Catalyst 9000交換器中的未知通訊協定捨棄疑難排解

簡介

本文說明Catalyst 9000系列交換器中出現未知通訊協定捨棄的常見原因。

必要條件

需求

思科建議您瞭解以下主題：

• 動態Trunk通訊協定(DTP)
• 連結層探索通訊協定(LLDP)
• Cisco Discovery Protocol(CDP)
• 封裝802.1Q

採用元件

本文中的資訊係根據以下軟體和硬體版本：

• Catalyst 9000 系列交換器
• Cisco IOS® XE

本文中的資訊是根據特定實驗室環境內的裝置所建立。文中使用到的所有裝置皆從已清除（預設）的組態來啟動。如果您的網路運作中，請確保您瞭解任何指令可能造成的影響。

背景資訊

無法識別訊框的ethertype時，會發生未知的通訊協定捨棄，這表示封裝的通訊協定不受支援或在交換器介面上未設定。此外，幀的目標MAC地址必須是組播控制平面地址，此命令中列出了該地址。

Switch#show mac address-table | include CPU
 All    0100.0ccc.cccc    STATIC      CPU
 All    0100.0ccc.cccd    STATIC      CPU
 All    0180.c200.0000    STATIC      CPU
 All    0180.c200.0001    STATIC      CPU
 All    0180.c200.0002    STATIC      CPU
 All    0180.c200.0003    STATIC      CPU
 All    0180.c200.0004    STATIC      CPU
 All    0180.c200.0005    STATIC      CPU
 All    0180.c200.0006    STATIC      CPU
 All    0180.c200.0007    STATIC      CPU
 All    0180.c200.0008    STATIC      CPU
 All    0180.c200.0009    STATIC      CPU
 All    0180.c200.000a    STATIC      CPU
 All    0180.c200.000b    STATIC      CPU
 All    0180.c200.000c    STATIC      CPU
 All    0180.c200.000d    STATIC      CPU
 All    0180.c200.000e    STATIC      CPU
 All    0180.c200.000f    STATIC      CPU
 All    0180.c200.0010    STATIC      CPU
 All    0180.c200.0021    STATIC      CPU
 All    ffff.ffff.ffff    STATIC      CPU

注意：廣播目標MAC地址時，未知協定丟棄不會遞增。

疑難排解

步驟1.確保未知的協定丟棄數量增加。

Switch#show interface ten1/0/5 | include protocol
TenGigabitEthernet1/0/5 is up, line protocol is up (connected) 
     85 unknown protocol drops

Switch#show interface ten1/0/5 | include protocol
TenGigabitEthernet1/0/5 is up, line protocol is up (connected) 
     90 unknown protocol drops

步驟2.在受影響的介面中配置資料包捕獲，並從01開始匹配目標MAC地址。

Switch#monitor capture port5 interface ten1/0/5 in 
Switch#monitor capture port5 match mac any 0100.0000.0000 00ff.ffff.ffff
Switch#monitor capture port5 buffer size 100 

步驟3.啟動資料包捕獲並檢查unknown-protocol-drops計數器。

Switch#monitor capture port5 start
Started capture point : port5

Switch#show interface ten1/0/5 | include protocol
TenGigabitEthernet1/0/5 is up, line protocol is up (connected) 
     541 unknown protocol drops

步驟4.在幾次未知的協定丟棄後停止資料包捕獲。

Switch#show interface ten1/0/5 | include protocol
TenGigabitEthernet1/0/5 is up, line protocol is up (connected) 
     544 unknown protocol drops

Switch#monitor capture port5 stop
Capture statistics collected at software:
        Capture duration - 68 seconds
        Packets received - 38
        Packets dropped - 0
        Packets oversized - 0

Bytes dropped in asic - 0

Capture buffer will exists till exported or cleared

Stopped capture point : port5

步驟5.匯出資料包捕獲內容。

Switch#monitor capture port5 export location flash:drops.pcap
Export Started Successfully

Switch#
Export completed for capture point port5

步驟6.將資料包捕獲傳輸到您的電腦。

Switch#copy flash: ftp: vrf Mgmt-vrf
Source filename [drops.pcap]? 
Address or name of remote host []? 10.10.10.254
Destination filename [drops.pcap]? 
Writing drops.pcap !
4024 bytes copied in 0.026 secs (154769 bytes/sec)

