有一个 Cisco ISR 4451 通过 Portchannel 连接到 Catalyst 3850 堆栈,并且启用了一些 VLAN,但只有一个没有出现 Portinconsistence。我发现我的催化剂堆栈后面的设备存在问题,但不知道如何调试这个问题。
为了更好地理解这里是网络的简单草图:
ISR 和 Catalyst 上有三个 VLAN。端口通道充当中继,接口使用接入 VLAN,其中一个 VLAN 用于本地 VLAN。VLAN 410 工作正常,但一个 VLAN 409 出现类型不一致错误。
*%SPANTREE-7-RECV_1Q_NON_TRUNK: Received 802.1Q BPDU on non-trunk GigabitEthernet1/0/3 VLAN409.
*%SPANTREE-7-BLOCK_PORT_TYPE: Blocking GigabitEthernet1/0/3 on VLAN0409. Inconsistent port type.
这是来自催化剂端口的配置:
interface Port-channel2
switchport trunk native vlan 10
switchport mode trunk
end
interface GigabitEthernet1/0/2
description PortChannel ISR
switchport trunk native vlan 10
switchport mode trunk
channel-group 2 mode on
end
interface GigabitEthernet1/0/3
switchport access vlan 409
end
interface GigabitEthernet1/0/4
switchport access vlan 410
end
这是 ISR 端口的配置
interface GigabitEthernet0/0/1
no ip address
media-type sfp
negotiation auto
channel-group 2
end
interface Port-channel2.409
encapsulation dot1Q 409
ip address 10.1.18.5 255.255.255.252
end
interface Port-channel2.410
encapsulation dot1Q 410
ip address 10.1.18.1 255.255.255.252
end
两个接口的配置方式相同,一个有效,另一个无效。我该如何调试这个案例并解决这个问题?
sh spanning-tree 的输出显示端口已损坏,但我不知道为什么。也许链接的另一端有任何配置错误?sh 生成树 vlan 409
VLAN0409
Spanning tree enabled protocol rstp
Root ID Priority 33176
Address 00a2.89b2.0f80
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 33176 (priority 32768 sys-id-ext 409)
Address 00a2.89b2.0f80
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/3 Desg BKN*4 128.3 P2p *TYPE_Inc
Po2 Desg FWD 3 128.2316 P2p
更新
完整的配置:
Building configuration...
Current configuration : 9280 bytes
!
! Last configuration change at 12:08:55 UTC Tue Sep 11 2018
!
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service compress-config
!
hostname cat03
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
!
no aaa new-model
switch 1 provision ws-c3850-12s
switch 2 provision ws-c3850-12s
!
!
!
!
!
!
!
!
!
!
ip domain-name demo.de
!
!
qos queue-softmax-multiplier 100
!
!
!
errdisable recovery cause udld
errdisable recovery cause bpduguard
errdisable recovery cause security-violation
errdisable recovery cause channel-misconfig
errdisable recovery cause pagp-flap
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery cause sfp-config-mismatch
errdisable recovery cause gbic-invalid
errdisable recovery cause l2ptguard
errdisable recovery cause psecure-violation
errdisable recovery cause port-mode-failure
errdisable recovery cause dhcp-rate-limit
errdisable recovery cause pppoe-ia-rate-limit
errdisable recovery cause mac-limit
errdisable recovery cause vmps
errdisable recovery cause storm-control
errdisable recovery cause inline-power
errdisable recovery cause arp-inspection
errdisable recovery cause loopback
errdisable recovery cause psp
errdisable recovery interval 60
diagnostic bootup level minimal
spanning-tree mode rapid-pvst
spanning-tree extend system-id
hw-switch switch 1 logging onboard message level 3
hw-switch switch 2 logging onboard message level 3
!
redundancy
mode sso
!
!
vlan configuration 100,408-410
!
!
class-map match-any non-client-nrt-class
!
policy-map port_child_policy
class non-client-nrt-class
bandwidth remaining ratio 10
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Port-channel2
switchport trunk native vlan 10
switchport mode trunk
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
ip address 10.1.20.60 255.255.255.0
negotiation auto
!
interface GigabitEthernet1/0/1
!
interface GigabitEthernet1/0/2
description PortChannel ISR
switchport trunk native vlan 10
switchport mode trunk
channel-group 2 mode on
!
interface GigabitEthernet1/0/3
switchport access vlan 409
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/4
switchport access vlan 410
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface TenGigabitEthernet1/1/1
!
interface TenGigabitEthernet1/1/2
!
interface TenGigabitEthernet1/1/3
!
interface TenGigabitEthernet1/1/4
!
interface GigabitEthernet2/0/1
!
interface GigabitEthernet2/0/2
!
interface GigabitEthernet2/0/3
!
interface GigabitEthernet2/0/4
!
interface GigabitEthernet2/0/5
!
interface GigabitEthernet2/0/6
!
interface GigabitEthernet2/0/7
!
interface GigabitEthernet2/0/8
!
interface GigabitEthernet2/0/9
!
interface GigabitEthernet2/0/10
!
interface GigabitEthernet2/0/11
!
interface GigabitEthernet2/0/12
!
interface GigabitEthernet2/1/1
!
interface GigabitEthernet2/1/2
!
interface GigabitEthernet2/1/3
!
interface GigabitEthernet2/1/4
!
interface TenGigabitEthernet2/1/1
!
interface TenGigabitEthernet2/1/2
!
interface TenGigabitEthernet2/1/3
!
interface TenGigabitEthernet2/1/4
!
interface Vlan409
no ip address
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
!
snmp-server community private RO
snmp-server trap-source GigabitEthernet0/0
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
exec-timeout 0 0
login local
transport input ssh
line vty 5 15
exec-timeout 0 0
login local
transport input ssh
!
!
wsma agent exec
profile httplistener
profile httpslistener
!
wsma agent config
profile httplistener
profile httpslistener
!
wsma agent filesys
profile httplistener
profile httpslistener
!
wsma agent notify
profile httplistener
profile httpslistener
!
!
wsma profile listener httplistener
transport http
!
wsma profile listener httpslistener
transport https
!
ap group default-group
end