通过 NAT 平衡数据包的错误集群

网络工程 纳特 生成树 热休克蛋白 鼻涕虫
2022-02-17 10:35:50

我试图用 3 台 linux 机器创建一个 Web 集群(HTTP 和 FTP),其中数据包通过 NAT 平衡,我使用桥接接口和 HSRP,因为我使用 2 个路由器(使用 c3660 映像)来使所有高度可用。我正在使用 microxp 机器来测试连接。这是我的配置。 这是我的配置

问题是当我只打开 1 个 linux 时它工作正常但是当我打开超过 1 个并尝试访问该网站时它不起作用并且 R5 路由器变得更慢并且在一段时间后显示 sysmalloc 错误,如下图所示在此处输入图像描述

我认为这与 stp 配置有关,但我认为这一切都正确,但我认为这与网络循环有关。在 linux 机器上,我也配置了带 stp 的桥。这是我的路由器配置:

R5配置:

    !

!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R5
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
!
!
ip cef
no ip domain lookup
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
ip tcp synwait-time 5
! 
!
bridge irb
!
!
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 bridge-group 1
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
 bridge-group 1
!
interface FastEthernet1/0
 no ip address
 duplex auto
 speed auto
 bridge-group 2
!
interface FastEthernet2/0
 no ip address
 duplex auto
 speed auto
 bridge-group 2
!
interface FastEthernet3/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet4/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet5/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial6/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial6/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial6/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial6/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface BVI1
 ip address 172.11.255.2 255.255.0.0
 ip nat outside
 ip virtual-reassembly
 standby 10 ip 172.11.255.1
 standby 10 preempt
!
interface BVI2
 ip address 192.168.11.253 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 standby 5 ip 192.168.11.254
 standby 5 preempt
 standby 5 name HSRP2
!
no ip http server
no ip http secure-server
ip forward-protocol nd
!
!
ip nat Stateful id 1
  redundancy HSRP2
   mapping-id 100
   protocol   udp
ip nat pool cluster 192.168.11.1 192.168.11.3 prefix-length 24 type rotary
ip nat inside destination list CLUSTERCONNECTIONS pool cluster mapping-id 100
!
!
ip access-list extended CLUSTERCONNECTIONS
 permit tcp any host 172.11.255.1 eq www
no cdp log mismatch duplex
!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
bridge 2 protocol ieee
bridge 2 route ip
!
!
!
!
!
!
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 login
!
!
end

R6配置:

!
!

!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R6
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
!
!
ip cef
no ip domain lookup
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
ip tcp synwait-time 5
! 
!
bridge irb
!
!
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 bridge-group 1
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
 bridge-group 1
!
interface FastEthernet1/0
 no ip address
 duplex auto
 speed auto
 bridge-group 2
!
interface FastEthernet2/0
 no ip address
 duplex auto
 speed auto
 bridge-group 2
!
interface FastEthernet3/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet4/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet5/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial6/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial6/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial6/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial6/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface BVI1
 ip address 172.11.255.3 255.255.0.0
 ip nat outside
 ip virtual-reassembly
 standby 10 ip 172.11.255.1
 standby 10 priority 90
 standby 10 preempt
!
interface BVI2
 ip address 192.168.11.252 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 standby 5 ip 192.168.11.254
 standby 5 priority 90
 standby 5 preempt
 standby 5 name HSRP2
!
no ip http server
no ip http secure-server
ip forward-protocol nd
!
!
ip nat Stateful id 1
  redundancy HSRP2
   mapping-id 100
   protocol   udp
ip nat pool cluster 192.168.11.1 192.168.11.3 prefix-length 24 type rotary
ip nat inside destination list CLUSTERCONNECTIONS pool cluster mapping-id 100
!
!
ip access-list extended CLUSTERCONNECTIONS
 permit tcp any host 172.11.255.1 eq www
!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
bridge 2 protocol ieee
bridge 2 route ip
!
!
!
!
!
!
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 login
!
!
end
1个回答

我找到了解决方案。我的 UbuntuServers 具有相同的 mac 地址,这导致了广播风暴。只需要更改mac地址。

其它你可能感兴趣的问题
上一篇主机可以不发送对 ARP 请求的响应以保持隐藏状态吗? 下一篇5G:将 QoS 流映射到需要乱序交付的 DRB