网桥始终是 vlan 的根

网络工程 思科 生成树 思科-2960 IEEE-802.1w
2022-02-22 23:28:20

我的交换机没有正确接收 BPDU Hello,我无法确定问题所在。交换机 1 将 vlan4 的所有端口置于 desg 模式,并声称它是 vlan4 的根(根位于上游),而交换机 2 知道根位于端口 Gi0/24 上的上游,因此将该端口设置为 root,并将 Gi017 设置为 desg . 运行 debug spanning-tree events 显示每一方都向另一方发送 BPDU,但它们没有到达。所以我不知道为什么交换机 1 不会意识到它不是 vlan4 的 root。我可以让这个交换机不认为它是 root 的唯一方法是将中继两端的接口作为访问并将访问 vlan 设置为 4。

Switch1接口0/24配置如下:

interface GigabitEthernet0/24
 switchport trunk allowed vlan 1,4
 switchport mode trunk

Swtich2接口G0/17配置如下:

interface GigabitEthernet0/17  
 switchport trunk allowed vlan 1,4
 switchport mode trunk

显示生成树结果 Switch1

VLAN0001
  Spanning tree enabled protocol rstp
  Root ID    Priority    16385
             Address     4055.39cc.6780
             Cost        12
             Port        24 (GigabitEthernet0/24)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     0021.1b59.ae80
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
Gi0/24              Root FWD 4         128.24   P2p Peer(STP)

VLAN0004
  Spanning tree enabled protocol rstp
  Root ID    Priority    61444
             Address     0021.1b59.ae80
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    61444  (priority 61440 sys-id-ext 4)
             Address     0021.1b59.ae80
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
Gi0/18              Desg FWD 4         128.18   P2p
Gi0/24              Desg FWD 4         128.24   P2p

开关2

VLAN0001
  Spanning tree enabled protocol rstp
  Root ID    Priority    16385
             Address     4055.39cc.6780
             Cost        4
             Port        24 (GigabitEthernet0/24)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     0021.1b59.cb00
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
Gi0/10           Desg FWD 4         128.10   Edge P2p 
Gi0/11           Desg FWD 4         128.11   Edge P2p 
Gi0/12           Desg FWD 4         128.12   Edge P2p 
Gi0/13           Desg FWD 4         128.13   Edge P2p
Gi0/14           Desg FWD 19        128.14   Edge P2p 
Gi0/15           Desg FWD 19        128.15   Edge P2p 
Gi0/16           Desg FWD 19        128.16   Edge P2p
Gi0/17           Desg FWD 4         128.17   P2p Peer(STP)
Gi0/18           Desg FWD 4         128.18   Edge P2p 
Gi0/19           Desg FWD 19        128.19   Edge P2p 
Gi0/20           Desg FWD 19        128.20   Edge P2p 
Gi0/24           Root FWD 4         128.24   P2p 


VLAN0004
  Spanning tree enabled protocol rstp

  Root ID    Priority    16388
             Address     4055.39cc.6780
             Cost        4
             Port        24 (GigabitEthernet0/24)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32772  (priority 32768 sys-id-ext 4)
             Address     0021.1b59.cb00
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
Gi0/17           Desg FWD 4         128.17   P2p 
Gi0/24           Root FWD 4         128.24   P2p

关于后备箱的其他信息...

开关 1

显示接口中继

Port        Mode             Encapsulation  Status        Native vlan
Gi0/24      on               802.1q         trunking      1

Port        Vlans allowed on trunk
Gi0/24      1,4
Port        Vlans allowed and active in management domain
Gi0/24      1,4
Port        Vlans in spanning tree forwarding state and not pruned
Gi0/24      1,4

开关2

Port        Mode         Encapsulation  Status        Native vlan
Gi0/17      on           802.1q         trunking      1
Gi0/24      on           802.1q         trunking      1
Port        Vlans allowed on trunk
Gi0/17      1,4
Gi0/24      1-4094
Port        Vlans allowed and active in management domain
Gi0/17      1,4
Gi0/24      1-4,10,100-101,600
Port        Vlans in spanning tree forwarding state and not pruned
Gi0/17      1,4
Gi0/24      1-4,100-101

显示 CDP NE Switch1

Switch1#sh cdp ne

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
                  D - Remote, C - CVTA, M - Two-port Mac Relay

