分布式中继不一致MAC表

网络工程 MAC地址 生命值
2021-07-04 23:20:13

我最近在 HPE 分布式中继交换机到交换机方形拓扑中遇到了一个问题。

两台主机正常工作的示意图

图 1(显示由 4 个成对工作的交换机组成的架构的基本部分,第一对交换机 A1 和 A2,第二对交换机 B1 和 B2。两对连接交换机、服务器、客户端(为了方便起见,未完全绘制)阅读)。

在正常操作期间A1,A2,B1和B2都可以ping192.168.5.47192.168.6.95在此处用作“测试”主机。

有时会发生两台主机中的一台仅从 A2 无法访问的情况,如图 2 中所述。

一台主机无响应的问题图

通过clear mac-address Trk1在开关 A2 上发出 a 来恢复正常操作

这些是正常操作期间 A2 的一些相关输出:

A2# ping 192.168.5.47
192.168.5.47 is alive, time = 3 ms

A2# ping 192.168.6.95
192.168.6.95 is alive. time = 3 ms

A2#show arp 

IP ARP table
192.168.5.47    aabbcc-111111   dynamic Trk10
192.168.6.95    aabbcc-222222   dynamic Trk10

A2# show mac-address vlan 288
aabbcc-111111   Trk10
aabbcc-222222   Trk10

问题发生后,这些是 A2 的一些相关输出

A2# ping 192.168.5.47
**Request timed out.**

A2# ping 192.168.6.95
192.168.6.95 is alive. time = 3 ms

A2#show arp 
192.168.6.95    aabbcc-222222   dynamic Trk10

A2# show mac-address vlan 288
aabbcc-111111   Trk1
aabbcc-222222   Trk10

我注意到错误的主机 ( 192.168.5.47) 在 Trk1 上被 A2 看到:它应该在 Trk10 上。

恢复正常操作的唯一方法是clear mac-address Trk1在开关 A2 上发出命令

有人可以找出这种行为的一个或多个可能原因吗?

遵循A1、A2、B1、B2的相关配置。

A1:

A1# sh run
Running configuration:
; J9850A Configuration Editor; Created on release #KB.16.03.0004
; Ver #10:08.7f.ff.bb.ff.7c.59.fc.7b.ff.ff.fc.ff.ff.3f.ef:52
hostname "A1"
module A type j9987a
module B type j9990a
module D type j9989a
module F type j9993a
no fault-finder broadcast-storm
no fault-finder bad-driver
no fault-finder bad-transceiver
no fault-finder bad-cable
no fault-finder too-long-cable
no fault-finder over-bandwidth
no fault-finder loss-of-link
no fault-finder duplex-mismatch-hdx
no fault-finder duplex-mismatch-fdx
no fault-finder link-flap
trunk B24,F8 trk1 lacp
trunk D1 trk2 dt-trunk
trunk A21-A22 trk3 dt-trunk
trunk B1-B2 trk4 dt-trunk
trunk D3 trk5 dt-lacp
trunk D22 trk10 dt-lacp
trunk B19,D11 trk11 lacp
trunk D23-D24 trk21 lacp
trunk B20,D12 trk144 lacp
mac-age-time 60
timesync sntp
sntp unicast
no telnet-server
telnet-server listen data
time daylight-time-rule western-europe
time timezone 60
web-management listen data
ip arp-age 1
ip ssh listen data
ip route 0.0.0.0 0.0.0.0 [...]
ip routing
switch-interconnect trk1
[...]
oobm
   disable
   interface disable
   no ip address
   exit
router vrrp
   virtual-ip-ping
   ipv4 enable
   nonstop
   exit
vlan 1
   name [...]
   no untagged [...],Trk10,Trk144
   untagged Trk1, [...]
   no ip address
   jumbo
   disable layer3
   exit
[...]
vlan 288
   name "[…]"
   untagged […],Trk10
   tagged […],Trk1
   ip address 192.168.4.245 255.255.252.0
   ip helper-address 192.168.0.9
   jumbo
   vrrp vrid 2
      virtual-ip-address 192.168.4.244
      priority 101
      enable
      exit
   exit
[...]
vlan 4094
   name "IT-ICS-Keepalive"
   untagged Trk144
   ip address 172.31.255.1 255.255.255.252
   exit
spanning-tree
spanning-tree Trk1 priority 4
[...]
spanning-tree Trk10 priority 4 bpdu-filter
[...]
spanning-tree Trk144 priority 4
spanning-tree pathcost mstp 8021d
[...]
spanning-tree priority 0 force-version rstp-operation
distributed-trunking peer-keepalive vlan 4094
distributed-trunking peer-keepalive destination 172.31.255.2
distributed-trunking role-priority 1
[...]

A2:

