MSR2600-17路由器上网慢的问题
- 1关注
- 3收藏,1357浏览
问题描述:
公司网络,2600-17作为出口,外接两路500M电信的拨号线路上网(光纤),出口线路自动分配,负载均衡。
下接接入交换机和无线AC设备,在2600-17上面划分了若干个vlan,PC机通过dhcp获取地址上网。
目前主要问题是早上到公司后,网络很慢,打不开网页,大约半个小时后网络逐渐恢复正常,可以打开网页。上网人数大约90人。
网络刚搭建起来的前两年,运行正常,检查配置没有发现问题,一直没有改过配置。
早高峰期间ping网关(2600-17),以及dns都是通的,但是不能正常上网,请问是什么原因。
局域网抓包发现偶尔有arp攻击,感觉对网络的影响布置很大。
2600-17的内存和cpu使用率始终没有超过一半。
请问各位大神,是什么原因造成的早高峰网络缓慢?
组网及组网描述:
- 2020-09-25提问
- 举报
-
(1)
您好,请知:
可能在早上上班的时候,电脑逐步开启并自动获取IP地址,可能端口的UP DOWN触发了STP TC拓扑改变而引发了STP计算,因此上网可能会卡,看下接入交换机哪些端口连接着终端,配置为STP边缘端口看下。
另外看到有ARP攻击,可以抓包看下具体是哪个IP,可在路由器上进行ACL的拦截看看。
以下是MSR2600的用户手册连接:
https://www.h3c.com/cn/Service/Document_Software/Document_Center/Routers/Catalog/MSR/MSR_2600/
- 2020-09-27回答
- 评论(0)
- 举报
-
(0)
暂无评论
公司是树状网络,不存在stp的问题。各位大神看看到底是啥问题造成的网速慢,电信给的500M带宽,过了路由器测速就达不到500M了。
2600-17配置如下:
<H3C>dis cu
#
version 5.20, Release 2516P11
#
sysname H3C
#
clock timezone Beijing add 08:00:00
#
firewall enable
#
domain default enable system
#
dns server 61.134.1.4
#
telnet server enable
#
dar p2p signature-file flash:/p2p_default.mtd
#
qos carl 3 destination-ip-address range 192.168.8.26 to 192.168.8.254 per-address
qos carl 4 destination-ip-address range 192.168.8.26 to 192.168.8.254 per-address
qos carl 5 destination-ip-address range 192.168.5.3 to 192.168.5.253 per-address
qos carl 6 destination-ip-address range 192.168.5.3 to 192.168.5.253 per-address
qos carl 7 destination-ip-address range 192.168.6.3 to 192.168.6.253 per-address
qos carl 8 destination-ip-address range 192.168.6.3 to 192.168.6.253 per-address
qos carl 9 destination-ip-address range 192.168.7.2 to 192.168.7.253 per-address
qos carl 10 destination-ip-address range 192.168.7.2 to 192.168.7.253 per-address
qos carl 11 destination-ip-address range 192.168.4.3 to 192.168.4.253 per-address
qos carl 12 destination-ip-address range 192.168.4.3 to 192.168.4.253 per-address
#
port-security enable
#
password-recovery enable
#
ip user-based-sharing enable
#
acl number 3961
rule 0 permit ip source 192.168.8.0 0.0.0.255
acl number 3962
rule 0 permit ip source 192.168.7.0 0.0.0.255
acl number 3963
rule 0 permit ip source 192.168.6.0 0.0.0.255
acl number 3964
rule 0 permit ip source 192.168.5.0 0.0.0.255
acl number 3965
rule 0 permit ip source 192.168.4.0 0.0.0.255
acl number 3966
rule 0 permit ip source 192.168.8.0 0.0.0.255
acl number 3967
rule 0 permit ip source 192.168.7.0 0.0.0.255
acl number 3968
rule 0 permit ip source 192.168.4.0 0.0.0.255
acl number 3969
rule 0 permit ip source 192.168.6.0 0.0.0.255
acl number 3970
rule 0 permit ip source 192.168.5.0 0.0.0.255
#
acl number 4999
rule 0 deny source-mac f470-ab54-3f3e ffff-ffff-ffff
rule 1 permit
#
vlan 1
#
vlan 4 to 9
#
vlan 15
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
traffic classifier acl3980deny operator or
if-match acl 3980
traffic classifier AdvWeb3969 operator and
if-match acl 3969
traffic classifier AdvWeb3968 operator and
if-match acl 3968
traffic classifier AdvWeb3967 operator and
if-match acl 3967
traffic classifier AdvWeb3966 operator and
if-match acl 3966
traffic classifier AdvWeb3970 operator and
if-match acl 3970
traffic classifier AdvWeb3965 operator and
if-match acl 3965
traffic classifier AdvWeb3964 operator and
if-match acl 3964
traffic classifier AdvWeb3963 operator and
if-match acl 3963
traffic classifier AdvWeb3962 operator and
