局域网交换 : 802.1Q

在Dot1Q/L2P通道的包丢失

2016 年 10 月 24 日 - 机器翻译
其他版本: PDFpdf | 英语 (2015 年 8 月 22 日) | 反馈


目录


简介

本文讨论关于排除故障在Dot1Q/L2P通道的包丢失由于恶劣的网络设计在Cisco IOS�与案例研究。

先决条件

要求

Cisco 建议您了解以下主题:

  • 在Dot1q建立隧道的基础知识

  • OSPF基础知识

使用的组件

本文档不限于特定的软件或硬件版本。

本文档中的信息都是基于特定实验室环境中的设备编写的。本文档中使用的所有设备最初均采用原始(默认)配置。如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响。

规则

有关文档规则的详细信息,请参阅 Cisco 技术提示规则

网络图

在此网络设置,路由器7600核心的接口Gi1/44和美国兵1/43有单臂路由器设置路由器各自3400-Metro-1的Fa0/13和Fa0/12。在7600-Dot1Q交换机中接口Gi9/44和美国兵9/45启用与Dot1q隧道模式。SVI VLAN接口在3400城域边缘创建,并且Fa0/13和Fa0/12配置作为中继端口。路由器使用OSPF彼此连通。

http://www.cisco.com/c/dam/en/us/support/docs/lan-switching/8021q/113632-packet-loss-dot1q-l2p-01.gif

配置

7609核心
!
version 15.0
hostname 7609-CORE
interface GigabitEthernet1/43
 mtu 9216
 no ip address
 no ip redirects
 no ip proxy-arp
 load-interval 60
 carrier-delay 2
 flowcontrol send off
 storm-control broadcast level 1.00
!
interface GigabitEthernet1/43.3503
 encapsulation dot1Q 3503
 ip address 172.16.41.17 255.255.255.252
 no ip redirects
 no ip proxy-arp
 ip mtu 1500
 ip ospf authentication-key 7 072C0E6B6B272D
 ip ospf network point-to-point
 ip ospf hello-interval 3
 ip ospf dead-interval 10
!
!
interface GigabitEthernet1/44
 mtu 9216
 no ip address
 no ip redirects
 no ip proxy-arp
 load-interval 60
 carrier-delay 2
 flowcontrol send off
 storm-control broadcast level 1.00
!
interface GigabitEthernet1/44.3803
 encapsulation dot1Q 3803
 ip address 172.16.73.137 255.255.255.248 secondary
 ip address 172.16.41.21 255.255.255.252
 no ip redirects
 no ip proxy-arp
 ip mtu 1500
 ip ospf authentication-key 7 072C0E6B6B272D
 ip ospf network point-to-point
 ip ospf cost 5
 ip ospf hello-interval 3
 ip ospf dead-interval 10

!--- Output omitted.

!
end

7609 DOT1Q
!
version 12.2
!
interface GigabitEthernet9/44
  switchport
 switchport access vlan 24
 switchport mode dot1q-tunnel
 mtu 9216
 load-interval 60
 carrier-delay 2
 flowcontrol send off
 storm-control broadcast level 1.00
 l2protocol-tunnel cdp
 l2protocol-tunnel stp
 l2protocol-tunnel vtp
 no cdp enable
 spanning-tree portfast disable
 spanning-tree bpdufilter enable
!
!
interface GigabitEthernet9/45
 switchport
 switchport access vlan 24
 switchport mode dot1q-tunnel
 mtu 9216
 load-interval 60
 carrier-delay 2
 flowcontrol send off
 storm-control broadcast level 1.00
 l2protocol-tunnel cdp
 l2protocol-tunnel stp
 l2protocol-tunnel vtp
 no cdp enable
 spanning-tree portfast disable
 spanning-tree bpdufilter enable
!

!--- Output omitted.

!
end

3400-Metro-1
!
version 12.2
!
interface FastEthernet0/3
  port-type nni
 switchport trunk allowed vlan 1052,3503
 switchport mode trunk
 load-interval 60
!
interface FastEthernet0/4
 port-type nni
 switchport trunk allowed vlan 1052,3803
 switchport mode trunk
 load-interval 60
!
!
interface FastEthernet0/12
 port-type nni
 switchport trunk allowed vlan 2-4094
 switchport mode trunk

!
interface FastEthernet0/13
 port-type nni
 switchport trunk allowed vlan 2-4094
 switchport mode trunk
!
end

3400城域边缘
!
version 12.2
!
interface FastEthernet0/12
 port-type nni
 switchport mode trunk
 load-interval 60
 storm-control broadcast level 1.00
 spanning-tree portfast disable
 spanning-tree bpdufilter disable
!
interface FastEthernet0/13
 port-type nni
 switchport mode trunk
 load-interval 60
 storm-control broadcast level 1.00
 spanning-tree portfast disable
 spanning-tree bpdufilter disable
!
!
interface Vlan3503
 ip address 172.16.41.18 255.255.255.252
 no ip redirects
 no ip proxy-arp
 ip ospf authentication-key 7 072C0E6B6B272D
 ip ospf network point-to-point
 ip ospf hello-interval 3
 ip ospf dead-interval 10
!
interface Vlan3803
 ip address 172.16.73.139 255.255.255.248 secondary
 ip address 172.16.41.22 255.255.255.252
 no ip redirects
 no ip proxy-arp
 ip ospf authentication-key 7 072C0E6B6B272D
 ip ospf network point-to-point
 ip ospf cost 5
 ip ospf hello-interval 3
 ip ospf dead-interval 10
!

!--- Output omitted.

