场简化组网图如下,SW1和SW2堆叠,控制器连接交换机的管理口:
现场两台设备堆叠,ADDC自动下发方案,配置了openflow,但上线后openflow一直断断续续:
%Dec 26 08:07:28:242 2023leaf-10.6.49.103 OFP/5/OFP_CONNECT: Openflow instance 1, controller 1 is connected.
%Dec 26 08:07:28:250 2023leaf-10.6.49.103 OFP/5/OFP_DISCONNECT: Openflow instance 1, controller 1 is disconnected.disconnected reason:Epoll error.
%Dec 26 08:07:28:252 2023leaf-10.6.49.103 OFP/5/OFP_FAIL_OPEN: Openflow instance 1 is in fail secure mode.
从控制器上ping设备,ping报文存在丢包:
ping -c 10000 -vpn-instance mgmt 10.6.49.151
Ping 10.6.49.151 (10.6.49.151): 56 data bytes, press CTRL+C to break
Request time out
56 bytes from 10.6.49.151: icmp_seq=9 ttl=64 time=0.333 ms
56 bytes from 10.6.49.151: icmp_seq=10 ttl=64 time=0.377 ms
56 bytes from 10.6.49.151: icmp_seq=11 ttl=64 time=1.718 ms
56 bytes from 10.6.49.151: icmp_seq=12 ttl=64 time=0.364 ms
56 bytes from 10.6.49.151: icmp_seq=13 ttl=64 time=0.361 ms
Request time out
Request time out
56 bytes from 10.6.49.151: icmp_seq=16 ttl=64 time=0.376 ms
56 bytes from 10.6.49.151: icmp_seq=17 ttl=64 time=0.343 ms
56 bytes from 10.6.49.151: icmp_seq=18 ttl=64 time=0.381 ms
Request time out
如果将插在管理口上的电缆接到电脑上,从电脑ping控制器无丢包现象;在设备另一个管理口上插光转电模块,插同样的电缆,ping控制器也没有丢包现象,openflow也正常。
(1) 远程到堆叠交换机上进行了更多的替换测试,检查了相关配置,也看了mac地址表项学习,均没有发现什么异常;
(2) 现场排查组网,在控制器上发现学到了两个相同的mac,经排查,同一个二层组网中,SW3和SW2/SW1的管理口mac地址是一样的。跟现场了解情况,现场在开局组网之前,将SW2和SW3堆叠在一起测试过,之后直接在堆叠状态下拔掉堆叠线让两台设备堆叠分裂,没有重启。之后又将SW2和SW1堆叠,和SW3一起加入到组网中,结果SW3的管理口和堆叠设备的管理口mac相同。初步判断是因为堆叠时配置了mac永久保留,两台设备堆叠时,管理口mac同步了,之后堆叠分裂又没有重启,导致两台设备的管理口mac是一样的。
(3)<span times="" new="" roman"'="" style="margin: 0px; padding: 0px; word-break: break-all;"> 在实验室测试,将两台5130S堆叠,配置mac永久保留,此时查看两框上物理接口mac如下,即物理接口mac堆叠后不相同:
GigabitEthernet1/0/1
Current state: DOWN
IP packet frame type: Ethernet II, hardware address: 3cf5-cc01-44f2
GigabitEthernet2/0/1
Current state: DOWN
IP packet frame type: Ethernet II, hardware address: 9ce8-954c-6c36
查看vlan虚接口mac地址如下:
Vlan-interface99
Current state: UP
Line protocol state: UP
Description: Vlan-interface99 Interface
Bandwidth: 10000000 kbps
Maximum transmission unit: 1500
Internet address: 172.31.2.63/24 (primary)
IP packet frame type: Ethernet II, hardware address: 3cf5-cc01-44f1
IPv6 packet frame type: Ethernet II, hardware address: 3cf5-cc01-44f1
直接拔掉堆叠线,查看两框上的mac地址:
Slot 1:
GigabitEthernet1/0/1
Current state: DOWN
IP packet frame type: Ethernet II, hardware address: 3cf5-cc01-44f2
Vlan-interface99
Current state: UP
Line protocol state: UP
Description: Vlan-interface99 Interface
Bandwidth: 10000000 kbps
Maximum transmission unit: 1500
Internet address: 172.31.2.63/24 (primary)
IP packet frame type: Ethernet II, hardware address: 3cf5-cc01-44f1
IPv6 packet frame type: Ethernet II, hardware address: 3cf5-cc01-44f1
Slot 2:
GigabitEthernet2/0/1
Current state: DOWN
IP packet frame type: Ethernet II, hardware address: 9ce8-954c-6c36
Vlan-interface99
Current state: DOWN
Line protocol state: DOWN
Description: Vlan-interface99 Interface
Bandwidth: 10000000 kbps
Maximum transmission unit: 1500
Internet address: 172.31.2.63/24 (primary)
IP packet frame type: Ethernet II, hardware address: 3cf5-cc01-44f1
IPv6 packet frame type: Ethernet II, hardware address: 3cf5-cc01-44f1
可以看到堆叠分裂后,三层虚接口的mac地址是保持不变的,两台设备的三层接口mac地址一样,但物理接口地址都是以自己的系统mac生成的。之后将分裂后的备框重启一下,查看mac地址,可以看到mac地址是根据该设备的系统mac重新生成的,与原主设备不一样了:
Vlan-interface99
Current state: DOWN
Line protocol state: DOWN
Description: Vlan-interface99 Interface
Bandwidth: 10000000 kbps
Maximum transmission unit: 1500
Internet address: 172.31.2.63/24 (primary)
IP packet frame type: Ethernet II, hardware address: 9ce8-954c-6c35
IPv6 packet frame type: Ethernet II, hardware address: 9ce8-954c-6c35
(4) 根据现场环境和实验室测试结果,可以确定现场故障是由于二层组网中mac冲突导致的,而mac冲突是由于堆叠设备分裂后,因为配置了mac保留,导致管理口mac保持和原主框一致造成的。
重启sw3设备,使mac重新刷新,解决地址冲突
该案例暂时没有网友评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作