grfmaniak Posted May 3, 2006 Posted May 3, 2006 Помогите докопаться до сути проблемы. Имеем: 3640 с однием eth. Этот eth воткнут в аплинковый порт 2950Т-24. В первый порт того же 2950 воткнут corecess 7224 (dslam). На порту adsl 2/1 висит клиент (комп за zyxel prestige 660R-EE в режиме бриджа). Модем с dslam соединяется на ура, связь 24мбита, никаких отвадиваний нет, Если с компа (192.168.10.2) пинговать dslam (192.168.10.254) - никаких перебоев в пингах нет. НО если пинговать с того же компа 3640 (192.168.10.1)- раз в пару минут стабильно пинги перестают проходить, около 10-15 сек тишина и потом они снова идут. Если пинговать с 3640 комп клиента - та же картина. Если пиновать с 3640 dslam - пинги идут то !!!!! то !.!.! В тот же свитч 2950 воткнут сервак на линуксе, на который 3640 шлет логи в syslog. Так вот что САМОЕ поразительное - пока дебаг на 3640 выключен - пинги продолжают идти с перерывами на 10-15 сек, но стоит на 3640 поднять дебаг типа debug ip packet - моментально пинги восстанавливаются и шуруют со страшной силой. С помощью дебага я пытался найти причину затыков, но мне это не удается, так как как только я включаю отладку - связь стабильна вплоть до выключения дебага. Подскажите что это за фигня :( Привожи конфиги всех трех железок, может заодно что подскажете по настройкам, потому как настраивал по книжкам :) c3640#sh run Building configuration... Current configuration : 3544 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname c3640 ! logging buffered 65535 notifications logging console notifications aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local if-authenticated enable secret xxxxxxxxxx enable password xxxxxxxxxxx ! clock timezone VLAST 10 clock summer-time VLAST recurring last Sun Mar 2:00 last Sun Oct 2:00 ip subnet-zero no ip source-route ! no ip domain-lookup ! no ip bootp server ip cef ip audit notify log ip audit po max-events 100 ! call rsvp-sync ! ! controller E1 0/0 channel-group 0 timeslots 1-31 ! interface Loopback1 ip address 192.168.0.1 255.255.255.0 ! interface FastEthernet0/0 no ip address no ip redirects no ip unreachables no ip proxy-arp ip route-cache flow no ip mroute-cache speed 100 full-duplex no cdp enable no mop enabled ! interface FastEthernet0/0.1 encapsulation dot1Q 100 native ip address 192.168.1.1 255.255.255.0 secondary ip address 88.888.88.8 255.255.255.0 no cdp enable ! interface FastEthernet0/0.100 ! interface FastEthernet0/0.101 encapsulation dot1Q 101 ip address 192.168.10.1 255.255.255.0 ip nat inside ! interface Serial0/0:0 ip address 222.222.222.222 255.255.255.252 ip access-group 101 in no ip redirects no ip unreachables no ip proxy-arp ip nat outside encapsulation ppp ip route-cache flow no cdp enable ! ip nat pool one 88.888.88.8 88.888.88.8 netmask 255.255.255.252 ip nat pool adsl 77.777.77.77 77.777.77.77 netmask 255.255.255.252 ip nat inside source list 1 pool one overload ip nat inside source list 2 pool adsl overload ip classless ip route 0.0.0.0 0.0.0.0 Serial0/0:0 ip route 192.168.0.0 255.255.255.0 Loopback1 ip route 192.168.1.0 255.255.255.0 FastEthernet0/0.1 ip route 192.168.10.0 255.255.255.0 FastEthernet0/0.101 ip route 192.168.100.0 255.255.255.0 192.168.1.5 permanent ip flow-export version 5 ip flow-export destination 88.888.88.8 7223 no ip http server ! logging trap debugging logging facility local2 logging source-interface Loopback1 logging 192.168.1.5 access-list 2 permit 192.168.10.2 access-list 10 permit 192.168.1.5 access-list 10 permit 192.168.100.200 access-list 11 permit 192.168.10.2 access-list 11 permit 192.168.1.5 access-list 11 permit 192.168.100.200 access-list 100 deny ip 192.168.0.0 0.0.255.255 any access-list 100 deny ip 10.0.0.0 0.255.255.255 any access-list 