阅读了这里关于访问端口命令的几篇文章后,我想知道我是否给自己造成了问题。我已经运行我当前的 MDF 配置一段时间了,没有任何问题。我正在尝试从另一个壁橱添加另一个交换机(相同型号 - Cisco 3850x)。我在 MDF 堆栈和新交换机之间建立了光纤连接。一旦我连接它们,我就会失去与我的 VoIP 服务器的连接(在 VLAN10 上运行)。我有几个没有这个问题的 IDF 交换机(Cisco 3750 型号)并且配置是相同的。不知道为什么它会关闭到 VoIP 服务器的流量,但是电话继续工作,所以我认为它不会阻止所有 VLAN10 流量。因此,我开始查看 VoIP 服务器在 MDF 交换机中连接的端口。配置是:
switchport access vlan 10
switchport mode access
switchport voice vlan 10
no mdix auto
spanning-tree portfast
这个问题可能是由于配置中有 3 个 switchport 命令造成的吗?如果是这样,为什么到目前为止还没有成为问题?请指教。谢谢!
Switch Configs below:
MDF 开关配置
version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service compress-config
service unsupported-transceiver
!
hostname ABC_MDF3850X
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
enable secret 4 U5rt3dNsFEwpQKnq.KtUefCn3IvPiEFtMOmdsxOsuRc
!
username admin secret 4 U5rt3dNsFEwpQKnq.KtUefCn3IvPiEFtMOmdsxOsuRc
no aaa new-model
clock timezone CST -6 0
clock summer-time CDST recurring
switch 1 provision ws-c3850-48p
switch 2 provision ws-c3850-48p
ip routing
!
ip domain-name ABC.com
ip device tracking
!
!
qos wireless-default-untrust
!
crypto pki trustpoint TP-self-signed-1662411534
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1662411534
revocation-check none
rsakeypair TP-self-signed-1662411534
!
!
crypto pki certificate chain TP-self-signed-1662411534
certificate self-signed 01
3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31363632 34313135 3334301E 170D3136 30333238 31333030
30315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 36363234
31313533 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100A8D8 FF90427E AA7DE7E5 1AF8BE7D E7828B52 4232AAE5 6DC2234A 57579337
EAB91429 AF3F275A F5D7715B 3D82E19E DE953A7A DF6512CF 40090F7D 1CA264B6
E1A2207D 83CED72F 3DB976EB 2D2BB1FD 57D5AE64 A71D2648 A581BF1A 5F32BFCB
E3761379 2ED2DB6F E2C9C1DE 5A289A72 B6BAA4A2 095D8E72 F5616888 8F43FFEB
0C070203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603
551D1104 1B301982 174C4456 5F4D4446 33383530 582E6C64 76757361 2E636F6D
301F0603 551D2304 18301680 144B5ED2 177490FF C50E4F1A 77C3297E 4FA8641D
AA301D06 03551D0E 04160414 4B5ED217 7490FFC5 0E4F1A77 C3297E4F A8641DAA
300D0609 2A864886 F70D0101 04050003 81810091 B8681A44 5654D68B 11C50EC1
80341321 04D34B87 3429F0BD 8D0DBF8B 7BE423F0 B2A12BAA 7E7621E2 58FB1257
23641DAF 477326DC 9740D743 33C0AD03 89326569 9B6E0FB9 3899FA24 5924AAD9
8B201692 2B60FBB0 B196A474 C7FC8C6A 620C4307 95283DCA A9CD1067 937EEF83
EF72CA02 81CE0A47 CF725BBF 215F2080 B403CE
quit
!
!
diagnostic bootup level minimal
identity policy webauth-global-inactive
inactivity-timer 3600
spanning-tree mode pvst
spanning-tree extend system-id
!
redundancy
mode sso
!
!
class-map match-any non-client-nrt-class
match non-client-nrt
!
policy-map port_child_policy
class non-client-nrt-class
bandwidth remaining ratio 10
!