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
Switch2          Gig 0/24          140              S I   WS-C2960G Gig 0/17

开关2

switch2#sh cdp ne

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
Switch.domain.lcl
                 Gig 0/17          159           S I      WS-C2960G Gig 0/24
root-3750        Gig 0/24          164          R S I     WS-C3750X Gig 2/0/20

Switch1 配置文件

   Current configuration : 2834 bytes
!
! Last configuration change at 15:14:14 EST Thu Oct 6 2016
! NVRAM config last updated at 10:45:43 EST Thu Oct 6 2016
!

version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch1
!
boot-start-marker
boot-end-marker
!
!
!
!
no aaa new-model
clock timezone EST -5
system mtu routing 1500
udld enable

!
!
ip domain-lookup source-interface GigabitEthernet0/24
ip domain-name .......
!
!
!
!
!
!
spanning-tree mode pvst
spanning-tree logging
spanning-tree extend system-id
!
vlan internal allocation policy ascending

!
ip tftp source-interface Vlan1
!
!
interface GigabitEthernet0/1
 switchport access vlan 4
 switchport mode access
!
interface GigabitEthernet0/2
 switchport access vlan 4
 switchport mode access
!
interface GigabitEthernet0/3
 switchport access vlan 4
 switchport mode access
!
interface GigabitEthernet0/4
 switchport access vlan 4
 switchport mode access
!
interface GigabitEthernet0/5
 switchport access vlan 4
 switchport mode access
!
interface GigabitEthernet0/6
 switchport access vlan 4
 switchport mode access
!
interface GigabitEthernet0/7
 switchport access vlan 4
 switchport mode access
!
interface GigabitEthernet0/8
 switchport access vlan 4
 switchport mode access
!
interface GigabitEthernet0/9
 switchport access vlan 4
 switchport mode access
!
interface GigabitEthernet0/10
 switchport access vlan 4
!
interface GigabitEthernet0/11
 switchport access vlan 4
!
interface GigabitEthernet0/12
 switchport access vlan 4
!
interface GigabitEthernet0/13
 switchport access vlan 4
!
interface GigabitEthernet0/14
 switchport access vlan 4
!
interface GigabitEthernet0/15
 switchport access vlan 4
!
interface GigabitEthernet0/16
 switchport access vlan 4
!
interface GigabitEthernet0/17
 switchport access vlan 4
!
interface GigabitEthernet0/18
 switchport access vlan 4
!
interface GigabitEthernet0/19
 switchport access vlan 4
!
interface GigabitEthernet0/20
 switchport access vlan 4
 switchport mode access
!
interface GigabitEthernet0/21
 switchport access vlan 4
!
interface GigabitEthernet0/22
 switchport access vlan 4
!
interface GigabitEthernet0/23
 switchport access vlan 4
 switchport mode access
!
interface GigabitEthernet0/24
description Trunk to switch2 
switchport trunk allowed vlan 1,4
 switchport mode trunk
!
interface Vlan1
 ip address dhcp
!
interface Vlan4
 ip address xxx.xxx.xxx.x xxx.xxx.xxx.x
!
ip default-gateway xxx.xxx.x.x
ip http server
ip http secure-server
!
line con 0
 exec-timeout 40 0
 logging synchronous
line vty 0 4
 login
line vty 5 15
 login
!
!
monitor session 61 source vlan 4