100 deny ip 172.16.0.0 0.15.255.255 any access-list 100 deny ip 127.0.0.0 0.255.255.255 any access-list 101 permit ip any any no cdp run ! dial-peer cor custom line con 0 login authentication CONSOLE line 33 48 line aux 0 line vty 0 4 access-class 11 in password xxxxxxxxxx transport input ssh ! ntp clock-period 17180070 ntp source Loopback1 ntp max-associations 2 ntp server 192.168.1.5 source Loopback1 end ==== c2950-laz1#sh run Building configuration... Current configuration : 2907 bytes !version 12.1 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption service sequence-numbers ! hostname c2950-laz1 ! logging console notifications clock timezone UTC 10 clock summer-time UTC recurring last Sun Oct 2:00 last Sun Mar 3:00 errdisable recovery cause link-flap errdisable recovery interval 30 ip subnet-zero ! no ip domain-lookup ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id no spanning-tree vlan 1-6,9-12,24,100-124 ! interface FastEthernet0/1 description Link to DSLAM1 switchport access vlan 101 switchport mode access ! interface FastEthernet0/2 switchport access vlan 100 switchport mode access switchport port-security switchport port-security aging time 2 switchport port-security aging type inactivity ! interface FastEthernet0/3 shutdown ! interface FastEthernet0/4 shutdown ! interface FastEthernet0/5 shutdown ! interface FastEthernet0/6 ................ interface GigabitEthernet0/1 description Uplink to 3640 switchport trunk native vlan 100 switchport trunk allowed vlan 100-124 switchport mode trunk switchport nonegotiate speed 100 duplex full interface Vlan1 no ip address no ip route-cache shutdown ! interface Vlan100 ip address 192.168.1.2 255.255.255.0 no ip route-cache ! ip default-gateway 192.168.1.1 no cdp run snmp-server community forview/RO RO snmp-server community forview RO snmp-server location laz ! line con 0 exec-timeout 0 0 line vty 0 4 password xxxxxxxxxx login line vty 5 15 password xxxxxxxxxxxx login ! ntp clock-period 17179820 ntp server 192.168.1.5 key 0 prefer ! end c2950-laz1#sh vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6, Fa0/7 Fa0/8, Fa0/9, Fa0/10, Fa0/11 Fa0/12, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Fa0/24 100 VLAN0100 active Fa0/2 101 dslam active Fa0/1 102 VLAN0102 active 103 VLAN0103 active 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------ 1 enet 100001 1500 - - - - - 0 0 100 enet 100100 1500 - - - - - 0 0 101 enet 100101 1500 - - - - - 0 0 102 enet 100102 1500 - - - - - 0 0 103 enet 100103 1500 - - - - - 0 0 1002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0 Remote SPAN VLANs ------------------------------------------------------------------------------ Primary Secondary Type Ports ------- --------- ----------------- ------------------------------------------ corecess: dslam1# sh run Building configuration... Current configuration: hostname dslam1 vcc-create port 2/1 vc 0/35 qos-service unshape vcc-create port 2/1 vc 5/44 qos-service ubr vcc-create port 2/2 vc 0/35 qos-service unshape vcc-create port 2/3 vc 0/35 qos-service unshape vcc-create port 2/4 vc 0/35 qos-service unshape vcc-create port 2/5 vc 0/35 qos-service unshape vcc-create port 2/6 vc 0/35 qos-service unshape vcc-create port 2/7 vc 0/35 qos-service unshape vcc-create port 2/8 vc 0/35 qos-service unshape vcc-create port 2/9 vc 0/35 qos-service unshape vcc-create port 2/10 vc 0/35 qos-service unshape vcc-create port 2/11 vc 0/35 qos-service unshape vcc-create port 2/12 vc 0/35 qos-service unshape vcc-create port 2/13 vc 0/35 qos-service unshape vcc-create port 2/14 vc 0/35 qos-service unshape vcc-create port 2/15 vc 0/35 qos-service unshape vcc-create port 2/16 vc 0/35 qos-service unshape vcc-create port 2/17 vc 0/35 