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
no ip address
negotiation auto
!
interface GigabitEthernet1/0/1
description
switchport access vlan 5
switchport mode access
switchport voice vlan 10
no mdix auto
spanning-tree portfast
!
interface GigabitEthernet1/0/2
(Ports 1/0/2 - 48 have been removed to save space)
!
interface GigabitEthernet1/1/1
description Trunk to 1st Fl South
switchport trunk native vlan 5
switchport trunk allowed vlan 1,5,10,15
switchport mode trunk
!
interface GigabitEthernet1/1/2
description Trunk to 1st Fl South
switchport trunk native vlan 5
switchport trunk allowed vlan 1,5,10,15
switchport mode trunk
!
interface GigabitEthernet1/1/3
description Trunk to New Parts
switchport trunk native vlan 5
switchport trunk allowed vlan 1,5,10,15
switchport mode trunk
!
interface GigabitEthernet1/1/4
description Trunk to Wireless
switchport trunk native vlan 5
switchport trunk allowed vlan 1,5,10,15
switchport mode trunk
!
interface TenGigabitEthernet1/1/1
!
interface TenGigabitEthernet1/1/2
!
interface TenGigabitEthernet1/1/3
!
interface TenGigabitEthernet1/1/4
!
interface GigabitEthernet2/0/1
description
switchport access vlan 5
switchport mode access
switchport voice vlan 10
no mdix auto
spanning-tree portfast
!
interface GigabitEthernet2/0/2
(Ports 2/0/2 - 31 removed to save space)
!
interface GigabitEthernet2/0/32
description VoIP server
switchport access vlan 10
switchport mode access
switchport voice vlan 10
no mdix auto
spanning-tree portfast
!
interface GigabitEthernet2/0/33
description VoIP backup server
switchport access vlan 10
switchport mode access
switchport voice vlan 10
no mdix auto
spanning-tree portfast
!
interface GigabitEthernet2/0/34
(Ports 2/0/35 - 48 removed to save space)
!
interface GigabitEthernet2/1/1
description Trunk to Fiber
switchport trunk native vlan 5
switchport trunk allowed vlan 1,5,10,15
switchport mode trunk
!
interface GigabitEthernet2/1/2
description Trunk to Warehouse
switchport trunk native vlan 5
switchport trunk allowed vlan 1,5,10,15
switchport mode trunk
!
interface GigabitEthernet2/1/3
description Trunk to Gappa
switchport trunk native vlan 5
switchport trunk allowed vlan 1,5,10,15
switchport mode trunk
!
interface GigabitEthernet2/1/4
description Trunk to Motorola Wifi
switchport trunk native vlan 5
switchport trunk allowed vlan 1,5,10,15
switchport mode trunk
!
interface TenGigabitEthernet2/1/1
!
interface TenGigabitEthernet2/1/2
!
interface TenGigabitEthernet2/1/3
!
interface TenGigabitEthernet2/1/4
!
interface Vlan1
description Management VLAN
ip address 10.0.0.1 255.255.255.0
!
interface Vlan5
description Data VLAN
ip address 10.0.70.1 255.255.254.0
ip helper-address 10.0.70.2
!
interface Vlan10
description Voice VLAN
ip address 10.10.20.1 255.255.255.0
ip helper-address 10.0.70.2
!
interface Vlan15
description Gappa VLAN
ip address 10.10.50.1 255.255.255.0
ip helper-address 10.0.70.2
!
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 10.0.71.254 name Sonicwall-FW
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login local
line vty 5 15
login
!
ntp server 128.105.39.11 prefer
ntp server 130.126.24.24
ntp server 198.82.1.201
ntp server 68.77.126.250
wsma agent exec
profile httplistener
profile httpslistener
wsma agent config
profile httplistener
profile httpslistener
wsma agent filesys
profile httplistener
profile httpslistener
wsma agent notify
profile httplistener
profile httpslistener
!
wsma profile listener httplistener
transport http
!
wsma profile listener httpslistener
transport https
ap dot11 24ghz rrm channel dca 1
ap dot11 24ghz rrm channel dca 6
ap dot11 24ghz rrm channel dca 11
ap dot11 5ghz rrm channel dca 36
ap dot11 5ghz rrm channel dca 40
ap dot11 5ghz rrm channel dca 44
ap dot11 5ghz rrm channel dca 48
ap dot11 5ghz rrm channel dca 52
ap dot11 5ghz rrm channel dca 56
ap dot11 5ghz rrm channel dca 60
ap dot11 5ghz rrm channel dca 64
ap dot11 5ghz rrm channel dca 149
ap dot11 5ghz rrm channel dca 153
ap dot11 5ghz rrm channel dca 157
ap dot11 5ghz rrm channel dca 161
ap group default-group
end
零件开关配置
!
version 15.2
no service pad
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
service compress-config
!
hostname ABC-3850PARTS
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
enable secret 5 $1$M.jF$TEYgV2toHpb/y7Rl9cBIX1
enable password 7 00171105565808551C32
!
username admin privilege 15 password 7 0518040C734F4D5A0A16
no aaa new-model
clock timezone CST -6 0
clock summer-time CDST recurring
switch 1 provision ws-c3850-48p
!
