Eudemon8000E的BFD配置出现标识符冲突故障

发布时间:  2013-08-18 浏览次数:  163 下载次数:  0
问题描述
通过创建VPN实例,一台物理设备可以当成两台逻辑的隔离设备使用,第一台逻辑设备已经占用前250个标识符(discriminator),第二台逻辑设备若使用从251到500的循环,将会出现不合法的IP地址(103.260.0.1);若是使用1到250的循环,将会与第一台逻辑设备产生的标识符产生冲突。
告警信息
1、IP地址不合法;
[sw-GigabitEthernet3/1/7.260]ip add 103.260.0.2 24                             
                                    ^                                          
Error: Wrong parameter found at '^' position.                                  
[sw-GigabitEthernet3/1/7.260]                                                  
[sw-GigabitEthernet3/1/7.260]firewall  zone  name  trust                       
10:31:57  2013/03/07                                                           
[sw-zone-trust]                                                                
[sw-zone-trust]add int g3/1/7.260                                              
10:31:57  2013/03/07                                                           
[sw-zone-trust]                                                                
[sw-zone-trust]q                                                               
10:31:57  2013/03/07                                                           
[sw]                                                                           
[sw]bfd testhuawei260 bind peer-ip 103.260.0.1                                 
                                   ^                                           
Error: Wrong parameter found at '^' position.

2、标识符冲突
[sw]bfd                                                                        
11:43:17  2013/03/07                                                           
[sw-bfd]bfd testhuawei251 bind peer-ip 103.1.0.1                               
11:43:17  2013/03/07                                                           
[sw-bfd-session-testhuawei251]                                                 
[sw-bfd-session-testhuawei251]discriminator local 1                            
11:43:17  2013/03/07                                                           
Error: The discriminator was already used by another BFD configuration.        
[sw-bfd-session-testhuawei251]                                                 
[sw-bfd-session-testhuawei251]discriminator remote 1                           
11:43:17  2013/03/07                                                           
[sw-bfd-session-testhuawei251]                                                 
[sw-bfd-session-testhuawei251]commit                                           
11:43:17  2013/03/07                                                           
Error: The remote discriminator or the local discriminator is not configured.   
处理过程
1、一层循环同时使用两个变量(n和i)来控制IP地址和标志号;
2、n从251开始循环,i从1开始循环;表达式incr n放在i的循环里,每当i循环一次,n就递增1,直到循环结束;
3、这样就同时创建了合法的IP地址和未冲突的标识符;
set batFileName "d:/share/bfdlh.bat"
set fout [open $batFileName w]
set  n 251
for {set i 1} {$i<251} {incr i} {
puts $fout "interface g5/0/5.$i
vlan-type dot1q $i
ip add 103.$i.0.2 24
firewall  zone  name  trust
add int g5/0/5.$i
q
bfd testhuawei$i bind peer-ip 103.$i.0.1
discriminator local $n                                                                                                             
discriminator remote $n                                                                                                           
commit
q
"
incr n
}
close $fout
根因
tcl脚本语言无法使用(i-a)这样的表达式,且无法使用二层循环,因此产生上述问题。
1、循环若是从1-500,子接口和discriminator都能成功创建,但是ip add 103.$i.0.2 24
和bfd testhuawei$i bind peer-ip 103.$i.0.1都将创建不合法的IP地址。
2、第一台逻辑设备已产生1-250共250个子接口和标志号,第二台逻辑设备若仍是使用1-250的循环,虽然子接口和IP地址都能成功创建且合法,但是产生的标识符仍然是1-250,执行地时候将会弹出冲突提示。
建议与总结
1、BFD配置时,需要创建多个子接口,我们无需手动去一一配置,这样效率低下且容易出错,可以使用IPOP工具自带的脚本语言tcl自动生成。
2、在使用tcl脚本创建255个以上的子接口和标识符的时候,为了避免出现不合法的IP地址或者标志号冲突的情况,我们在受限于无法使用两层循环和四则运算的情况使用多个自变量来解决上述问题。

END