qos-service unshape vcc-create port 2/18 vc 0/35 qos-service unshape vcc-create port 2/19 vc 0/35 qos-service unshape vcc-create port 2/20 vc 0/35 qos-service unshape vcc-create port 2/21 vc 0/35 qos-service unshape vcc-create port 2/22 vc 0/35 qos-service unshape vcc-create port 2/23 vc 0/35 qos-service unshape vcc-create port 2/24 vc 0/35 qos-service unshape dsl line-coding port 2/1 dmt system fan enable 30 20 system temperature enable 90 80 ! snmp-server contact Unknown snmp-server location Unknown snmp-server enable rmon ! vlan id 101 port fastethernet 1/1 vlan id 101 port adsl 2/1 ! interface loopback id 0 ip address 192.168.0.10/24 ! interface vlan id 101 ip address 192.168.10.254/24 ! ip route default 192.168.10.1 ! line vty ! ntp region Asia 67 ! ntp config type server 32 192.168.1.5 preset on ! ntp enable ! dslam1# sh vlan VLAN Name Status Slot/Ports ---- ---------------- -------- ------------------------------------ 1 DEFAULT active 1/2 2/2 2/3 2/4 2/5 2/6 2/7 2/8 2/9 2/10 2/11 2/12 2/13 2/14 2/15 2/16 2/17 2/18 2/19 2/20 2/21 2/22 2/23 2/24 100 DEFAULT active 101 DEFAULT active 1/1 2/1 VLAN Interface MTU STP Private Promisc port ---- ------------ ------ -------- -------- ------------ 1 disable 1500 enable disable None 100 disable 1500 enable disable None 101 enable 1500 enable disable None dslam1# Вставить ник Quote
Nailer Posted May 3, 2006 Posted May 3, 2006 Скажите циске (3640) для эксперемента no ip cef Только аккуратно, если она у вас под достаточной нагрузкой - может сдохнуть от возросшей нагрузки. Если пропадания прекратятся - меняйте софт. Вставить ник Quote
grfmaniak Posted May 3, 2006 Author Posted May 3, 2006 c3640#sh ver Cisco Internetwork Operating System Software IOS 3600 Software (C3640-JK9O3S-M), Version 12.2(32), RELEASE SOFTWARE (fc1) Copyright © 1986-2005 by cisco Systems, Inc. Compiled Fri 02-Dec-05 15:20 by Image text-base: 0x60008930, data-base: 0x615E4000 ROM: System Bootstrap, Version 11.1(20)AA2, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1) c3640 uptime is 1 day, 4 hours, 19 minutes System returned to ROM by reload at 20:03:26 VLAST Tue May 2 2006 System restarted at 20:05:00 VLAST Tue May 2 2006 System image file is "flash:c3640-jk9o3s-mz.122-32.bin" This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to export@cisco.com. cisco 3640 (R4700) processor (revision 0x00) with 125952K/5120K bytes of memory. Processor board ID 27550617 R4700 CPU at 100Mhz, Implementation 33, Rev 1.0 Channelized E1, Version 1.0. Bridging software. X.25 software, Version 3.0.0. SuperLAT software (copyright 1990 by Meridian Technology Corp). TN3270 Emulation software. Primary Rate ISDN software, Version 1.1. 1 FastEthernet/IEEE 802.3 interface(s) 1 Serial network interface(s) 16 terminal line(s) 1 Channelized E1/PRI port(s) DRAM configuration is 64 bits wide with parity disabled. 125K bytes of non-volatile configuration memory. 32768K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 Вставить ник Quote
SergeiK Posted May 3, 2006 Posted May 3, 2006 Похоже на duplex mismatch. Проверьте на dslam-е, лучше пропишите в явном виде. sh int на catalyst поможет увидеть, есть ли ошибки на интерфейсах. Вставить ник Quote
grfmaniak Posted May 3, 2006 Author Posted May 3, 2006 Прописал duplex принудительно. Разрывы не исчезли. Такое впечатление, что пока с циски идет какой-то трафик на клиента - маршрут работает. Как только пауза - маршрут отваливается. Вот с no ip cef вроде бы все работает... А в чем может быть причина вот этого? пингую клиента (через дслам): c3640#ping 192.168.10.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.10.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms ТУТ ЖЕ пингую сам дслам: c3640#ping 192.168.10.254 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.10.254, timeout is 2 seconds: !.!.! Success rate is 60 percent (3/5), round-trip min/avg/max = 1/2/4 ms Почмеу при пигне ДСЛАМ у меня никогда нет 100%-го прохождения пинга, хотя клиент ЗА дслам пингуется отлично? Вставить ник Quote
