华三MSTP对接思科Rapid-Pvst
- 0关注
- 0收藏,499浏览
问题描述:
华三2台汇聚做的M-LAG下联的思科设备,华三配置的MSTP,思科默认的是Rapid-Pvst,当思科的聚合口中的某个物理口up、down会影响整个网络的稳定性,汇聚下的交换机都会出现丢包,查看思科和华三出现如下日志。我想问一下丢包是因为生成树没协商好导致整个网络出现故障吗?
华三
#
stp region-configuration
region-name hzjq
revision-level 1
active region-configuration
#
stp instance 0 root primary
stp bpdu-protection
stp tc-protection threshold 1
stp global enable
日志
思科接入
NQL-DSJ-A-C1042
Jan 3 19:52:08.311: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/1/2, changed state to down
Jan 3 19:52:14.567: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/1/2, changed state to up
华三汇聚
[10:17:59:767]%Jan 3 19:52:11:828 2024 NQL-DSJ-E-C1808 LAGG/6/LAGG_INACTIVE_OPERSTATE: Member port XGE1/0/34 of aggregation group BAGG34 changed to the inactive state, because the peer port did not have the Synchronization flag.
[10:17:59:767]%Jan 3 19:52:11:832 2024 NQL-DSJ-E-C1808 IFNET/5/LINK_UPDOWN: Line protocol state on the interface Ten-GigabitEthernet1/0/34 changed to down.
[10:17:59:767]%Jan 3 19:52:11:835 2024 NQL-DSJ-E-C1808 M-LAG/6/MLAG_IFEVT_MLAGIF_NOSELECTED: Local M-LAG interface Bridge-Aggregation34 in M-LAG group 34 does not have Selected member ports because the aggregate interface went down. Please check the aggregate link status.
[10:17:59:767]%Jan 3 19:52:11:888 2024 NQL-DSJ-E-C1808 STP/6/STP_NOTIFIED_TC: Instance 0's port Bridge-Aggregation34 was notified a topology change.
[10:17:59:767]%Jan 3 19:52:12:013 2024 NQL-DSJ-E-C1808 STP/6/STP_NOTIFIED_TC: Instance 0's port Bridge-Aggregation34 was notified a topology change.
[10:17:59:783]%Jan 3 19:52:13:569 2024 NQL-DSJ-E-C1808 LAGG/6/LAGG_ACTIVE: Member port XGE1/0/34 of aggregation group BAGG34 changed to the active state.
[10:17:59:783]%Jan 3 19:52:13:574 2024 NQL-DSJ-E-C1808 IFNET/5/LINK_UPDOWN: Line protocol state on the interface Ten-GigabitEthernet1/0/34 changed to up.
[10:17:59:783]%Jan 3 19:52:13:579 2024 NQL-DSJ-E-C1808 M-LAG/6/MLAG_IFEVT_MLAGIF_SELECTED: Local M-LAG interface Bridge-Aggregation34 in M-LAG group 34 has Selected member ports.
[10:17:59:783]%Jan 3 19:52:14:012 2024 NQL-DSJ-E-C1808 STP/6/STP_NOTIFIED_TC: Instance 0's port Bridge-Aggregation34 was notified a topology change.
------------------------------------------------------------
- 2024-01-04提问
- 举报
-
(0)
最佳答案
检查下配置和物理接口状态吧
日志看H3C侧异常,M-LAG同步不正常且报物理端口状态在变化
建议检查下M-LAG配置和状态、在检查物理端口、在检查聚合组以及stp相关状态
- 2024-01-04回答
- 评论(0)
- 举报
-
(0)
华三 思科对接STP参考:
2 MSTP/PVST对接操作指导
2.1 与思科设备对接操作指导
2.1.1 互通性分析
H3C支持的STP/RSTP/MSTP均是IEEE标准组织制定的标准协议。Cisco支持的生成树协议中,MSTP为标准协议,Rapid-Pvst为Cisco私有协议。
如表4所示,H3C和Cisco生成树协议的互通性情况如下:
· H3C的MSTP与Cisco的MSTP可以完全互通
为了实现互通,在保证相连的H3C交换机域配置和Cisco交换机域配置完全一致的前提下,还需要在H3C设备上通过stp config-digest-snooping命令,在每一个和Cisco交换机相连的端口上开启摘要侦听功能功能。
另外,H3C设备的Comware V5 MSTP默认BPDU封装格式为legacy,Comware V7 MSTP默认BPDU封装格式为802.1s。在Cisco设备上需要通过spanning-tree mst pre-standard(legacy)或no spanning-tree mst pre-standard(802.1s)命令,将MSTP BPDU封装格式修改为legacy 或802.1s,使得H3C设备和Cisco设备的MSTP BPDU封装格式一致。
· H3C的MSTP与Cisco的Rapid-Pvst可以在一定程度上完成互通