A2# sh run
Running configuration:
; J9850A Configuration Editor; Created on release #KB.16.03.0004
; Ver #10:08.7f.ff.bb.ff.7c.59.fc.7b.ff.ff.fc.ff.ff.3f.ef:52
hostname "A2"
module A type j9987a
module B type j9990a
module D type j9989a
module F type j9993a
no fault-finder broadcast-storm
no fault-finder bad-driver
no fault-finder bad-transceiver
no fault-finder bad-cable
no fault-finder too-long-cable
no fault-finder over-bandwidth
no fault-finder loss-of-link
no fault-finder duplex-mismatch-hdx
no fault-finder duplex-mismatch-fdx
no fault-finder link-flap
trunk B24,F8 trk1 lacp
trunk D1 trk2 dt-trunk
trunk A21-A22 trk3 dt-trunk
trunk B1-B2 trk4 dt-trunk
trunk D3 trk5 dt-lacp
trunk D22 trk10 dt-lacp
trunk B19,D11 trk12 lacp
trunk D23-D24 trk22 lacp
trunk B20,D12 trk144 lacp
mac-age-time 60
timesync sntp
sntp unicast
no telnet-server
telnet-server listen data
time daylight-time-rule western-europe
time timezone 60
web-management listen data
ip arp-age 1
ip ssh listen data
ip route 0.0.0.0 0.0.0.0 [...]
ip routing
switch-interconnect trk1
[...]
oobm
   disable
   interface disable
   no ip address
   exit
router vrrp
   virtual-ip-ping
   ipv4 enable
   nonstop
   exit
vlan 1
   name [...]
   no untagged [...],Trk10,Trk144
   untagged Trk1, [...]
   no ip address
   jumbo
   disable layer3
   exit
[...]
vlan 288
   name "[…]"
   untagged B14-B18,D8,Trk10
   tagged B21,Trk1,Trk12,Trk22
   ip address 192.168.4.246 255.255.252.0
   ip helper-address 192.168.0.9
   jumbo
   vrrp vrid 2
      virtual-ip-address 192.168.4.244
      priority 99
      enable
      exit
   exit
[…]
vlan 4094
   name "IT-ICS-Keepalive"
   untagged Trk144
   ip address 172.31.255.2 255.255.255.252
   exit
spanning-tree
spanning-tree Trk1 priority 4
[...]
spanning-tree Trk10 priority 4 bpdu-filter
[...]
spanning-tree Trk144 priority 4
spanning-tree pathcost mstp 8021d
[...]
spanning-tree priority 1 force-version rstp-operation
distributed-trunking peer-keepalive vlan 4094
distributed-trunking peer-keepalive destination 172.31.255.1
distributed-trunking role-priority 2
[...]

乙1:

B1# sh run
Running configuration:
 ; J8697A Configuration Editor; Created on release #K.16.02.0019
; Ver #10:08.01.81.30.02.34.59.2c.6b.ff.f7.fc.7f.ff.3f.ef:24
hostname "B1"
module 1 type j9548a
module 6 type j9537a
trunk A21-A22 trk1 lacp
trunk F23 trk10 dt-lacp
trunk A19-A20 trk144 lacp
[…]
mac-age-time 60
max-vlans 2048
timesync sntp
sntp unicast
[…]
time daylight-time-rule western-europe
time timezone 60
ip arp-age 1
ip default-gateway […]
switch-interconnect trk1
[…]
vlan 1
   name "DEFAULT_VLAN"
   no untagged […], Trk144
   untagged […],Trk1,Trk10
   ip address 192.168.4.242 255.255.252.0
   jumbo
   exit
[…]
vlan 4094
   name "IT-ICS-Keepalive"
   untagged Trk144
   ip address 172.31.255.1 255.255.255.252
   exit
spanning-tree
[…]
spanning-tree Trk1 priority 4
spanning-tree Trk10 priority 4 bpdu-filter
spanning-tree Trk144 priority 4
no spanning-tree bpdu-throttle
spanning-tree priority 0 force-version rstp-operation
[…]
distributed-trunking peer-keepalive vlan 4094
distributed-trunking peer-keepalive destination 172.31.255.2
distributed-trunking role-priority 1
[…]

乙2:

B2# sh run
Running configuration:
; J8697A Configuration Editor; Created on release #K.16.02.0019
; Ver #10:08.01.81.30.02.34.59.2c.6b.ff.f7.fc.7f.ff.3f.ef:24
hostname "B2"
module 1 type j9548a
module 6 type j9537a
trunk A21-A22 trk1 lacp
trunk F23 trk10 dt-lacp
trunk A19-A20 trk144 lacp
[…]
mac-age-time 60
max-vlans 2048
timesync sntp
sntp unicast
[…]
time daylight-time-rule western-europe
time timezone 60
ip arp-age 1
ip default-gateway […]
switch-interconnect trk1
[…]
vlan 1
   name "DEFAULT_VLAN"
   no untagged […], Trk144
   untagged […],Trk1,Trk10
   ip address 192.168.4.243 255.255.252.0
   jumbo
   exit
[…]
vlan 4094
   name "IT-ICS-Keepalive"
   untagged Trk144
   ip address 172.31.255.2 255.255.255.252
   exit
spanning-tree
spanning-tree Trk1 priority 4
spanning-tree Trk10 priority 4 bpdu-filter
spanning-tree Trk144 priority 4
no spanning-tree bpdu-throttle
spanning-tree priority 1 force-version rstp-operation
[…]
distributed-trunking peer-keepalive vlan 4094
distributed-trunking peer-keepalive destination 172.31.255.1
distributed-trunking role-priority 2
[…]
1个回答

我也遇到过这个问题两次了。不幸的是,HPE 支持并不是很有帮助。但是我的 mac 学习问题总是与分布式中继有关。我的解决方法是远离 dt。

如果可能,我建议使用 VSF(需要 V3 模块和 zl2 交换机等:https ://higherlogicdownload.s3.amazonaws.com/HPE/MigratedAttachments/E8DDA7C0-AFED-4DF4-B5C7-FD71B705C690-2-AOS-Switch_VSF_Configuration_Guide . pdf - 第 3 页)

我会将您的旧 5406(J8697A) 交换机视为单独的单元(删除 dt),因为它们不支持 VSF。STP 必须在这里完成这项工作。

即使这个解决方案不是很实用,我也可以说你没有错误的配置。

其它你可能感兴趣的问题
上一篇带有路由映射的 Cisco 静态 NAT 下一篇使用 Internet 路由将我们的网络升级到托管交换机