由于CE12800接入的网络存在二层环路导致ospf邻居down影响上网业务

发布时间:  2014-09-11 浏览次数:  2041 下载次数:  0
问题描述
客户反馈10点半左右CE12800下挂的用户无法上外网,但是用户之间可以互访。13点左右重启了SIG9800-X3和CE12800设备以后,外网访问恢复正常。
组网如下:
告警信息
设备有大量的mac漂移告警:
Sep 16 2013 10:27:14 CE12808_1 %%01FEI/4/hwMflpVlanLoopAlarm_active(l):CID=0x807f049d-alarmID=0x095e0012;MAC flapping detected, VlanId = 310, MacAddress = xxxx-xxxx-3914, Original-Port = Eth-Trunk49, Flapping port = Eth-Trunk33,-. Please check the network to which the interface learning a flapping MAC address is connected.
Sep 16 2013 10:27:51 CE12808_1 %%01OSPF/6/NBR_CHANGE(l):CID=0x808304c7;Neighbor changes event: neighbor status changed. (ProcessId=1, NbrIpAddr=10.192.0.1, NbrEvent=InactivityTimer, NbrPreviousState=Full, NbrCurrentState=Down)
处理过程
1、检查业务中断时间前后的日志,发现客户做过Eth-trunk 33的配置修改透传所有vlan:
Sep 16 2013 10:27:04 CE12808_1 %%01CLI/5/CMDRECORD(l):CID=0x80ca2716;To record command information. (Task=VTY0, Ip=10.200.31.252, User=huawei, Command="interface Eth-Trunk 33".)
Sep 16 2013 10:27:13 CE12808_1 %%01CLI/5/CMDRECORD(l):CID=0x80ca2716;To record command information. (Task=VTY0, Ip=10.200.31.252, User=huawei, Command="port trunk allow-pass vlan all".)
随后Eth-trunk 33发生很多MAC漂移告警:
Sep 16 2013 10:27:14 CE12808_1 %%01FEI/4/hwMflpVlanLoopAlarm_active(l):CID=0x807f049d-alarmID=0x095e0012;MAC flapping detected, VlanId = 101, MacAddress = xxxx-xxxx-3914, Original-Port = Eth-Trunk22, Flapping port = Eth-Trunk33,Eth-Trunk49. Please check the network to which the interface learning a flapping MAC address is connected.
Sep 16 2013 10:27:14 CE12808_1 %%01FEI/4/hwMflpVlanLoopAlarm_active(l):CID=0x807f049d-alarmID=0x095e0012;MAC flapping detected, VlanId = 310, MacAddress = xxxx-xxxx-3914, Original-Port = Eth-Trunk49, Flapping port = Eth-Trunk33,-. Please check the network to which the interface learning a flapping MAC address is connected.
Sep 16 2013 10:27:17 CE12808_1 %%01FEI/4/hwMflpVlanLoopAlarm_active(l):CID=0x807f0437-alarmID=0x095e0012;MAC flapping detected, VlanId = 1021, MacAddress = xxxx-xxxx-fa0e, Original-Port = 10GE1/5/0/20, Flapping port = Eth-Trunk49,Eth-Trunk33. Please check the network to which the interface learning a flapping MAC address is connected.
然后出现了ospf邻居down:
Sep 16 2013 10:27:51 CE12808_1 %%01OSPF/3/NBR_DOWN_REASON(l):CID=0x808304c7;Neighbor state left full or changed to Down. (ProcessId=1, NeighborRouterId=10.xxx.2.xxx, NeighborIp=10.xxx.0.1, NeighborAreaId=0.0.0.xxx, NeighborInterface=Vlanif1053, NeighborDownImmediate reason=Neighbor Down Due to Inactivity, NeighborDownPrimeReason=Hello Not Seen)
2、复位设备后,由于未保存修改的配置,设备使用之前的配置运行,环路影响变小。继续根据日志的mac漂移将二层网络的错误连线找到并拆除。
根因
二层网络存在环路,用户修改配置后加重了环路的影响,并涉及到ospf所在vlan,导致协议报文被丢弃,邻居down,终端无法上网。
重启设备后恢复,是因为修改的配置未保存,重启后修改前的配置生效,避免了更改配置导致的问题。
建议与总结
堆叠场景的“天然无环”是针对和CE互联的部分,接入侧的环路还是要考虑防护,另外透传所有vlan时务必注意,可能会放大二层环路的范围,加深环路对网络的影响。

END