F5000RBMweb页面切换导致track业务端口down
- 0关注
- 0收藏,620浏览
问题描述:
如下配置在双机热备+路由,主备模式。现在在WEB页面点切换后,主设备上的业务接口DOWN掉了,OSPF邻居关系也没了,这个正常吗?(切换前备设备上的业务接口状态正常,OSPF邻居也正常)
RBM_S<GS-LanZhou-T3-ITL-FW-F5000-2>dis cu
#
version 7.1.064, Release 8190P19
#
sysname GS-LanZhou-T3-ITL-FW-F5000-2
#
clock protocol none
#
context Admin id 1
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 1 priority 1
#
track 1 interface GigabitEthernet1/0/1
#
ospf 1 router-id 172.18.192.230
area 0.0.0.0
network 172.18.192.228 0.0.0.3
#
dns server 8.8.8.8
dns server 114.114.114.114
#
remote-backup group
data-channel interface GigabitEthernet1/0/2
configuration sync-check interval 12
adjust-cost ospf enable absolute
local-ip 10.10.10.11
remote-ip 10.10.10.10
device-role secondary
#
password-recovery enable
#
vlan 1
#
stp global enable
#
interface NULL0
#
interface GigabitEthernet1/0/0
port link-mode route
ip address 192.168.0.1 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-mode route
ip address 172.18.192.230 255.255.255.252
ospf network-type p2p
manage https inbound
manage https outbound
manage ping inbound
manage ping outbound
#
interface GigabitEthernet1/0/2
port link-mode route
ip address 10.10.10.11 255.255.255.0
#
interface GigabitEthernet1/0/3
port link-mode route
#
interface GigabitEthernet1/0/4
port link-mode route
#
interface GigabitEthernet1/0/5
port link-mode route
#
interface GigabitEthernet1/0/6
port link-mode route
ip address 10.123.11.189 255.255.255.248
manage ping inbound
manage ping outbound
#
interface GigabitEthernet1/0/7
port link-mode route
#
interface GigabitEthernet1/0/8
port link-mode route
#
interface GigabitEthernet1/0/9
port link-mode route
#
interface vSys-interface1
#
security-zone name Local
#
security-zone name Trust
import interface GigabitEthernet1/0/1
#
security-zone name DMZ
#
security-zone name Untrust
import interface GigabitEthernet1/0/2
import interface GigabitEthernet1/0/6
#
security-zone name Management
import interface GigabitEthernet1/0/0
#
scheduler logfile size 16
#
line class console
authentication-mode scheme
user-role network-admin
#
line class vty
user-role network-operator
#
line con 0
user-role network-admin
#
line vty 0 63
authentication-mode scheme
user-role network-admin
#
ip route-static 0.0.0.0 0 172.18.192.229
#
undo info-center logfile enable
#
performance-management
#
ssh server enable
#
domain system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
password-control login idle-time 0
#
local-user admin class manage
password hash $h$6$GwHf1Yte2E1wndWR$ZF9DvkC4rIQMQCITEcGjkk4avrma16qsaREKUiXIRfnBnE85pDUnlGy63Gj/F9qxfuH7BxWPJrtWwn5STASJnQ==
service-type ssh terminal https
authorization-attribute user-role level-3
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
#
ssl renegotiation disable
ssl version ssl3.0 disable
ssl version tls1.0 disable
undo ssl version tls1.1 disable
#
ipsec logging negotiation enable
#
ike logging negotiation enable
#
ip https enable
webui log enable
#
loadbalance isp file flash:/lbispinfo_v1.5.tp
#
security-policy ip
rule 0 name 1
action pass
source-zone local
destination-zone trust
service ssh
rule 1 name trust-untrust
action pass
source-zone Trust
destination-zone Untrust
rule 6 name untrust-trust
action pass
source-zone Untrust
destination-zone Trust
rule 2 name ospf1
action pass
source-zone trust
destination-zone local
service ospf
service ssh
rule 3 name ospf2
action pass
source-zone local
destination-zone trust
service ospf
service ssh
rule 4 name ospf3
action pass
source-zone untrust
destination-zone local
service ospf
service ssh
rule 5 name ospf4
action pass
source-zone local
destination-zone untrust
service ospf
service ssh
#
return
RBM_P<GS-LanZhou-T3-ITL-FW-F5000-1>dis cu
#
version 7.1.064, Release 8190P19
#
sysname GS-LanZhou-T3-ITL-FW-F5000-1
#
clock protocol none
#
context Admin id 1
#
telnet server enable
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 1 priority 1
#
track 1 interface GigabitEthernet1/0/1
#
ospf 1 router-id 172.18.192.226