grfmaniak Posted May 3, 2006 Author Posted May 3, 2006 Рано радовался. С no ip cef тоже отвалилось. Пока 192.168.1.1 с клиента не пинговалась наблюдалась следующая картина: 1.Пинг с клиента на ДСЛАМ проходит (192.168.10.2 -> 192.168.10.254) 2. Зашел телнетом на ДСЛАМ и оттуда смотрю интерфейс к свитчу 2950: dslam1# sh int vlan id 101 Interface vlan101 index 33 kernel index 11 metric 1 mtu 1514 <UP,BROADCAST,RUNNING,MULTICAST> HWaddr: 00:90:a3:84:29:14 inet 192.168.10.254/24 broadcast 192.168.10.255 input packets 4850, bytes 317048, dropped 0, multicast packets 0 input errors 0, length 0, overrun 0, CRC 0, frame 0, fifo 0, missed 0 output packets 1713, bytes 191488, dropped 0 output errors 0, aborted 0, carrier 0, fifo 0, heartbeat 0, window 0 collisions 0 3. Пингую 2950 dslam1# ping 192.168.1.2 PING 192.168.1.2 (192.168.1.2): 56 data bytes 64 bytes from 192.168.1.2: icmp_seq=0 ttl=254 time=0.0 ms 64 bytes from 192.168.1.2: icmp_seq=1 ttl=254 time=0.0 ms 4. Пингую 3640 dslam1# ping 192.168.1.1 PING 192.168.1.1 (192.168.1.1): 56 data bytes 64 bytes from 192.168.1.1: icmp_seq=0 ttl=255 time=0.0 ms 64 bytes from 192.168.1.1: icmp_seq=1 ttl=255 time=0.0 ms Но с клиента 3640 при этом все еще не пингуется! Через некоторое время начинает пинговаться и 3640. Смотрю статистику на его eth: FastEthernet0/0 is up, line protocol is up Hardware is AmdFE, address is 0008.21e9.1d01 (bia 0008.21e9.1d01) MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 1., loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s, 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:00, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 3000 bits/sec, 6 packets/sec 5 minute output rate 3000 bits/sec, 4 packets/sec 179126 packets input, 22097803 bytes Received 4861 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog 0 input packets with dribble condition detected 761428 packets output, 191105622 bytes, 0 underruns 0 output errors, 0 collisions, 3 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out c3640#sh int fastEthernet 0/0.101 FastEthernet0/0.101 is up, line protocol is up Hardware is AmdFE, address is 0008.21e9.1d01 (bia 0008.21e9.1d01) Internet address is 192.168.10.1/24 MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 101. ARP type: ARPA, ARP Timeout 04:00:00 Куда же копать? :( Вставить ник Quote
Nailer Posted May 4, 2006 Posted May 4, 2006 Рано радовался. С no ip cef тоже отвалилось.Пока 192.168.1.1 с клиента не пинговалась наблюдалась следующая картина: 1.Пинг с клиента на ДСЛАМ проходит (192.168.10.2 -> 192.168.10.254) 2. Зашел телнетом на ДСЛАМ и оттуда смотрю интерфейс к свитчу 2950: dslam1# sh int vlan id 101 Interface vlan101 index 33 kernel index 11 metric 1 mtu 1514 <UP,BROADCAST,RUNNING,MULTICAST> HWaddr: 00:90:a3:84:29:14 inet 192.168.10.254/24 broadcast 192.168.10.255 input packets 4850, bytes 317048, dropped 0, multicast packets 0 input errors 0, length 0, overrun 0, CRC 0, frame 0, fifo 0, missed 0 output packets 1713, bytes 191488, dropped 0 output errors 0, aborted 0, carrier 0, fifo 0, heartbeat 0, window 0 collisions 0 3. Пингую 2950 dslam1# ping 192.168.1.2 PING 192.168.1.2 (192.168.1.2): 56 data bytes 64 bytes from 192.168.1.2: icmp_seq=0 ttl=254 time=0.0 ms 64 bytes from 192.168.1.2: icmp_seq=1 ttl=254 time=0.0 ms 4. Пингую 3640 dslam1# ping 192.168.1.1 PING 192.168.1.1 (192.168.1.1): 56 data bytes 64 bytes from 192.168.1.1: icmp_seq=0 ttl=255 time=0.0 ms 64 bytes from 192.168.1.1: