某局点S7503X keepalive 反复up/down
- 0关注
- 0收藏 578浏览
问题描述
设备keepalive状态震荡
过程分析
1、现网环境,终端取不到地址,spine起了dhcp relay,leaf起了dncp snooping,排查发现spine存在DHCP超限丢包记录,同时leaf存在keepalive 反复up/down记录,通过删除dhcp snooping trust后重下恢复。
2、dhcp报文的源终端只在接入下通过vlan 4094接入,debug一直有nak报文。
Message type: REQUEST (1)
Hardware type: 1, Hardware address length: 6
Hops: 0, Transaction ID: 2273587435
Seconds: 0, Broadcast flag: 0
Client IP address: 0.0.0.0 Your IP address: 0.0.0.0
Server IP address: 0.0.0.0 Relay agent IP address: 0.0.0.0
Client hardware address: c465-1690-2cb3
Server host name: not configured
Boot file name: not configured
DHCP message type: DHCPREQUEST (3)
*Jul 10 22:28:12:146 2023 BJ-CD-5-leaf-BGW-2 DHCPS/7/EVENT: -MDC=1; Receive a DHCPREQUEST message for 172.16.212.8 from Vsi-interface4094; The server identifier is (none).
*Jul 10 22:28:12:146 2023 BJ-CD-5-leaf-BGW-2 DHCPS/7/PACKET: -MDC=1; To 255.255.255.255 port 68, interface Vsi-interface4094
Message type: REPLY (2)
Hardware type: 1, Hardware address length: 6
Hops: 0, Transaction ID: 2273587435
Seconds: 0, Broadcast flag: 1
Client IP address: 0.0.0.0 Your IP address: 0.0.0.0
Server IP address: 0.0.0.0 Relay agent IP address: 0.0.0.0
Client hardware address: c465-1690-2cb3
Server host name: not configured
Boot file name: not configured
DHCP message type: DHCPNAK (6)
3、定位:dhcp报文不管从spine,leaf,access上的vxlan 4094接入,都会造成环路问题, leaf上因为vxlan 4094配置了dhcp snooping trust,所以会向4094的teunnel口广播 广播到其他leaf,其他leaf同样处理又广播回来,导致dhcp报文成环
Vxlan4094是管理vxlan,不要接入客户端
解决方法
如果问题发生,临时规避方法可以在leaf上把vxlan 4094配置的dhcp snooping trust undo掉,恢复后再配置回去
该案例暂时没有网友评论
编辑评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作