ntp clock-period ..........
ntp server ........
end

Switch2 配置文件

    Current configuration : 5278 bytes
!
! Last configuration change at 16:12:50 EDT Thu Oct 6 2016 by 
! NVRAM config last updated at 15:37:44 EDT Thu Oct 6 2016 by 
!
version 12.2
no service pad
service timestamps debug datetime
service timestamps log datetime
service password-encryption
!
hostname Switch2
!
enable secret ..
!
username ..
username ..
aaa new-model
aaa authentication login .. group radius local
aaa authentication login .. group radius local
aaa authentication enable default group radius enable
aaa authorization console
aaa authorization exec ... group radius local 
aaa authorization exec ... group radius local 
!
aaa session-id common
clock timezone EST -5
clock summer-time EDT recurring
system mtu routing 1500
udld enable
ip subnet-zero
!
no ip domain-lookup
!
!
!
no file verify auto
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/1
 switchport access vlan 3
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/2    
 switchport access vlan 3
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/3
switchport access vlan 3
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/4
switchport access vlan 3
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/5
switchport access vlan 3
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/6
switchport access vlan 3
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/7
switchport access vlan 3
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/8
 switchport access vlan 3
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/9
switchport access vlan 3
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/10
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/11
switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/12
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/13
switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/14
switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/15
switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/16
switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/17
 description Trunk to Switch1             
 switchport trunk allowed vlan 1,4
 switchport mode trunk
!
interface GigabitEthernet0/18
switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/19
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/20
switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/21
switchport access vlan 3
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/22
switchport access vlan 3
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/23
 switchport mode trunk
 spanning-tree portfast
!
interface GigabitEthernet0/24
switchport mode trunk
 spanning-tree portfast
!
interface Vlan1
 ip address xxx.xxx.xxx.xxx xxx.xxx.xxx.x
 no ip route-cache
!         
interface Vlan4
 no ip address
 no ip route-cache
!
interface Vlan11
 ip address xxx.xxx.xxx.xxx xxx.xxx.xxx.x
 no ip route-cache
!
interface Vlan66
 no ip address
 no ip route-cache
 shutdown
!
ip default-gateway xx.x.x.x
no ip http server
ip radius source-interface Vlan1 
snmp-server community xxxxxxxxx XX
radius-server host xxx.xxx.xx.x auth-port .......
radius-server source-ports ..........
!
control-plane
!
!
line con 0
 exec-timeout 5 0
 password .......
 authorization exec ....
 logging synchronous
 login authentication .....
line vty 0 4
 exec-timeout 14 59
 password 7 ......
 authorization exec ......
 logging synchronous
 login authentication ....
 length 0
 history size 40
line vty 5 15
 exec-timeout 14 59
 password .......
 authorization exec.....
 logging synchronous
 login authentication.....
 length 0
 history size 40
!
!