if-match acl 3962
traffic classifier AdvWeb3961 operator and
if-match acl 3961
#
traffic behavior AdvWeb3969
queue ef bandwidth 20480 cbs 512000
traffic behavior AdvWeb3968
queue ef bandwidth 20480 cbs 512000
traffic behavior AdvWeb3967
queue ef bandwidth 20480 cbs 512000
traffic behavior AdvWeb3966
queue ef bandwidth 20480 cbs 512000
traffic behavior AdvWeb3970
queue ef bandwidth 20480 cbs 512000
traffic behavior AdvWeb3965
queue ef bandwidth 20480 cbs 512000
traffic behavior AdvWeb3964
queue ef bandwidth 20480 cbs 512000
traffic behavior AdvWeb3963
queue ef bandwidth 20480 cbs 512000
traffic behavior AdvWeb3962
queue ef bandwidth 20480 cbs 512000
traffic behavior AdvWeb3961
queue ef bandwidth 20480 cbs 512000
traffic behavior acldeny
filter deny
#
qos policy PolicyLimit-1048577
classifier AdvWeb3969 behavior AdvWeb3969
classifier AdvWeb3968 behavior AdvWeb3968
classifier AdvWeb3967 behavior AdvWeb3967
classifier AdvWeb3966 behavior AdvWeb3966
classifier AdvWeb3970 behavior AdvWeb3970
qos policy PolicyLimit-1048588
classifier AdvWeb3965 behavior AdvWeb3965
classifier AdvWeb3964 behavior AdvWeb3964
classifier AdvWeb3963 behavior AdvWeb3963
classifier AdvWeb3962 behavior AdvWeb3962
classifier AdvWeb3961 behavior AdvWeb3961
#
dhcp server ip-pool vlan15 extended
network ip range 192.168.15.2 192.168.15.100
network mask 255.255.255.0
gateway-list 192.168.15.1
dns-list 218.30.19.40 61.134.1.4 8.8.8.8
#
dhcp server ip-pool vlan4 extended
network ip range 192.168.4.101 192.168.4.200
network mask 255.255.255.0
gateway-list 192.168.4.1
dns-list 218.30.19.40 61.134.1.4 8.8.8.8
#
dhcp server ip-pool vlan5 extended
network ip range 192.168.5.2 192.168.5.100
network mask 255.255.255.0
gateway-list 192.168.5.1
dns-list 218.30.19.40 61.134.1.4 8.8.8.8
#
dhcp server ip-pool vlan6 extended
network ip range 192.168.6.120 192.168.6.200
network mask 255.255.255.0
gateway-list 192.168.6.1
dns-list 218.30.19.40 61.134.1.4 8.8.8.8
#
dhcp server ip-pool vlan7 extended
network ip range 192.168.7.2 192.168.7.100
network mask 255.255.255.0
gateway-list 192.168.7.1
dns-list 218.30.19.40 61.134.1.4 8.8.8.8
#
dhcp server ip-pool vlan8 extended
network ip range 192.168.8.26 192.168.8.250
network mask 255.255.255.0
gateway-list 192.168.8.1
dns-list 218.30.19.40 61.134.1.4 8.8.8.8
#
dhcp server ip-pool vlan9 extended
network ip range 192.168.9.2 192.168.9.100
network mask 255.255.255.0
gateway-list 192.168.9.1
dns-list 218.30.19.40 61.134.1.4 8.8.8.8
#
user-group system
group-attribute allow-guest
#
local-user admin
password cipher $c$3$BKNI22mgq6bkDOYljOq5dpXm0TLc7i2di4
authorization-attribute level 3
service-type telnet
service-type web
#
cwmp
undo cwmp enable
#
interface Aux0
async mode flow
link-protocol ppp
#
interface Cellular0/0
async mode protocol
link-protocol ppp
firewall packet-filter 4999 outbound
#
interface Dialer1
nat outbound
firewall packet-filter 4999 outbound
link-protocol ppp
ppp chap user 02088588766
ppp chap password cipher $c$3$C6k7jtK9p42rLr9j+KELAVmySJKIjg==
ppp pap local-user 02984587866 password cipher $c$3$OFVHQx81vFDcMG3oprB/SGO4RSkUK1g9Jw==
ppp ipcp dns admit-any
ppp ipcp dns request
qos max-bandwidth 204800
load-bandwidth 500000
ip address ppp-negotiate
tcp mss 1440
dialer user username
dialer-group 1
dialer bundle 1
qos reserved-bandwidth pct 100