步驟7.在Wireshark中開啟資料包捕獲並使用此過濾器(eth.dst包含0100.0ccc.cc || eth.dst包含0180.c200.00),以關注CPU組播地址。

步驟8.轉到統計資訊，然後按一下協定層次。

步驟9.展開通訊協定樹並驗證是否已為這些通訊協定設定交換器介面。任何標籤為Data的內容都會導致未知的協定丟棄，因為ethertype未知。

步驟10.按一下右鍵Data，導航到Apply as Filter，然後按一下Selected以過濾未知協定幀。

步驟11.返回Wireshark的主視窗，確定未知協定的源MAC地址和EtherType。

在本例中，源MAC地址CAFE.CAFE.CAFE導致未知協定丟棄，因為ethertype 0x4343不受支援。

常見問題

本節中的示例基於此網路拓撲圖。

動態Trunk通訊協定(DTP)

如果在禁用DTP的埠上接收到DTP消息，則可能導致未知協定丟棄。您可以在介面配置模式下使用no switchport nonegotiate命令啟用DTP。

C9500-1#show running-config interface Twe1/0/1        
interface TwentyFiveGigE1/0/1
 description C9300
 switchport mode trunk
end 

C9300#show running-config interface Gi1/0/1
interface GigabitEthernet1/0/1
 description C9500-1
 switchport mode trunk
 switchport nonegotiate
end

C9300#show interface gi1/0/1 | include unknown
     350 unknown protocol drops 

連結層探索通訊協定(LLDP)

如果在禁用LLDP的埠上接收到LLDP消息，則也會導致未知協定丟棄。您可以在全域性配置模式下使用lldp run命令啟用LLDP。

C9500-1#show lldp
Global LLDP Information:
    Status: ACTIVE
    LLDP advertisements are sent every 30 seconds
    LLDP hold time advertised is 120 seconds
    LLDP interface reinitialisation delay is 2 seconds 

C9300#show lldp
% LLDP is not enabled

C9300#show interface gi1/0/1 | include unknown
     423 unknown protocol drops 

Cisco Discovery Protocol(CDP)

同樣，如果在禁用CDP的埠上接收CDP消息，則未知協定丟棄可能會增加。您可以在全域性配置模式下使用cdp run命令來啟用CDP。

C9500-1#show cdp 
Global CDP information:
        Sending CDP packets every 60 seconds
        Sending a holdtime value of 180 seconds
        Sending CDPv2 advertisements is  enabled 

C9300#show cdp
% CDP is not enabled

C9300#show interface gi1/0/1 | include unknown
     434 unknown protocol drops 

802.1Q報頭中的全零VLAN識別符號

Catalyst 9000系列交換器也在存取連線埠上接收到VLAN ID為0的802.1Q訊框時，將其捨棄。但是，這些資料包不會使未知協定丟棄計數器遞增。在本例中，我們研究為什麼Catalyst 9500交換器無法取得主機192.168.4.22的ARP專案。

C9500-1#ping 192.168.4.22
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.22, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

C9500-1#show ip arp vlan 4
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  192.168.4.1             -   ecc0.18a4.b1bf  ARPA   Vlan4
C9500-1#

C9500-1#show running-config interface Twe1/0/5
interface TwentyFiveGigE1/0/5
 switchport access vlan 4
 switchport mode access
 load-interval 30
end

步驟1.在連線到終端裝置的介面中開始資料包捕獲。

C9500-1#show monitor capture TAC parameter
   monitor capture TAC interface TwentyFiveGigE1/0/5 both
   monitor capture TAC match any
   monitor capture TAC buffer size 100 circular
   monitor capture TAC limit pps 1000

C9500-1#monitor capture TAC start
Started capture point : TAC

步驟2.嘗試ping終端裝置以生成一些ARP流量。

C9500-1#ping 192.168.4.22
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.22, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

步驟3.停止資料包捕獲。

C9500-1#monitor capture TAC stop
Capture statistics collected at software:
        Capture duration - 35 seconds
        Packets received - 28
        Packets dropped - 0
        Packets oversized - 0

Bytes dropped in asic - 0

Capture buffer will exists till exported or cleared

Stopped capture point : TAC

步驟4.注意終端裝置正在傳送ARP應答，在本例中為幀17。

C9500-1#show monitor capture TAC buff brief | include ARP
   15  19.402191 ec:c0:18:a4:b1:bf b^F^R ff:ff:ff:ff:ff:ff ARP 60 Who has 192.168.4.22? Tell 192.168.4.1
   17  21.347022 fe:af:ea:fe:af:ea b^F^R ec:c0:18:a4:b1:bf ARP 60 192.168.4.22 is at fe:af:ea:fe:af:ea