icmp_seq=1 ttl=255 time=0.0 ms Но с клиента 3640 при этом все еще не пингуется! Через некоторое время начинает пинговаться и 3640. Смотрю статистику на его eth: FastEthernet0/0 is up, line protocol is up Hardware is AmdFE, address is 0008.21e9.1d01 (bia 0008.21e9.1d01) MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 1., loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s, 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:00, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 3000 bits/sec, 6 packets/sec 5 minute output rate 3000 bits/sec, 4 packets/sec 179126 packets input, 22097803 bytes Received 4861 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog 0 input packets with dribble condition detected 761428 packets output, 191105622 bytes, 0 underruns 0 output errors, 0 collisions, 3 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out c3640#sh int fastEthernet 0/0.101 FastEthernet0/0.101 is up, line protocol is up Hardware is AmdFE, address is 0008.21e9.1d01 (bia 0008.21e9.1d01) Internet address is 192.168.10.1/24 MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 101. ARP type: ARPA, ARP Timeout 04:00:00 Куда же копать? :( Копайте в сторону модема и дслама, с цисками, судя по всему, у вас все в порядке... Для очистки совести - подключите что-нибудь во второй порт каталиста, вклчите в тот же вилан и попингуйте его. Вставить ник Quote
grfmaniak Posted May 7, 2006 Author Posted May 7, 2006 В чем может быть причина такого пинга с 3640 на dslam: "!.!.!" ? Кабель исправный, дуплекс и скорость выставлены принудительно. И почему при включении отладки на 3640 пинг сразу становится "!!!!!" ? Вставить ник Quote
Nailer Posted May 7, 2006 Posted May 7, 2006 В чем может быть причина такого пинга с 3640 на dslam: "!.!.!" ? Кабель исправный, дуплекс и скорость выставлены принудительно. И почему при включении отладки на 3640 пинг сразу становится "!!!!!" ? Вот это непонятно. По идее, при включении дебага циска должна переключаться в process-switching. Но отключение CEF-а проблему не решает, как мы выяснили выше. Попробуйте поменять софт, для пробы. Вставить ник Quote
grfmaniak Posted May 7, 2006 Author Posted May 7, 2006 Ничего доступного для 3640 я что-то найти не могу, А для corecess 7224 вообще что-то никакой поддержки производителя не вижу - ни прошивок в природе, ни даже форума работающего на сайте поддержки www.corecess.ru. :( Вставить ник Quote
grfmaniak Posted May 10, 2006 Author Posted May 10, 2006 Похоже, что DSLAM тут не причем. Когда я пытаюсь пинговать со стороны клиента адрес циски(192.168.10.1), то запросы ARP слышны на порту gigabit0/2 коммутатора, а сама 3640 на них не отвечает. Но через минуту-две начинает, Или я уже ничего не понимаю. 4 0.297946 192.168.10.2 -> Broadcast ARP Who has 192.168.10.1? Tell 192.16 8.10.2 Вставить ник Quote
Nailer Posted May 10, 2006 Posted May 10, 2006 Ну так если воткнуться в тот же 2950 компом вместо dslam-а и попинговать циску, картина аналогичная или все нормально? Вставить ник Quote
grfmaniak Posted May 10, 2006 Author Posted May 10, 2006 нормальная вроде. сдается мне, что как только выяснится причина вот этого: ------- c3640#ping 192.168.10.254 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.10.254, timeout is 2 seconds: !.!.! Success rate is 60 percent (3/5), round-trip min/avg/max = 1/2/4 ms c3640#debug ip pack IP packet debugging is on c3640#ping 192.168.10.254 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.10.254, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 8/46/56 ms c3640# ------- то станет сразу все понятно. Логи циска шлет на syslog на серваке, воткнутом в транковый порт того же 2950 Вставить ник Quote