如果H3C设备采用Access端口对接,H3C设备会将Cisco设备当作一个支持IEEE802.1D的设备,正常进行生成树计算。如果H3C设备采用Trunk接口对接,标准的STP设备可以与Rapid-Pvst设备的VLAN 1互通;但在其他VLAN上,标准STP设备无法识别Rapid-Pvst报文,要求物理环路必须在标准STP设备上来阻断,也就是说Blocking端口必须在标准STP设备(H3C)上而不是Rapid-Pvst设备(Cisco)上,否则就可能导致VLAN 1以外的其他VLAN出现广播风暴。
表4 MSTP/PVST互通性分析
H3C | Cisco | 互通结论 |
STP模式 | MSTP模式(Legacy和802.1s封装) | 在实例0中可以互通 |
STP模式 | Rapid-Pvst模式 | 在Cisco设备上不取消VLAN 1的Rapid-Pvst功能的情况下,可以互通 |
RSTP模式 | MSTP模式(Legacy和802.1s封装) | 在实例0中可以互通 |
RSTP模式 | Rapid-Pvst模式 | 在Cisco设备上不取消VLAN 1的Rapid-Pvst功能的情况下,可以互通 |
MSTP模式 | MSTP模式(Legacy和802.1s封装) | 在H3C设备配置stp config-digest-snooping命令的情况下,可以互通 |
MSTP模式 | Rapid-Pvst模式 | 在Cisco设备上不取消VLAN 1的Rapid-Pvst功能的情况下,可以互通 |
2.1.2 组网需求
如图7所示,H3C设备与Cisco设备通过两条链路相互连接。现要求在H3C设备和Cisco设备上分别配置MSTP,实现MSTP互通。
图7 MSTP对接配置组网图
2.1.3 配置步骤
· 配置H3C设备
# 创建VLAN接口2,并为该接口配置IP地址和子网掩码。
<H3C> system-view
[H3C] vlan 2
[H3C-vlan2] quit
[H3C] interface Vlan-interface 2
[H3C-Vlan-interface2] ip address 16.1.11.55 255.255.255.0
[H3C-Vlan-interface2]quit
# 在端口GigabitEthernet1/0/1上开启摘要侦听功能。
[H3C] interface gigabitethernet 1/0/1
[H3C-GigabitEthernet1/0/1] stp config-digest-snooping
# 配置端口GigabitEthernet1/0/1为Trunk端口,允许VLAN2通过。
[H3C-GigabitEthernet1/0/1] port link-type trunk
[H3C-GigabitEthernet1/0/1] port trunk permit vlan 2
[H3C-GigabitEthernet1/0/1] quit
# 在端口GigabitEthernet1/0/2上开启摘要侦听功能。
[H3C] interface gigabitethernet 1/0/2
[H3C-GigabitEthernet1/0/2] stp config-digest-snooping
# 配置端口GigabitEthernet1/0/2为Trunk端口,允许VLAN2通过。
[H3C-GigabitEthernet1/0/2] port link-type trunk
[H3C-GigabitEthernet1/0/2] port trunk permit vlan 2
[H3C-GigabitEthernet1/0/2] quit
# 全局开启摘要侦听功能。
[H3C] stp global config-digest-snooping
# 全局开启生成树协议。
[H3C] stp global enable
为保证H3C交换机的路径开销计算标准与第三方交换机一致,需要确认第三方交换机的开销计算标准,然后在H3C交换机上进行相应的修改。
# 当Cisco设备采用缺省路径开销计算标准,H3C交换机需要配置按照IEEE 802.1D-1998标准来计算缺省路径开销。
[H3C] stp pathcost-standard dot1d-1998
· 配置Cisco设备
# 如下配置以Cisco Nexus9000 C9236C为例进行介绍,设备具体信息如下:
Cisco# show version
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (C) 2002-2017, Cisco and/or its affiliates.
All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under their own
licenses, such as open source. This software is provided "as is," and unless
otherwise stated, there is no warranty, express or implied, including but not
limited to warranties of merchantability and fitness for a particular purpose.
Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or
GNU General Public License (GPL) version 3.0 or the GNU
Lesser General Public License (LGPL) Version 2.1 or
Lesser General Public License (LGPL) Version 2.0.
A copy of each such license is available at
***.***/licenses/gpl-2.0.php and
***.***/licenses/gpl-3.0.html and
***.***/licenses/lgpl-2.1.php and
***.***/licenses/old-licenses/library.txt.
Software
BIOS: version 07.56
NXOS: version 7.0(3)I4(6)
BIOS compile time: 06/08/2016
NXOS image file is: bootflash:///nxos.7.0.3.I4.6.bin
NXOS compile time: 3/9/2017 22:00:00 [03/10/2017 07:05:18]
Hardware
cisco Nexus9000 C9236C chassis
Intel(R) Xeon(R) CPU @ 1.80GHz with 16400984 kB of memory.