ntp clock-period ......
ntp server ......
end

Root-2750 Switch此网桥是所有 vlan 的根。

!
version 12.2
no service pad
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
service sequence-numbers
!
hostname Root-3750
!
boot-start-marker
boot-end-marker
!
enable secret 5 
!
!
!
aaa new-model
!
!
aaa authentication login .. group radius local
aaa authentication login.. group radius local
aaa authentication enable default group radius enable
aaa authorization console
aaa authorization exec ..group radius local
aaa authorization exec .. group radius local
!
!
!
aaa session-id common
clock timezone EST -5
clock summer-time EDT recurring
switch 1 provision ws-c3750x-24
switch 2 provision ws-c3750x-24
system mtu routing 1500
ip routing
ip dhcp excluded-address ...
ip dhcp excluded-address ...
!
ip dhcp pool Phones
   network ....
   default-router ....
   domain-name ...
   dns-server ...
   option 160 ascii .......
!
!
ip name-server ....
ip name-server ...
!
track 1 ip sla 1 reachability
!
track 2 ip sla 2 reachability
!
track 10 list boolean or
 object 1
 object 2
!
mls qos map cos-dscp 0 8 16 26 32 46 48 56
mls qos srr-queue input bandwidth 90 10
mls qos srr-queue input threshold 1 8 16
mls qos srr-queue input threshold 2 34 66
mls qos srr-queue input buffers 67 33
mls qos srr-queue input cos-map queue 1 threshold 2 1
mls qos srr-queue input cos-map queue 1 threshold 3 0
mls qos srr-queue input cos-map queue 2 threshold 1 2
mls qos srr-queue input cos-map queue 2 threshold 2 4 6 7
mls qos srr-queue input cos-map queue 2 threshold 3 3 5
mls qos srr-queue input dscp-map queue 1 threshold 2 9 10 11 12 13 14 15
mls qos srr-queue input dscp-map queue 1 threshold 3 0 1 2 3 4 5 6 7
mls qos srr-queue input dscp-map queue 1 threshold 3 32
mls qos srr-queue input dscp-map queue 2 threshold 1 16 17 18 19 20 21 22 23
mls qos srr-queue input dscp-map queue 2 threshold 2 33 34 35 36 37 38 39 48
mls qos srr-queue input dscp-map queue 2 threshold 2 49 50 51 52 53 54 55 56
mls qos srr-queue input dscp-map queue 2 threshold 2 57 58 59 60 61 62 63
mls qos srr-queue input dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31
mls qos srr-queue input dscp-map queue 2 threshold 3 40 41 42 43 44 45 46 47
mls qos srr-queue output cos-map queue 1 threshold 3 5
mls qos srr-queue output cos-map queue 2 threshold 3 3 6 7
mls qos srr-queue output cos-map queue 3 threshold 3 2 4
mls qos srr-queue output cos-map queue 4 threshold 2 1
mls qos srr-queue output cos-map queue 4 threshold 3 0
mls qos srr-queue output dscp-map queue 1 threshold 3 40 41 42 43 44 45 46 47
mls qos srr-queue output dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31
mls qos srr-queue output dscp-map queue 2 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue output dscp-map queue 2 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue output dscp-map queue 3 threshold 3 16 17 18 19 20 21 22 23
mls qos srr-queue output dscp-map queue 3 threshold 3 32 33 34 35 36 37 38 39
mls qos srr-queue output dscp-map queue 4 threshold 1 8
mls qos srr-queue output dscp-map queue 4 threshold 2 9 10 11 12 13 14 15
mls qos srr-queue output dscp-map queue 4 threshold 3 0 1 2 3 4 5 6 7
mls qos queue-set output 1 threshold 1 138 138 92 138
mls qos queue-set output 1 threshold 2 138 138 92 400
mls qos queue-set output 1 threshold 3 36 77 100 318
mls qos queue-set output 1 threshold 4 20 50 67 400
mls qos queue-set output 2 threshold 1 149 149 100 149
mls qos queue-set output 2 threshold 2 118 118 100 235
mls qos queue-set output 2 threshold 3 41 68 100 272
mls qos queue-set output 2 threshold 4 42 72 100 242
mls qos queue-set output 1 buffers 10 10 26 54
mls qos queue-set output 2 buffers 16 6 17 61
mls qos
!
crypto pki .............
 enrollment selfsigned
 ..............
.............
...............
!
!
crypto pki certificate chain,,,,,,,,,,,,,
 certificate s,,,,,,,,,,,
  ,,,,,,,,,,,
,,,,,,,,,,,,,,,,,,,,,,
,,,,,,,,,,,,,
,,,,,,,,,,,,,,,,,,,,,,,,,,,
,,,,,,,,,,,,,,,,,,,,,,
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
  quit
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
spanning-tree vlan 1-4094 priority 16384
!
!
!
!
vlan internal allocation policy ascending
!
ip ssh time-out,,,,
ip ssh ve,,,,,,
lldp run
!
!
!
interface Port-channel1
!
interface Port-channel2
!
interface Port-channel3
!
interface Port-channel4
!
interface Port-channel5
!
interface FastEthernet0
 no ip address
 no ip route-cache cef
 no ip route-cache
 no ip mroute-cache
 shutdown
!
interface GigabitEthernet1/0/1
 description ..
 spanning-tree portfast
!
interface GigabitEthernet1/0/2
 description ..
 spanning-tree portfast
!
interface GigabitEthernet1/0/3
 description...
 spanning-tree portfast
!
interface GigabitEthernet1/0/4
 description
 spanning-tree portfast
!
interface GigabitEthernet1/0/5
 description
 spanning-tree portfast
!
interface GigabitEthernet1/0/6
 description 
 spanning-tree portfast
!
interface GigabitEthernet1/0/7
 description 
 spanning-tree portfast
!
interface GigabitEthernet1/0/8
 description 
 spanning-tree portfast
!
interface GigabitEthernet1/0/9
 description 
 spanning-tree portfast
!
interface GigabitEthernet1/0/10
 description
 spanning-tree portfast
!
interface GigabitEthernet1/0/11
 description
 spanning-tree portfast
!
interface GigabitEthernet1/0/12
 description 
 spanning-tree portfast
!
interface GigabitEthernet1/0/13
 description 
 spanning-tree portfast
!
interface GigabitEthernet1/0/14
 description 
 spanning-tree portfast
!
interface GigabitEthernet1/0/15
 description 
 spanning-tree portfast
!
interface GigabitEthernet1/0/16
 description 
 spanning-tree portfast
!
interface GigabitEthernet1/0/17
 description to 
 switchport access vlan 2
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/18
 description 
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/19
 description 
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/20
 description 
 switchport access vlan 2
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/21
 description OPEN
 switchport trunk encapsulation dot1q
 switchport mode access
!
interface GigabitEthernet1/0/22
 description OPEN
 switchport trunk encapsulation dot1q
 switchport mode trunk
 shutdown
!
interface GigabitEthernet1/1/1
 description Trunk 2 a switch
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1-599,601-4094
 switchport mode trunk
!
interface GigabitEthernet1/1/2
 description Trunk to a switch
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1-599,601-4094
 switchport mode trunk
!
interface GigabitEthernet1/1/3
 description Trunk to a switch
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1-599,601-4094
 switchport mode trunk
!
interface GigabitEthernet1/1/4
 description 
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet2/0/20
 description Switch2
 switchport trunk allowed vlan 1-599,601-4094
 spanning-tree portfast

