISPUTE: VLAN 1724's port Bridge-Aggregation49 received an inferior BPDU from a designated port which is in forwarding or learning state.
%@577965%Jun 25 14:08:22:596 2019 SH-CR-DI-DSW-0102 STP/4/STP_DISPUTE: VLAN 1955's port Bridge-Aggregation49 received an inferior BPDU from a designated port which is in forwarding or learning state.
%@577966%Jun 25 14:08:22:597 2019 SH-CR-DI-DSW-0102 STP/4/STP_DISPUTE: VLAN 1728's port Bridge-Aggregation49 received an inferior BPDU from a designated port which is in forwarding or learning state.
%@577967%Jun 25 14:08:22:598 2019 SH-CR-DI-DSW-0102 STP/4/STP_DISPUTE: VLAN 1729's port Bridge-Aggregation49 received an inferior BPDU from a designated port which is in forwarding or learning state.
4、查看S6800配置了irf mac-address persistent timer,即堆叠分裂之后, 备机和主机的桥mac地址会保持一致。
6、分析下为什么S6800堆叠分裂时备机上的Bridge-Aggregation49及其对应的物理端口并未被mad shutdown。查看S6800的配置,发现Bridge-Aggregation49放通了BFD MAD VLAN。配置手册中明确写了BFD MAD检测接口自动作为系统保留接口,因此堆叠分裂的时候BFD MAD检测接口不会被shutdown。
#
interface Bridge-Aggregation49
description SH-CR-DI-DSW-0102
port link-type trunk
port trunk permit vlan all
link-aggregation mode dynamic
#
|
1 操作 |
2 命令 |
3 说明 |
|
进入系统视图 |
system-view |
- |
|
配置保留接口,当设备进入Recovery状态时,该接口不会被关闭 |
mad exclude interface interface-type interface-number |
缺省情况下,设备进入Recovery状态时会自动关闭本设备上所有的业务接口 IRF物理端口、BFD MAD检测接口以及用户配置的保留聚合接口的成员接口自动作为系统保留接口,不需要配置 |
|
4 注意事项类别 |
5 使用限制和注意事项 |
|
BFD MAD检测VLAN |
· 不允许在Vlan-interface1接口上开启BFD MAD检测功能 · 如果使用中间设备,需要进行如下配置: ¡ 在IRF设备和中间设备上,创建专用于BFD MAD检测的VLAN ¡ 在IRF设备和中间设备上,将用于BFD MAD检测的物理接口添加到BFD MAD检测专用VLAN中 ¡ 在IRF设备上,创建BFD MAD检测的VLAN的VLAN接口 · 如果网络中存在多个IRF,在配置BFD MAD时,各IRF必须使用不同的VLAN作为BFD MAD检测专用VLAN · 用于BFD MAD检测的VLAN接口对应的VLAN中只能包含BFD MAD检测链路上的端口,请不要将其它端口加入该VLAN。当某个业务端口需要使用port trunk permit vlan all命令允许所有VLAN通过时,请使用undo port trunk permit命令将用于BFD MAD的VLAN排除 |
解决方法
1、现场配置问题,在Bridge-Aggregation49排查BFD MAD VLAN解决。
2、V5版本BFD MAD检测接口不会自动作为系统保留接口,V5版本B70分支修改为BFD MAD检测接口自动作为系统保留接口,已提MUI需求让研发修改回去,避免后续出现类似问题。
该案例暂时没有网友评论
编辑评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作