No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Settle the problem that ESC makes flooding SNMP Request to the core switch impacting the user’s network performance

Publication Date:  2012-11-14 Views:  38 Downloads:  0
Issue Description
There is a simplified configuration version of SingleCLOUD V100R002C00SPC200 at a certain site. The user’s core switch was receiving the SNMP Request message send from the ESC continually, which influenced the customer’s core switch’s performance.

Alarm Information
none
Handling Process
1. The customer ask us to close the SNMP service on the ESC, but once we did so, the OMS will can’t monitor the system running status of the CRM, CNA and so on, therefore, this resolution isn’t feasible;
2. We can settle the problem by setting ACL and traffic-filter on the access switch S5352. The configuration command is as followed:
acl number 3005-----------------configure the ACL;
description TO_BLOCK_OUTBOUND_SNMP_REQUESTS--------------the ACL’s description rule 11 deny udp source 10.81.41.49 0 destination 10.81.41.1 0 destination-port eq snmp----------------configure the rules to refuse the SNMP broadcast message
rule 20 permit ip--------------green light the message from the other IP
traffic-filter vlan 1001 outbound acl 3005 rule 11-------------configure the traffic-filter on the global area
traffic-filter vlan 1001 outbound acl 3005 rule 20-------------configure the traffic-filter on the global area
Remarks:10.81.41.49 is the ESC’s IP, and 10.81.41.1 is the gateway of the management plane, vlan 1001 is the vlan where the management plane is in.

Root Cause
The ESC acquires the running status of the CRM, CNA servers via sending the SNMP Request message, and actualizes monitoring the servers. The SNMP Request message is broadcasting to the whole broadcast area, because the VDI system connects with the user’s network at the second layer, the gateway has configured at the user’s switch, so the user’s core switch will receive the SNMP Request message continually.

Suggestions
In the condition that the VDI system connecting the user’s network at the second layer, we can settle the SNMP flooding problem by setting ACL and traffic-filter on the access switch.

END