!
interface GigabitEthernet2/0/24
 description 
 switchport access vlan 600
 switchport mode access
 load-interval 30
!
!
interface Vlan1
 ip address ..
!
interface Vlan2
 description
 ip address ..
!
interface Vlan3
 ip address ...
!
interface Vlan4
 ip address ..
 ip helper-address ...
!
interface Vlan100
 ip address ..
!
interface Vlan101
 ip address ..
!
interface Vlan600
 ip address ....
 ip summary-address eigrp ..
!
!
router eigrp 100
 network .
 network..
 network .....
 network .
 network ..
!
ip classless
ip route
ip route.
ip route ..
ip route ..
ip route .....
ip route ..
ip route ..
ip route ..
ip route ..
ip route ..
ip route ..
ip route...
ip route ...
!
ip http server
ip http secure-server
!
ip access-list standard ..
 permit ..
 permit ..
 permit ...
 permit ...
!
ip access-list extended .....
 permit ip host ..... any
ip access-list extended ..
 permit ip host ...any
 permit ip host .. any
 permit ip host .......any
 permit ip host ....... any
 permit ip host ..... any
 permit ip host ...... any
 permit ip host ........ any
 permit ip host .... any
 permit ip host ...... any
 permit ip host ...... any
 permit ip host ...... any
 permit ip host ........ any
 permit ip host ........ any
 permit ip host .. any
 permit ip host .. any
!
ip radius source-interface Vlan1
ip sla 1
 dns w...
 frequency 10
ip sla schedule 1 life forever start-time now
ip sla 2
 icmp-echo 4.2.2.1
 frequency 10
ip sla schedule 2 life forever start-time now
ip sla enable reaction-alerts
route-map TEST permit 5
 match ip address TEST
 set ip next-hop ..
!
route-map .. permit 5
 match ip address ..
 set ip next-hop ...
!
route-map ...permit 10
 match ip address ..

!
snmp-server community read4netmon RO
radius-server host ... auth-port . acct-port ...key..
!
!
line con 0
 exec-timeout 5 0
 password ..
 authorization exec ..
 logging synchronous
 login authentication ..
line vty 0 4
 session-timeout 4  output
 exec-timeout 4 59
 password ..
 authorization exec ..
 logging synchronous
 login authentication..
 transport input ssh
line vty 5 15
 session-timeout 4  output
 exec-timeout 4 59
 password ...
 authorization exec ..
 logging synchronous
 login authentication ..
 length 0
 transport input ssh
!
ntp clock-period 36027768
ntp server ..........
end

Root-3750 中继端口 & 显示 cdp ne 根交换机 CP NE

Root-3750#sh int trunk

Port        Mode             Encapsulation  Status        Native vlan
Gi1/1/1     on               802.1q         trunking      1
Gi1/1/2     on               802.1q         trunking      1
Gi1/1/3     on               802.1q         trunking      1
Gi2/0/20    auto             n-802.1q       trunking      1

Port        Vlans allowed on trunk
Gi1/1/1     1-599,601-4094
Gi1/1/2     1-599,601-4094
Gi1/1/3     1-599,601-4094
Gi2/0/20    1-599,601-4094

Port        Vlans allowed and active in management domain
Gi1/1/1     1-4,10,100-101
Gi1/1/2     1-4,10,100-101
Gi1/1/3     1-4,10,100-101
Gi2/0/20    1-4,10,100-101

Port        Vlans in spanning tree forwarding state and not pruned
Gi1/1/1     1,4,100
Gi1/1/2     1,4,100
Gi1/1/3     1,100
Gi2/0/20    1,3-4
3个回答