!
end

观察

当数据包通过Dot1q通道,横越随机的Ping丢包发生。但是,没有在接口的输入/输出丢包并且没有物理层问题症状。发出show interface <interface>命令为了检查在接口的输入/输出丢包:

7609-Dot1Q#show interface gi9/44 

!--- Output omitted.

 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
    0 input errors, 0 CRC, 1 frame, 0 overrun, 0 ignored
    0 output errors, 0 collisions, 1 interface resets
    0 lost carrier, 0 no carrier, 0 PAUSE output

!--- Output omitted.

当大约100 Ping ICMP流量从城域边缘被派出,只有95响应在核心接收,建议ICMP数据包在路径被撤销。

Metro-Edge#ping 172.16.41.21 re 100

Type escape sequence to abort.
Sending 100, 100-byte ICMP Echos to 172.16.41.21, timeout is 2 seconds:
.....!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 95 percent (95/100), round-trip min/avg/max = �/9 ms

注意: show ip traffic命令在7609显示仅95响应接收,而在城域边缘和它显示100响应被派出。

show ip traffic
在城域边缘
ICMP statistics:
  Rcvd: 0 format errors, 0 checksum errors, 0 redirects, 0 unreachable
        0 echo, 95 echo reply, 0 mask requests, 0 mask replies, 0 quench
        0 parameter, 0 timestamp, 0 info request, 0 other
        0 irdp solicitations, 0 irdp advertisements
  Sent: 0 redirects, 0 unreachable, 100 echo, 0 echo reply
        0 mask requests, 0 mask replies, 0 quench, 0 timestamp
        0 info reply, 0 time exceeded, 0 parameter problem
        0 irdp solicitations, 0 irdp advertisements

!--- The above output shows that 100 echos are sent
!--- but received 95 replies from 7609-Core.

在7609核心
ICMP statistics:
  Rcvd: 0 format errors, 0 checksum errors, 0 redirects, 0 unreachable
        95 echo, 0 echo reply, 0 mask requests, 0 mask replies, 0 quench
        0 parameter, 0 timestamp, 0 info request, 0 other
        0 irdp solicitations, 0 irdp advertisements
  Sent: 0 redirects, 0 unreachable, 0 echo, 95 echo reply
        0 mask requests, 0 mask replies, 0 quench, 0 timestamp
        0 info reply, 0 time exceeded, 0 parameter problem
        0 irdp solicitations, 0 irdp advertisements

排除故障

验证MAC地址是否适当地了解为了排除故障在数据包的丢弃。

使用显示MAC地址表命令为了验证MAC地址项。

Ping成功

7609-DOT1q#sh mac-address-table address E05F.B972.1F00 all
Legend: * - primary entry
age - seconds since last seen
n/a - not available
vlan mac address type learn age ports
------+----------------+--------+-----+----------+--------------------------
Active Supervisor:
* 24 e05f.b972.1f00 dynamic Yes 0 Gi9/44

!--- This output displays the MAC address learnt
!--- and its associated port, in this case the associated 
!--- port for successful ping is Gi9/44.

失败Ping

7609-DOT1q#sh mac-address-table address E05F.B972.1F00 all
Legend: * - primary entry
age - seconds since last seen
n/a - not available
vlan mac address type learn age ports
------+----------------+--------+-----+----------+--------------------------
Active Supervisor:
* 24 e05f.b972.1f00 dynamic Yes 5 Gi9/45

!--- This output displays the MAC address learnt
!--- and its associated port, in this case, 
!--- the port number is Gi9/45.

为了看到详细的MAC索引编程,请使用show mac-address-table命令

7609-DOT1q#sh mac-address-table address E05F.B972.1F00 det

MAC Table shown in details
========================================

PI_E RM RMA Type Alw-Lrn Trap Modified Notify Capture Flood Mac Address Age Pvlan SWbits Index XTag
----+---+---+----+-------+----+--------+------+-------+------+--------------+----+------+------+----

Active Supervisor:

Yes No No DY No No Yes No No No e05f.b972.1f00 0xE0 24 0 0x22C 0

发出远程登录交换机测验mcast LTL INFO索引<Index number>命令为了知道上一个十六进制值表示的哪端口号。

7609-DOT1q-sp#test mcast ltl-info index 22B
index 0x22B contain ports 9/44
7609-DOT1q-sp#test mcast ltl-info index 22C
index 0x22C contain ports 9/45

!--- The output shows that hex number 22B 
!--- points to 9/44 port and hex 22C points to 9/45.

对于失败的Ping源和目的索引是相同端口并且丢弃。当与mac-address-table通知MAC移动on命令的已启用MAC移动7600它显示两个区别端口之间的MAC飘荡,并且时这是错误消息:

注意: 因为6500/7600使用一普通的MAC地址交换机。,同一MAC地址分配区别端口之间。show catalyst6000机箱MAC地址命令显示保留交换机MAC地址。

* Jul 2 10:29:44.011: %MAC_MOVE-SP-4-NOTIF: Host e05f.b972.1f00 in 
vlan 24 is flapping between port Gi9/45 and port Gi9/44

!--- The previous error message indicates 
!--- that the same MAC address is assigned between 
!--- two different ports: Gi9/45 and port Gi9/44.

解决方案

上一个网络是有同一交换机的DOT1Q隧道终点的全网状网络设置。在这种网络设置MAC飘荡预计。为了避免MAC飘荡,这些解决方案之一可以实现。

  • 移动隧道终点向一不同的交换机,例如,封装和解封装在另外交换机应该发生。

  • VLAN修剪可以完成以便调控在的VLAN任何中继端口。


相关信息


Document ID: 113632