SergeiK Posted May 10, 2006 Posted May 10, 2006 А вот что-то увидел я в кониге такую строку и подумал - а нафига она тута? ip route 192.168.10.0 255.255.255.0 FastEthernet0/0.101 Хрень же написана по сути. Может она все портит? ip route 192.168.10.0 255.255.255.0 null0 надоть. Вставить ник Quote
grfmaniak Posted May 10, 2006 Author Posted May 10, 2006 почему в null-то? а как же тогда вообще в vlan101 пакеты попадут? dslam-то в vlan101 Вставить ник Quote
Nailer Posted May 10, 2006 Posted May 10, 2006 ip route 192.168.1.0 255.255.255.0 FastEthernet0/0.1 ip route 192.168.10.0 255.255.255.0 FastEthernet0/0.101 Убейте эти две строчки, они не нужны, так как сети, повешанные на интерфейсы, попадают в routing-table как connected автоматом. Кроме того, писать роуты, указывая на броадкастовый интерфейс, вредно по определению. Циска начиает работать через proxy-arp, сжирает память. Вставить ник Quote
SergeiK Posted May 10, 2006 Posted May 10, 2006 В null - для того, чтоб, если fas0/0.101 отключен или упал линк, пакеты не шли по дефолту а дропались прям тут. Если же есть альтернативный маршрут на эту сеть, но все немного сложнее. Вставить ник Quote
grfmaniak Posted May 10, 2006 Author Posted May 10, 2006 ок, прибил эти две строки. На пинговании клиента это никак не сказалось :( С дебагом все пингуется на ура, без дебага - фиг Вставить ник Quote
Nailer Posted May 10, 2006 Posted May 10, 2006 ок, прибил эти две строки. На пинговании клиента это никак не сказалось :(С дебагом все пингуется на ура, без дебага - фиг Покажите: sh ip cef sh cef not-cef-sw sh int switching Вставить ник Quote
grfmaniak Posted May 10, 2006 Author Posted May 10, 2006 c3640#sh ip cef %CEF not running Prefix Next Hop Interface c3640# c3640#sh cef not-cef-sw %CEF not running c3640# c3640#sh int switching FastEthernet0/0 Throttle count 0 Drops RP 0 SP 0 SPD Flushes Fast 0 SSE 0 SPD Aggress Fast 0 SPD Priority Inputs 541 Drops 0 Protocol Path Pkts In Chars In Pkts Out Chars Out Other Process 0 0 25987 1663168 Cache misses 0 Fast 0 0 1213 904986 Auton/SSE 0 0 0 0 IP Process 133609 12986045 580965 308932893 Cache misses 1 Fast 566541 99447220 299100 74771600 Auton/SSE 0 0 0 0 ARP Process 22229 1333740 228351 14614464 Cache misses 0 Fast 0 0 0 0 Auton/SSE 0 0 0 0 IP Process 133609 12986045 580965 308932893 Cache misses 1 Fast 566541 99447220 299100 74771600 Auton/SSE 0 0 0 0 ARP Process 22229 1333740 228351 14614464 Cache misses 0 Fast 0 0 0 0 Auton/SSE 0 0 0 0 Serial0/0:0 Throttle count 0 Drops RP 4384 SP 0 SPD Flushes Fast 0 SSE 0 SPD Aggress Fast 0 SPD Priority Inputs 29641 Drops 0 Protocol Path Pkts In Chars In Pkts Out Chars Out Other Process 0 0 6244 99896 Cache misses 0 Fast 32198 515168 25958 415328 Auton/SSE 0 0 0 0 IP Process 573943 301315164 27924 1743174 Cache misses 0 Fast 0 0 282302 31285576 Auton/SSE 0 0 0 0 Throttle count 0 Drops RP 4384 SP 0 SPD Flushes Fast 0 SSE 0 SPD Aggress Fast 0 SPD Priority Inputs 29641 Drops 0 Protocol Path Pkts In Chars In Pkts Out Chars Out Other Process 0 0 6244 99896 Cache misses 0 Fast 32198 515168 25958 415328 Auton/SSE 0 0 0 0 IP Process 573943 301315164 27924 1743174 Cache misses 0 Fast 0 0 282302 31285576 Auton/SSE 0 0 0 0 Loopback0 Throttle count 0 Drops RP 0 SP 0 SPD Flushes Fast 0 SSE 0 SPD Aggress Fast 0 SPD Priority Inputs 0 Drops 0 Protocol Path Pkts In Chars In Pkts Out Chars Out No traffic sent or received on this interface. Loopback1 Throttle count 0 Drops RP 0 SP 0 SPD Flushes Fast 0 SSE 0 SPD Aggress Fast 0 SPD Priority Inputs 0 Drops 0 Protocol Path Pkts In Chars In Pkts Out Chars Out IP Process 555866 297445791 555866 297445791 Cache misses 0 Fast 0 0 0 0 Auton/SSE 0 0 0 0 Вставить ник Quote