我已经看到了一些你应该遵循的好建议,另外我还有一些关于良好做法和我认为导致真正问题的其他意见。

次要问题: 1. 我看到您在交换机 1 上同时使用 DTP 和 VTP,在其他交换机上使用 VTP。您应该在所有交换机到交换机的链路上硬编码您的中继模式,并使用 no-negotiation 命令关闭 DTP 协商。注意:只有在您进行手动修剪(switchport trunk allowed vlan xxx)之后,您才能通过将 VTP 模式更改为透明来停止 VTP 更改和修剪。我在您的 show run 输出中没有看到任何 VTP 配置,因此我假设您正在运行 VTP 版本 2。

  1. 即使您的 show interface trunk 输出显示它们都在运行 dot1q,我也会将中继封装模式硬编码为 dot1q。如果您运行的 IOS 平台和版本仅使用 dot1q 封装,并且不会在中继接口上使用“switchport trunk encapsulation dot1q”命令,则忽略此。

主要问题:当我查看交换机 1 和交换机 2 的生成树输出时,它们显示了在将它们连接在一起的同一链路上为 VLAN 1 和 VLAN 4 运行的不同版本的生成树协议。那是不对的。

从 Switch 1 上的生成树输出中可以看到,

VLAN0001
Interface        Role Sts Cost      Prio.Nbr Type
Gi0/24           Desg FWD 4         128.17   P2p Peer(STP)

VLAN0004
Gi0/18           Desg FWD 4         128.18   P2p
Gi0/24           Desg FWD 4         128.17   P2p

从你看到的 Switch 2 上的生成树输出中,

VLAN0001
Interface        Role Sts Cost      Prio.Nbr Type
Gi0/17           Desg FWD 4         128.17   P2p Peer(STP)

VLAN0004
Gi0/17           Desg FWD 4         128.17   P2p

当您看到生成树类型是 P2P 时,这意味着它在每个 vlan 生成树协议或交换机 2 PVST 的情况下快速运行(尽管 show spanning-tree 的输出与我的预期不同)。当您看到“P2p Peer(STP)”时,这意味着它已退回到通用生成树协议(也就是在 VLAN 1 上运行的所有 VLAN 的 1 个 STP 实例)。我认为你混合了你的配置和你的 show spanning-tree 输出——这意味着显示输出是在你对正在运行的配置进行更改之后获取的。

在做任何事情之前,我会先做一个“显示接口状态”,看看交换机 1 或交换机 2 是否错误禁用了中继端口上的 VLAN 之一。这只是出于好奇并查明问题的真正原因。如果您看到它在 vlan 基础上被错误禁用,请拍打端口(关闭/不关闭)。

我将通过依次执行以下每个步骤来解决此问题,并检查它是否解决了问题。

  1. 将 Switch 1 上的生成树模式更改为 Per-Vlan 快速生成树模式以匹配您在 Switch 2 上的内容,

    生成树模式 rapid-pvst

  2. 在连接交换机 1 和交换机 2 的两端分别使用shut 和 no 关闭它们各自的接口上的链路。

  3. 如果这不能解决问题,请重新加载 Switch 1。

我希望能解决这个问题。

好的,这是您应该始终验证您的网络地图的时候之一,即使您非常确信它是正确的。我桌子上墙上的插孔,我正在连接交换机,它穿过一个隐藏在机架上的旧戴尔交换机。戴尔交换机只传递未标记的流量,因此这就是 Span 树无法正常工作的原因。这就是为什么当我在两端运行调试时,我可以看到 BPDU 离开了每台交换机,但 Cisco 交换机都不会从对方那里收到任何 BPDU。一旦我把那个旧戴尔从服务器机房里撕下来扔掉,一切正常。我想这就是为什么我们有一个用于故障排除的 OSI 模型,总是从第 1 层开始,即使有人发誓网络图是正确的,也总是验证。

您需要在每台交换机的 VLAN 4 接口中执行“no shutdown”命令。

Switch1(config)# interface vlan 4

Switch1(config-if)# 不关机

如果 VLAN 目标在接收交换机上关闭,则 VLAN 之间的流量将被丢弃。

其它你可能感兴趣的问题
上一篇不可避免的双 NAT pfSense 上的端口转发 下一篇用于在 Cisco 交换机上随时间显示未使用端口的命令