qos lr outbound cir 204800 cbs 12800000 ebs 0
qos car inbound carl 5 cir 800000 cbs 125000 ebs 0 green pass red discard
qos car inbound carl 3 cir 8000 cbs 125000 ebs 0 green pass red discard
qos car inbound carl 9 cir 8000 cbs 250000 ebs 0 green pass red discard
qos car inbound carl 7 cir 8000 cbs 125000 ebs 0 green pass red discard
qos car inbound carl 11 cir 8000 cbs 125000 ebs 0 green pass red discard
ip user-based-sharing enable
#
interface Dialer12
nat outbound
firewall packet-filter 4999 outbound
link-protocol ppp
ppp chap user 02088587145
ppp chap password cipher $c$3$n7TRKo3k9XnTjZwILNzixSDb4x+VmqtYlw==
ppp pap local-user 02088587145 password cipher $c$3$7SQwkPcvJiVOJgwkSu0Bnr+eJppp8+A==
ppp ipcp dns admit-any
ppp ipcp dns request
qos max-bandwidth 204800
load-bandwidth 500000
ip address ppp-negotiate
tcp mss 1440
dialer user username
dialer-group 12
dialer bundle 12
qos reserved-bandwidth pct 100
qos lr outbound cir 204800 cbs 12800000 ebs 0
qos car inbound carl 6 cir 800000 cbs 125000 ebs 0 green pass red discard
qos car inbound carl 4 cir 8000 cbs 125000 ebs 0 green pass red discard
qos car inbound carl 10 cir 8000 cbs 125000 ebs 0 green pass red discard
qos car inbound carl 8 cir 8000 cbs 125000 ebs 0 green pass red discard
qos car inbound carl 12 cir 8000 cbs 125000 ebs 0 green pass red discard
ip user-based-sharing enable
#
interface NULL0
#
interface Vlan-interface4
ip address 192.168.4.1 255.255.255.0
dhcp server apply ip-pool vlan4
ip flow-ordering internal
#
interface Vlan-interface5
ip address 192.168.5.1 255.255.255.0
dhcp server apply ip-pool vlan5
ip flow-ordering internal
#
interface Vlan-interface6
ip address 192.168.6.1 255.255.255.0
dhcp server apply ip-pool vlan6
ip flow-ordering internal
#
interface Vlan-interface7
ip address 192.168.7.1 255.255.255.0
dhcp server apply ip-pool vlan7
ip flow-ordering internal
#
interface Vlan-interface8
ip address 192.168.8.1 255.255.255.0
dhcp server apply ip-pool vlan8
ip flow-ordering internal
#
interface Vlan-interface9
ip address 192.168.9.1 255.255.255.0
dhcp server apply ip-pool vlan9
#
interface Vlan-interface15
ip address 192.168.15.1 255.255.255.0
dhcp server apply ip-pool vlan15
#
interface GigabitEthernet0/0
port link-mode route
firewall packet-filter 4999 outbound
nat outbound
#
interface GigabitEthernet0/1
port link-mode route
firewall packet-filter 4999 outbound
nat outbound
pppoe-client dial-bundle-number 1
qos max-bandwidth 204800
tcp mss 1440
qos reserved-bandwidth pct 100
qos lr outbound cir 204800 cbs 12800000 ebs 0
qos apply policy PolicyLimit-1048577 outbound
qos car inbound carl 3 cir 8000 cbs 187500 ebs 0 green pass red discard
qos car inbound carl 9 cir 8000 cbs 62500 ebs 0 green pass red discard
qos car inbound carl 5 cir 800000 cbs 1250000 ebs 0 green pass red discard
qos car inbound carl 7 cir 8000 cbs 1250000 ebs 0 green pass red discard
qos car inbound carl 11 cir 8000 cbs 1250000 ebs 0 green pass red discard
#
interface GigabitEthernet0/2
port link-mode route
firewall packet-filter 4999 outbound
nat outbound
nat server 1 protocol tcp global current-interface 5555 inside 192.168.6.201 5555
nat server 2 protocol tcp global current-interface 5365 inside 192.168.6.201 5365
shutdown
#
interface GigabitEthernet0/10
port link-mode route
firewall packet-filter 4999 outbound