Processor Board ID FDO20511FC7
Device name: switch
bootflash: 53298520 kB
Kernel uptime is 17 day(s), 20 hour(s), 9 minute(s), 30 second(s)
Last reset
Reason: Unknown
System version: 7.0(3)I4(6)
Service:
plugin
Core Plugin, Ethernet Plugin
Active Package(s):
# 进入VLAN2的配置模式,并配置IP地址。
Cisco# configure terminal
Cisco(config)# interface vlan 2
Cisco(config-if)#ip address 16.1.11.56 255.255.255.0
Cisco(config-if)#exit
# 配置接口Ethernet1/11为Trunk口,并指定为VLAN2的成员端口。
Cisco(config)# interface Ethernet 1/11
Cisco(config-if)# switchport mode trunk
Cisco(config-if)# switchport access vlan 2
Cisco(config-if)# switchport trunk allowed vlan 2
Cisco(config-if)# exit
# 配置接口Ethernet1/13为Trunk口,并指定为VLAN2的成员端口。
Cisco(config-if)# interface Ethernet 1/13
Cisco(config-if)# switchport mode trunk
Cisco(config-if)# switchport access vlan 2
Cisco(config-if)# switchport trunk allowed vlan 2
Cisco(config-if)# end
2.1.4 验证配置
# 在H3C设备上验证生成树状态和统计的简要信息。
[H3C] display stp brief
MST ID Port Role TP State Protection
0 GigabitEthernet1/0/1 DESI FORWARDING NONE
0 GigabitEthernet1/0/2 DESI FORWARDING NONE
# 在H3C设备上验证在MSTP模式下,显示MSTI0在端口GigabitEthernet1/0/2上生成树状态和统计的信息。
[H3C] display stp instance 0 interface gigabitethernet 1/0/2
-------[CIST Global Info][Mode MSTP]-------
Bridge ID : 32768.1cab-3496-09f6
Bridge times : Hello 2s MaxAge 20s FwdDelay 15s MaxHops 20
Root ID/ERPC : 32768.1cab-3496-09f6, 0
RegRoot ID/IRPC : 32768.1cab-3496-09f6, 0
RootPort ID : 0.0
BPDU-Protection : Disabled
Bridge Config-
Digest-Snooping : Enabled
TC or TCN received : 2
Time since last TC : 0 days 0h:34m:14s
----[Port391(GigabitEthernet1/0/2)][FORWARDING]----
Port protocol : Enabled
Port role : Designated Port
Port ID : 128.391
Port cost(Legacy) : COnfig=auto, Active=1
Desg.bridge/port : 32768.1cab-3496-09f6, 128.391
Port edged : COnfig=disabled, Active=disabled
Point-to-Point : COnfig=auto, Active=true
Transmit limit : 10 packets/hello-time
TC-Restriction : Disabled
Role-Restriction : Disabled
Protection type : COnfig=none, Active=none
MST BPDU format : COnfig=auto, Active=802.1s
Port Config-
Digest-Snooping : Enabled
Rapid transition : False
Num of VLANs mapped : 2
Port times : Hello 2s MaxAge 20s FwdDelay 15s MsgAge 0s RemHops 20
BPDU sent : 1784
TCN: 0, Config: 0, RST: 0, MST: 1784
BPDU received : 0
TCN: 0, Config: 0, RST: 0, MST: 0
# 在H3C设备上验证在MSTP模式下,显示MSTI0在端口GigabitEthernet1/0/1上生成树状态和统计的信息。
[H3C] display stp instance 0 interface gigabitethernet 1/0/1
-------[CIST Global Info][Mode MSTP]-------
Bridge ID : 32768.1cab-3496-09f6
Bridge times : Hello 2s MaxAge 20s FwdDelay 15s MaxHops 20
Root ID/ERPC : 32768.1cab-3496-09f6, 0
RegRoot ID/IRPC : 32768.1cab-3496-09f6, 0
RootPort ID : 0.0
BPDU-Protection : Disabled
Bridge Config-
Digest-Snooping : Enabled
TC or TCN received : 2
Time since last TC : 0 days 0h:34m:21s
----[Port381(GigabitEthernet1/0/1)][FORWARDING]----
Port protocol : Enabled
Port role : Designated Port (Boundary)
Port ID : 128.381
Port cost(Legacy) : COnfig=auto, Active=1
Desg.bridge/port : 32768.1cab-3496-09f6, 128.381
Port edged : COnfig=disabled, Active=disabled
Point-to-Point : COnfig=auto, Active=true
Transmit limit : 10 packets/hello-time
TC-Restriction : Disabled
Role-Restriction : Disabled
Protection type : COnfig=none, Active=none
MST BPDU format : COnfig=auto, Active=802.1s
Port Config-
Digest-Snooping : Enabled
Rapid transition : False
Num of VLANs mapped : 2
Port times : Hello 2s MaxAge 20s FwdDelay 15s MsgAge 0s RemHops 20
BPDU sent : 1787
TCN: 0, Config: 0, RST: 0, MST: 1787
BPDU received : 2
TCN: 0, Config: 0, RST: 2, MST: 0
- 2024-01-04回答
- 评论(1)
- 举报
-
(0)
在Cisco设备上不取消VLAN 1的Rapid-Pvst功能的情况下,可以互通。。。这个可以理解为其他vlan能通是吧,但凡我看接入交换机除vlan1的生成树根还是自己
编辑答案
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
- 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
- 3. 是哪家企业?(营业执照,单位登记证明等证件)
- 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
抄袭了我的内容
×
原文链接或出处
诽谤我
×
- 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
对根叔社区有害的内容
×
不规范转载
×
举报说明