ACU2 在esight上报很多地址冲突

发布时间:  2016-11-26 浏览次数:  80 下载次数:  1
问题描述

eSight上出现大量IP地址冲突告警,且同一IP地址冲突告警在10ACU2板卡上都会出现。至问题处理前,一共有5000多条该告警。

告警信息

IP地址冲突告警

处理过程

根据目前现网配置,用户私设IP地址会被加入黑名单,因此终端IP地址只能通过DHCP分配获取。

分析出现告警时的DHCP Server日志:

用户下线时有release,短时间内可以看到服务器将IP分配给另外一个用户:

2016-09-18 15:22:45

冲突的IP地址=183.172.42.142,ARP表项中记录的接口=Eth-Trunk1,ARP表项中记录的MAC地址=9c35-eb55-695a,对应的ARP表项中记录的VLAN=540,收到ARP报文的接口=Eth-Trunk1,收到ARP报文的源MAC地址=a444-d138-4a1b,收到ARP报文的VLAN=540,收到ARP报文的CEVLAN=0,收到ARP报文的CEVLAN=Remote IP conflict

 

11,09/18/16,14:05:58,Renew,183.172.42.142,songzhiopingban,9C35EB55695A,,601587485,0,,,,,,,,

11,09/18/16,14:20:58,Renew,183.172.42.142,songzhiopingban,9C35EB55695A,,618364701,0,,,,,,,,

11,09/18/16,14:35:58,Renew,183.172.42.142,songzhiopingban,9C35EB55695A,,635141917,0,,,,,,,,

11,09/18/16,14:50:58,Renew,183.172.42.142,songzhiopingban,9C35EB55695A,,651919133,0,,,,,,,,

11,09/18/16,15:05:58,Renew,183.172.42.142,songzhiopingban,9C35EB55695A,,668696349,0,,,,,,,,

12,09/18/16,15:12:23,Release,183.172.42.142,songzhiopingban,9C35EB55695A,,685473565,0,,,,,,,,

 

10,09/18/16,15:18:39,Assign,183.172.41.243,songzhiopingban,9C35EB55695A,,291746647,0,,,,,,,,

11,09/18/16,15:18:39,Renew,183.172.41.243,songzhiopingban,9C35EB55695A,,291746647,0,,,,,,,,

11,09/18/16,15:18:39,Renew,183.172.41.243,songzhiopingban,9C35EB55695A,,291746647,0,,,,,,,,

11,09/18/16,15:46:47,Renew,183.172.41.243,songzhiopingban,9C35EB55695A,,308523863,0,,,,,,,,

11,09/18/16,15:46:47,Renew,183.172.41.243,songzhiopingban,9C35EB55695A,,308523863,0,,,,,,,,

11,09/18/16,15:46:47,Renew,183.172.41.243,songzhiopingban,9C35EB55695A,,308523863,0,,,,,,,,

 

15,09/18/16,15:21:45,NACK,10.129.244.33,,A444D1384A1B,,0,6,,,,,,,,

15,09/18/16,15:21:45,NACK,10.129.244.33,,A444D1384A1B,,0,6,,,,,,,,

15,09/18/16,15:21:45,NACK,10.129.244.33,,A444D1384A1B,,0,6,,,,,,,,

 

10,09/18/16,15:21:46,Assign,183.172.42.142,meilan-note-3,A444D1384A1B,,910743907,0,,,,0x6468637063642D352E352E36,dhcpcd-5.5.6,,,

11,09/18/16,15:21:46,Renew,183.172.42.142,meilan-note-3,A444D1384A1B,,910743907,0,,,,0x6468637063642D352E352E36,dhcpcd-5.5.6,,,

11,09/18/16,15:21:46,Renew,183.172.42.142,meilan-note-3,A444D1384A1B,,910743907,0,,,,0x6468637063642D352E352E36,dhcpcd-5.5.6,,,

release地址到新用户分配到相同地址间隔9分钟,此时AC上原用户的ARP表项未老化,新用户获取到地址后发起ARPACU2上产生IP冲突告警。

根因

目前的DHCP Server租期配置为30分钟,租期太短,在原已分配出去的IP地址对应ARP表项还未老化,该IP地址又被正常地分配给新用户,从而产生IP地址冲突告警。

多组ACU2的业务VLAN二层互通,因此每个ACU2均会学习到用户的ARP表,每检测到一次IP冲突时均会上报十几条告警,导致网管上出现告警信息较多。

解决方案

ACU2上配置ARP严格学习,只有当AC主动发起ARP Request请求并且收到用户回应时才会学习用户的ARP表,其他情况不学习用户的ARP

该场景中ACU2作为DHCP Relay,且使用隧道转发模式,用户网关在S12712上,隧道转发时转发报文不需要用户的ARP表项,因此AC上没有用户ARP表项不影响用户业务。

建议与总结
时刻关注eSight上的告警,及时找出告警原因,并解决。

END