作者mikevada (vada)
看板Network
标题[除错] ospf不稳定,要如何解?
时间Fri Dec 13 11:43:45 2013
总公司和分公司有形成一个vpn lan,分公司有二条专线做流量的分流,和总公司跑ospf(
中间经过中华电信机房),
可是一直以来都有看到介面的log像下面,
%OSPF-5-ADJCHG: Process 1, Nbr 192.168.4.48 on GigabitEthernet1/0/2 from
LOADING to FULL, Loading Done
%OSPF-5-ADJCHG: Process 1, Nbr 192.168.0.75 on GigabitEthernet1/0/2 from
LOADING to FULL, Loading Done
%OSPF-5-ADJCHG: Process 1, Nbr 192.168.4.254 on GigabitEthernet1/0/2 from
LOADING to FULL, Loading Done
%OSPF-5-ADJCHG: Process 1, Nbr 192.168.0.254 on GigabitEthernet1/0/2 from
LOADING to FULL, Loading Done
%OSPF-5-ADJCHG: Process 1, Nbr 192.168.0.52 on GigabitEthernet1/0/1 from 2WAY
to DOWN, Neighbor Down: Dead timer expired
%OSPF-5-ADJCHG: Process 1, Nbr 192.168.4.254 on GigabitEthernet1/0/2 from
FULL to DOWN, Neighbor Down: Dead timer expired
%OSPF-5-ADJCHG: Process 1, Nbr 192.168.0.254 on GigabitEthernet1/0/2 from
FULL to DOWN, Neighbor Down: Dead timer expired
%OSPF-5-ADJCHG: Process 1, Nbr 192.168.4.48 on GigabitEthernet1/0/2 from
LOADING to FULL, Loading Done
%OSPF-5-ADJCHG: Process 1, Nbr 192.168.4.254 on GigabitEthernet1/0/2 from
LOADING to FULL, Loading Done
%OSPF-5-ADJCHG: Process 1, Nbr 192.168.0.75 on GigabitEthernet1/0/2 from
LOADING to FULL, Loading Done
%OSPF-5-ADJCHG: Process 1, Nbr 192.168.0.254 on GigabitEthernet1/0/2 from
LOADING to FULL, Loading Done
%OSPF-5-ADJCHG: Process 1, Nbr 192.168.4.254 on GigabitEthernet1/0/2 from
FULL to DOWN, Neighbor Down: Dead timer expired
%OSPF-5-ADJCHG: Process 1, Nbr 192.168.0.254 on GigabitEthernet1/0/2 from
FULL to DOWN, Neighbor Down: Dead timer expired
%OSPF-5-ADJCHG: Process 1, Nbr 192.168.4.254 on GigabitEthernet1/0/1 from
FULL to DOWN, Neighbor Down: Dead timer expired
%OSPF-5-ADJCHG: Process 1, Nbr 192.168.0.254 on GigabitEthernet1/0/1 from
FULL to DOWN, Neighbor Down: Dead timer ex
线路就一直在LOADING to FULL, Loading Done、from FULL to DOWN, Neighbor Down:
Dead timer expired之间切换,
在正常的状态下可以看到对外都有从两路线路学到路由,在异常时从分公司的路由表也会
看到其中一路的路由会不见,然後又起来的不
稳定情形,请问有可能是什麽问题?已经困扰很久了。
--
※ 发信站: 批踢踢实业坊(ptt.cc)
◆ From: 122.116.88.154
1F:推 deadwood:确认一下,你们家专线是用ADSL或是v.35进线,这两种都有 12/13 12:03
2F:→ deadwood:不小的机率因为线路品质不稳(别怀疑)造成IGP沟通中断 12/13 12:04
3F:→ deadwood:接触过不少客户,用中华专线也是常常在跟neighbor断线 12/13 12:06
4F:→ mikevada:我们是用fttb的光纤 12/13 12:58
5F:推 deadwood:排除网路品质问题的话,就得从你们的网路架构跟设定 12/13 13:15
6F:→ deadwood:去找出有问题的地方了,只贴log很难知道怎麽除错 12/13 13:16
7F:→ deadwood:不过192.168.0.X跟192.168.4.X两组IP应该是不同网段 12/13 13:18
8F:→ deadwood:照理说应该只会分别从某个介面连到,你的log却显示 12/13 13:19
9F:→ deadwood:giga1/0/1跟1/0/2两个介面都能同时连到这两个网段 12/13 13:19
10F:→ deadwood:可能你们公司的架构比较特殊吧? 12/13 13:20
11F:→ chugliang:能给公司网路架构吗?两个网段怎会在同一条线路? 12/13 13:28
12F:→ chugliang:VPN耶....架构图可以画来看看吗? 12/13 13:31
13F:推 deadwood:建议可以先确认一下总公司跟分公司的ospf hello-interval 12/13 14:05
14F:→ deadwood:或是dead-interval有没有一致,看起来有点像这个问题 12/13 14:06
15F:→ mikevada:两边都是cisco 3750,hello time都是预设应该是10秒 12/13 16:42
16F:→ mikevada:可是下指令时sh ip ospf 1没有看到hello time的资讯 12/13 16:43
17F:→ mikevada:架构图後补了。 12/13 16:45
18F:推 deadwood:在exec模式下 sh ip ospf int port号 就能看 12/13 17:10
19F:→ deadwood:不过应该不是那个问题,因为hellotime不匹配连邻居都不会 12/13 17:11
20F:→ deadwood:建立成功。 12/13 17:11
21F:推 asdfghjklasd:这问题不难啊.... 12/13 20:58
22F:→ mikevada:a大,怎麽说? 12/13 22:56
23F:推 sssxyz:线路异常? 频宽满载? 12/14 22:36
频宽没满,也没有error packet
24F:→ flyiii:先起个BFD看看到底是不是介面有问题再说吧. 12/16 23:31
是只要一边起BFD就好了吗?还是要两边都做?以前没试过
25F:→ infosec:楼上高手高手高高手出现了~ 12/17 00:38
※ 编辑: mikevada 来自: 122.116.88.154 (12/18 20:06)