!
ip domain-name ABC.com
!
!
qos queue-softmax-multiplier 100
!
crypto pki trustpoint TP-self-signed-1439475857
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1439475857
revocation-check none
rsakeypair TP-self-signed-1439475857
!
!
crypto pki certificate chain TP-self-signed-1439475857
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31343339 34373538 3537301E 170D3137 31303230 31363534
35315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 34333934
37353835 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100BAA8 C3AD16F2 032BAABA EBF947DB 3E8D1489 517B3613 3CE51072 763EA4F9
C01B4916 4BC3DF15 491EDAFA F62C89EF 109E75AF 970D41D5 2EE32398 F564B82F
37FE089E 239ACAB1 B6C58271 5CF8418D 9B6D02ED 6D7421AB AE12E5E2 BD68D7B2
71E018EA DBAE8898 146FBA17 AC070F26 F1575842 6AD00506 0C5C7EE2 8B7FA0EF
9F910203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14F2CB4F 28019962 27BC5F00 1F4B60A8 C318CAC3 E6301D06
03551D0E 04160414 F2CB4F28 01996227 BC5F001F 4B60A8C3 18CAC3E6 300D0609
2A864886 F70D0101 05050003 8181006E BC751E4D 83BD0561 710837AB F51710DA
700B2F50 B6DAC537 D93D0548 9B505E76 710DAC43 AF1540D7 7DD38DE3 5AECCCC2
CDE5EE8D EDCDA81E D0E9E59C A9E3DA9A 57B048BC 992D7EA3 DA2D8BCC 0618B479
D9F90FA8 08B19483 C2EFA183 F8B8C160 BAEEBE94 66622195 5D32D813 B427FB09
EA57A906 7B69D09C 4623D201 9EFC53
quit
diagnostic bootup level minimal
spanning-tree mode pvst
spanning-tree extend system-id
hw-switch switch 1 logging onboard message level 3
!
redundancy
mode sso
!
!class-map match-any non-client-nrt-class
!
policy-map port_child_policy
class non-client-nrt-class
bandwidth remaining ratio 10
!
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet1/0/1
switchport access vlan 5
switchport mode access
switchport voice vlan 10
spanning-tree portfast
!
interface GigabitEthernet1/0/2
(Ports 1/0/2 - 1/0/48 removed to save space)
!
interface GigabitEthernet1/1/1
description Trunk to MDF
switchport trunk native vlan 5
switchport trunk allowed vlan 1,5,10,15
switchport mode trunk
!
interface GigabitEthernet1/1/2
description Trunk to Krift
switchport trunk native vlan 5
switchport trunk allowed vlan 1,5,10,15
switchport mode trunk
!
interface GigabitEthernet1/1/3
description Trunk connection
!
interface GigabitEthernet1/1/4
description Trunk connection
!
interface TenGigabitEthernet1/1/1
!
interface TenGigabitEthernet1/1/2
!
interface TenGigabitEthernet1/1/3
!
interface TenGigabitEthernet1/1/4
!
interface Vlan1
ip address 10.0.0.6 255.255.255.0
!
interface Vlan5
description Data VLAN
ip address 10.0.70.1 255.255.254.0
ip helper-address 10.0.70.2
!
interface Vlan10
description Voice VLAN
ip address 10.10.20.1 255.255.255.0
ip helper-address 10.0.70.2
!
interface Vlan15
description Gappa VLAN
ip address 10.10.50.1 255.255.255.0
ip helper-address 10.0.70.2
!
ip default-gateway 10.0.0.1
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
exec-timeout 30 0
password 7 0215065859050C725F5D
login
length 0
line vty 5 15
password 7 0215065859050C725F5D
no login
!
ntp server 10.0.0.1
wsma agent exec
profile httplistener
profile httpslistener
!
wsma agent config
profile httplistener
profile httpslistener
!
wsma agent filesys
profile httplistener
profile httpslistener
profile http
profile httpliste
!
wsma agent notify
profile httplistener
profile httpslistener
!
!
wsma profile listener httplistener
transport http
!
wsma profile listener httpslistener
transport https
!
ap group default-group
end