grfmaniak Posted May 10, 2006 Author Posted May 10, 2006 а вот с включенным cef 0.0.0.0/0 attached Serial0/0:0 0.0.0.0/32 receive -skip- 192.168.0.0/24 attached Loopback1 192.168.0.0/32 receive 192.168.0.1/32 receive 192.168.0.255/32 receive 192.168.1.0/24 attached FastEthernet0/0.1 192.168.1.0/32 receive 192.168.1.1/32 receive 192.168.1.5/32 192.168.1.5 FastEthernet0/0.1 192.168.1.255/32 receive 192.168.3.0/24 192.168.1.5 FastEthernet0/0.1 192.168.10.0/24 attached FastEthernet0/0.101 192.168.10.0/32 receive 192.168.10.1/32 receive Prefix Next Hop Interface 192.168.10.2/32 192.168.10.2 FastEthernet0/0.101 192.168.10.254/32 192.168.10.254 FastEthernet0/0.101 192.168.10.255/32 receive 192.168.11.0/24 attached FastEthernet0/0.102 192.168.11.0/32 receive 192.168.11.1/32 receive 192.168.11.255/32 receive 192.168.100.0/24 192.168.1.5 FastEthernet0/0.1 2xx.xxx.xx.xx/32 attached Serial0/0:0 2xx.xxx.xx.xxx/30 attached Serial0/0:0 2xx.xxx.xx.xxx/32 receive 2xx.xxx.xx.xxx/32 receive 2xx.xxx.xx.xxx/32 receive 224.0.0.0/4 drop 224.0.0.0/24 receive 255.255.255.255/32 receive c3640#sh cef not-cef-sw CEF Packets passed on to next switching layer Slot No_adj No_encap Unsupp'ted Redirect Receive Options Access Frag RP 297 0 0 0 110525 0 0 0 sh int switching CEF Packets passed on to next switching layer Slot No_adj No_encap Unsupp'ted Redirect Receive Options Access Frag RP 297 0 0 0 110525 0 0 0 c3640#sh int switching FastEthernet0/0 Throttle count 0 Drops RP 0 SP 0 SPD Flushes Fast 0 SSE 0 SPD Aggress Fast 0 SPD Priority Inputs 541 Drops 0 Protocol Path Pkts In Chars In Pkts Out Chars Out Other Process 0 0 26086 1669504 Cache misses 0 Fast 0 0 1213 904986 Auton/SSE 0 0 0 0 IP Process 134065 13021073 609719 314087399 Cache misses 2 Fast 567943 99891686 299260 74804499 Auton/SSE 0 0 0 0 ARP Process 22370 1342200 230178 14731392 Cache misses 0 Fast 0 0 0 0 Auton/SSE 0 0 0 0 IP Process 134065 13021073 609719 314087399 Cache misses 2 Fast 567943 99891686 299260 74804499 Auton/SSE 0 0 0 0 ARP Process 22370 1342200 230178 14731392 Cache misses 0 Fast 0 0 0 0 Auton/SSE 0 0 0 0 Serial0/0:0 Throttle count 0 Drops RP 4384 SP 0 SPD Flushes Fast 0 SSE 0 SPD Aggress Fast 0 SPD Priority Inputs 29780 Drops 0 Protocol Path Pkts In Chars In Pkts Out Chars Out Other Process 0 0 6270 100312 Cache misses 0 Fast 32325 517200 26059 416944 Auton/SSE 0 0 0 0 IP Process 577185 302178063 28010 1748397 Cache misses 0 Fast 0 0 283569 31703987 Auton/SSE 0 0 0 0 Throttle count 0 Drops RP 4384 SP 0 SPD Flushes Fast 0 SSE 0 SPD Aggress Fast 0 SPD Priority Inputs 29780 Drops 0 Protocol Path Pkts In Chars In Pkts Out Chars Out Other Process 0 0 6270 100312 Cache misses 0 Fast 32325 517200 26059 416944 Auton/SSE 0 0 0 0 IP Process 577185 302178063 28010 1748397 Cache misses 0 Fast 0 0 283569 31703987 Auton/SSE 0 0 0 0 Loopback0 Throttle count 0 Drops RP 0 SP 0 SPD Flushes Fast 0 SSE 0 SPD Aggress Fast 0 SPD Priority Inputs 0 Drops 0 Protocol Path Pkts In Chars In Pkts Out Chars Out No traffic sent or received on this interface. Loopback1 Throttle count 0 Drops RP 0 SP 0 SPD Flushes Fast 0 SSE 0 SPD Aggress Fast 0 SPD Priority Inputs 0 Drops 0 Protocol Path Pkts In Chars In Pkts Out Chars Out IP Process 558995 298287916 558995 298287916 Cache misses 0 Fast 0 0 0 0 Auton/SSE 0 0 0 0 Вставить ник Quote
grfmaniak Posted May 10, 2006 Author Posted May 10, 2006 но выключение и выключение CEF на ситуацию с пингами и дебагом не влияет :( Вставить ник Quote
Nailer Posted May 10, 2006 Posted May 10, 2006 но выключение и выключение CEF на ситуацию с пингами и дебагом не влияет :( Вот это в данном случае странно. sh int с каталиста покажите.. Вставить ник Quote