area 0.0.0.0
network 172.18.192.224 0.0.0.3
#
dns server 8.8.8.8
dns server 114.114.114.114
#
remote-backup group
data-channel interface GigabitEthernet1/0/2
configuration sync-check interval 12
track interface GigabitEthernet1/0/1
local-ip 10.10.10.10
remote-ip 10.10.10.11
device-role primary
#
password-recovery enable
#
vlan 1
#
stp global enable
#
interface NULL0
#
interface GigabitEthernet1/0/0
port link-mode route
ip address 192.168.0.1 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-mode route
ip address 172.18.192.226 255.255.255.252
ospf network-type p2p
manage https inbound
manage https outbound
manage ping inbound
manage ping outbound
#
interface GigabitEthernet1/0/2
port link-mode route
ip address 10.10.10.10 255.255.255.0
#
interface GigabitEthernet1/0/3
port link-mode route
#
interface GigabitEthernet1/0/4
port link-mode route
#
interface GigabitEthernet1/0/5
port link-mode route
#
interface GigabitEthernet1/0/6
port link-mode route
ip address 10.123.11.188 255.255.255.248
manage ping inbound
manage ping outbound
#
interface GigabitEthernet1/0/7
port link-mode route
#
interface GigabitEthernet1/0/8
port link-mode route
#
interface GigabitEthernet1/0/9
port link-mode route
#
interface vSys-interface1
#
security-zone name Local
#
security-zone name Trust
import interface GigabitEthernet1/0/1
#
security-zone name DMZ
#
security-zone name Untrust
import interface GigabitEthernet1/0/2
import interface GigabitEthernet1/0/6
#
security-zone name Management
import interface GigabitEthernet1/0/0
#
scheduler logfile size 16
#
line class console
authentication-mode scheme
user-role network-admin
#
line class vty
user-role network-operator
#
line con 0
user-role network-admin
#
line vty 0 63
authentication-mode scheme
user-role network-admin
#
undo info-center logfile enable
#
performance-management
#
ssh server enable
#
domain system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
password-control login idle-time 0
#
local-user admin class manage
password hash $h$6$zQqGHwBHeMjjS+hO$ZE5Ykbv43Vtu9YxIspOVSt+ntmkdV2EUwbWieNyp08ZY+Vj/qQPMGTWllIWbWW22Cqs846ML4xExghoi1aG3nw==
service-type ssh terminal https
authorization-attribute user-role level-3
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
#
ssl renegotiation disable
ssl version ssl3.0 disable
ssl version tls1.0 disable
undo ssl version tls1.1 disable
#
ipsec logging negotiation enable
#
ike logging negotiation enable
#
ip https enable
webui log enable
#
loadbalance isp file flash:/lbispinfo_v1.5.tp
#
security-policy ip
rule 0 name 1
action pass
source-zone local
destination-zone trust
service ssh
rule 1 name trust-untrust
action pass
source-zone Trust
destination-zone Untrust
rule 6 name untrust-trust
action pass
source-zone Untrust
destination-zone Trust
rule 2 name ospf1
action pass
source-zone trust
destination-zone local
service ospf
service ssh
rule 3 name ospf2
action pass
source-zone local
destination-zone trust
service ospf
service ssh
rule 4 name ospf3
action pass
source-zone untrust
destination-zone local
service ospf
service ssh
rule 5 name ospf4
action pass
source-zone local
destination-zone untrust
service ospf
service ssh
#
return
- 2025-02-20提问
- 举报
-
(0)
最佳答案
在双机热备+路由,主备模式下,当从WEB页面触发切换后,如果主设备上的业务接口Down掉,且OSPF邻居关系消失,这通常表明设备正在进行状态迁移,可能的原因包括:
1. **接口配置变更**:如删除接口地址或在接口上关闭OSPF,这会直接导致邻居关系断开。
2. **接口状态变化**:接口down或MTU(最大传输单元)改变,也会使得OSPF邻居关系无法维持。
3. **Track状态不正常**:如果上下行接口的Track状态不正常,例如接口down,这可能触发主备切换,进而影响7层业务。
在这样的情况下,业务接口Down和OSPF邻居关系的丢失是切换过程中的正常现象,但这并不意味着业务没有问题。由于主备设备均出现异常,流量处理会受到影响,可能需要工程师进一步排查具体原因,例如LB(负载均衡)设备是否正常工作,以及网络配置是否正确。
建议联系网络工程师,提供详细的日志信息和配置状态,以便进行深入分析和故障排除。同时,检查接口状态、MTU设置和Track状态,确保网络环境稳定,有助于快速恢复业务。
- 2025-02-20回答
- 评论(0)
- 举报
-
(0)
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
- 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
- 3. 是哪家企业?(营业执照,单位登记证明等证件)
- 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
抄袭了我的内容
×
原文链接或出处
诽谤我
×
- 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
对根叔社区有害的内容
×
不规范转载
×
举报说明
暂无评论