步驟5.注意ARP應答是使用VLAN ID 0封裝在802.1Q報頭中的。

C9500-1#show monitor capture TAC buff detailed | begin Frame 17
Frame 17: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
<output omitted>
Ethernet II, Src: fe:af:ea:fe:af:ea (fe:af:ea:fe:af:ea), Dst: ec:c0:18:a4:b1:bf (ec:c0:18:a4:b1:bf)
    Destination: ec:c0:18:a4:b1:bf (ec:c0:18:a4:b1:bf)
        Address: ec:c0:18:a4:b1:bf (ec:c0:18:a4:b1:bf)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Source: fe:af:ea:fe:af:ea (fe:af:ea:fe:af:ea)
        Address: fe:af:ea:fe:af:ea (fe:af:ea:fe:af:ea)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 0
    000. .... .... .... = Priority: Best Effort (default) (0)
    ...0 .... .... .... = DEI: Ineligible
    .... 0000 0000 0000 = ID: 0
    Type: ARP (0x0806)
    Padding: 0000000000000000000000000000
Address Resolution Protocol (reply)
    Hardware type: Ethernet (1)
    Protocol type: IPv4 (0x0800)
    Hardware size: 6
    Protocol size: 4
    Opcode: reply (2)
    Sender MAC address: fe:af:ea:fe:af:ea (fe:af:ea:fe:af:ea)
    Sender IP address: 192.168.4.22
    Target MAC address: ec:c0:18:a4:b1:bf (ec:c0:18:a4:b1:bf)
    Target IP address: 192.168.4.1

步驟6.匯出資料包捕獲內容。

C9500-1#monitor capture TAC export location flash:ARP.pcap
Export Started Successfully

步驟7.使用Packet Tracer工具確定交換機對Packet 17執行的操作。

C9500-1#show platform hardware fed active forward interface Twe1/0/5 pcap flash:ARP.pcap number 17 data
Show forward is running in the background. After completion, syslog will be generated.

C9500-1#
*Sep 29 17:45:29.091: %SHFWD-6-PACKET_TRACE_DONE: R0/0: fed: Packet Trace Complete:  Execute (show platform hardware fed switch <> forward last summary|detail)
*Sep 29 17:45:29.091: %SHFWD-6-PACKET_TRACE_FLOW_ID: R0/0: fed: Packet Trace Flow id is 6881284

步驟8.顯示Packet Tracer結果。

C9500-1#show platform hardware fed active forward last summary 
Input Packet Details:
###[ Ethernet ]###
  dst       = ec:c0:18:a4:b1:bf
  src=fe:af:ea:fe:af:ea
  type      = 0x8100
###[ 802.1Q ]###
     prio      = 0
     id        = 0
     vlan      = 0
     type      = 0x806
###[ ARP ]###
        hwtype    = 0x1
        ptype     = 0x800
        hwlen     = 6
        plen      = 4
        op        = is-at
        hwsrc=fe:af:ea:fe:af:ea
        psrc=192.168.4.22
        hwdst     = ec:c0:18:a4:b1:bf
        pdst      = 192.168.4.1
###[ Padding ]###
           load      = '00 00 00 00 00 00 00 00 00 00 00 00 00 00'
<output omitted>
Packet DROPPED
 Catch-all for phf.finalFdPresent==1.

附註：資料包被丟棄，因為它包括VLAN ID 0。

有兩種方法可以防止此類丟棄。

選項 1:使用命令switchport voice vlan dot1p。這樣，通過vlan 0接收的幀將分配給接入vlan。

interface TwentyFiveGigE1/0/5
 switchport access vlan 4
 switchport mode access
 switchport voice vlan dot1p
 load-interval 30

選項 2:將介面配置為中繼埠。這樣，通過vlan 0接收的幀將分配給本徵vlan。

interface TwentyFiveGigE1/0/5
 switchport trunk native vlan 4
 switchport mode trunk
 load-interval 30
end

附註：這在Profinet裝置上很常見。

相關缺陷

• 如需詳細資訊，請參閱Cisco錯誤ID CSCwe8812。
  
  

相關資訊

• VLAN 0優先順序標籤支援