grfmaniak Posted May 10, 2006 Author Posted May 10, 2006 c2950-laz1#sh int Vlan1 is administratively down, line protocol is down Hardware is CPU Interface, address is 0016.47b4.7200 (bia 0016.47b4.7200) MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output never, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts (0 IP multicast) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 packets output, 0 bytes, 0 underruns 0 output errors, 3 interface resets 0 output buffer failures, 0 output buffers swapped out Vlan100 is up, line protocol is up Hardware is CPU Interface, address is 0016.47b4.7200 (bia 0016.47b4.7200) Internet address is 192.168.1.2/24 MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output never, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 1000 bits/sec, 3 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 1537701 packets input, 106860245 bytes, 0 no buffer Received 1456372 broadcasts (0 IP multicast) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 15 ignored 6271121 packets output, 541241381 bytes, 0 underruns 0 output errors, 2 interface resets 0 output buffer failures, 0 output buffers swapped out FastEthernet0/1 is up, line protocol is up (connected) Hardware is Fast Ethernet, address is 0016.47b4.7201 (bia 0016.47b4.7201) Description: Link to DSLAM1 MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s, media type is 100BaseTX input flow-control is unsupported output flow-control is unsupported ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output 00:00:01, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 3447480 packets input, 990905097 bytes, 0 no buffer Received 173961 broadcasts (0 multicast) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 2621 multicast, 0 pause input 0 input packets with dribble condition detected 2493835 packets output, 758396440 bytes, 0 underruns 0 output errors, 0 collisions, 4 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier, 0 PAUSE output 0 output buffer failures, 0 output buffers swapped out ---остальные порты отключены---- GigabitEthernet0/1 is up, line protocol is up (connected) Hardware is Gigabit Ethernet, address is 0016.47b4.7219 (bia 0016.47b4.7219) Description: Uplink to 3640 MTU 1500 bytes, BW 100000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s, media type is RJ45 input flow-control is off, output flow-control is off ARP type: ARPA, ARP Timeout 04:00:00 Last input 1w0d, output 00:00:00, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 4000 bits/sec, 4 packets/sec 5 minute output rate 4000 bits/sec, 4 packets/sec 5690464 packets input, 2281463506 bytes, 0 no buffer Received 1416092 broadcasts (0 multicast) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 21216 multicast, 0 pause input 0 input packets with dribble condition detected 3282598 packets output, 592364314 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier, 0 PAUSE output 0 output buffer failures, 0 output buffers swapped out GigabitEthernet0/2 is up, line protocol is up (connected) Hardware is Gigabit Ethernet, address is 0016.47b4.721a (bia 0016.47b4.721a) Description: Link to building 2 MTU 1500 bytes, BW 100000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s, media type is RJ45 input flow-control is off, output flow-control is off ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output 00:00:04, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 1748434 packets input, 283654795 bytes, 0 no buffer Received 4867 broadcasts (0 multicast) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 0 multicast, 0 pause input 0 input packets with dribble condition detected 10101435 packets output, 2007362442 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier, 0 PAUSE output 0 output buffer failures, 0 output buffers swapped out Вставить ник Quote
.png.5d2afa2996cc6a85d0f2c09b92dd0a28.png)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.