ip address 192.168.10.1 255.255.255.0
#
interface GigabitEthernet0/11
port link-mode route
firewall packet-filter 4999 outbound
nat outbound
mtu 1492
shutdown
load-bandwidth 300000
tcp mss 1024
#
interface GigabitEthernet0/12
port link-mode route
firewall packet-filter 4999 outbound
nat outbound
pppoe-client dial-bundle-number 12
qos max-bandwidth 204800
tcp mss 1440
qos reserved-bandwidth pct 100
qos lr outbound cir 204800 cbs 12800000 ebs 0
qos apply policy PolicyLimit-1048588 outbound
qos car inbound carl 4 cir 8000 cbs 187500 ebs 0 green pass red discard
qos car inbound carl 10 cir 8000 cbs 62500 ebs 0 green pass red discard
qos car inbound carl 6 cir 800000 cbs 1250000 ebs 0 green pass red discard
qos car inbound carl 8 cir 8000 cbs 1250000 ebs 0 green pass red discard
qos car inbound carl 12 cir 8000 cbs 1250000 ebs 0 green pass red discard
#
interface GigabitEthernet0/16
port link-mode route
firewall packet-filter 4999 outbound
#
interface GigabitEthernet0/3
port link-mode bridge
#
interface GigabitEthernet0/4
port link-mode bridge
port access vlan 4
#
interface GigabitEthernet0/5
port link-mode bridge
port access vlan 5
#
interface GigabitEthernet0/6
port link-mode bridge
port access vlan 6
dhcp-snooping trust
dhcp-snooping information enable
#
interface GigabitEthernet0/7
port link-mode bridge
port access vlan 7
#
interface GigabitEthernet0/8
port link-mode bridge
port access vlan 8
ip source binding ip-address 192.168.8.1 mac-address d463-fe3f-a2a5
ip source binding ip-address 192.168.8.10 mac-address b0f7-630e-8879
ip source binding ip-address 192.168.8.11 mac-address b0f7-630e-6782
ip source binding ip-address 192.168.8.12 mac-address 7032-15d3-d03b
ip source binding ip-address 192.168.8.16 mac-address 7032-1568-9056
ip source binding ip-address 192.168.8.17 mac-address b0f7-630e-8864
ip source binding ip-address 192.168.8.18 mac-address 7032-1568-84a7
ip source binding ip-address 192.168.8.19 mac-address 7032-1568-8429
ip source binding ip-address 192.168.8.20 mac-address b0f7-630e-88bb
ip source binding ip-address 192.168.8.21 mac-address b0f7-630e-8978
ip source binding ip-address 192.168.8.22 mac-address b0f7-630e-7b35
ip verify source mac-address
#
interface GigabitEthernet0/9
port link-mode bridge
port access vlan 9
#
interface GigabitEthernet0/13
port link-mode bridge
port access vlan 9
#
interface GigabitEthernet0/14
port link-mode bridge
port access vlan 15
#
interface GigabitEthernet0/15
port link-mode bridge
port access vlan 15
#
ip route-static 0.0.0.0 0.0.0.0 Dialer1
ip route-static 0.0.0.0 0.0.0.0 Dialer12
#
dhcp enable
#
arp source-suppression enable
arp source-suppression limit 100
#
dialer-rule 10 ip permit
dialer-rule 1 ip permit
dialer-rule 11 ip permit
dialer-rule 12 ip permit
#
nms primary monitor-interface Dialer10
#
ip flow-ordering stat-interval 10
#
load xml-configuration
#
load tr069-configuration
#
user-interface tty 12
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
- 2020-09-28回答
- 评论(0)
- 举报
-
(0)
暂无评论
编辑答案
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
- 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
- 3. 是哪家企业?(营业执照,单位登记证明等证件)
- 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
抄袭了我的内容
×
原文链接或出处
诽谤我
×
- 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
对根叔社区有害的内容
×
不规范转载
×
举报说明
暂无评论