关闭

Ovs交换机环路

标签: 交换机环路logging网络安全
1084人阅读 评论(0) 收藏 举报
分类:

现象:node3节点挂了,从node4 ssh上去 ping不通网关192.168.19.254。
解决办法:现在通过串口minicom登录交换机,利用内置的安全保护机制阻止网络风暴。

1. 先查看网桥是否正确连接

node3:$ ovs-vsctl show:
  1. br-in
    这里写图片描述
  2. br-out
    这里写图片描述

2. minicom登录交换机并enable

Switch#show logging
Syslog logging: enabled (0 messages dropped, 0 messages rate-limited, 0 flushes)

No Active Message Discriminator.



No Inactive Message Discriminator.


    Console logging: level debugging, 63 messages logged, xml disabled,
                     filtering disabled
    Monitor logging: level debugging, 0 messages logged, xml disabled,
                     filtering disabled
    Buffer logging:  level debugging, 63 messages logged, xml disabled,
                    filtering disabled
    Exception Logging: size (4096 bytes)
    Count and timestamp logging messages: disabled
    File logging: disabled
    Persistent logging: disabled

No active filter modules.

    Trap logging: level informational, 66 message lines logged
        Logging Source-Interface:       VRF Name:

Log Buffer (4096 bytes):
hanged state to up
Mar 30 01:28:15.449: %LINK-3-UPDOWN: Interface GigabitEthernet0/10, changed stap
Mar 30 01:28:15.449: %LINK-3-UPDOWN: Interface GigabitEthernet0/12, changed stap
Mar 30 01:28:15.486: %LINK-3-UPDOWN: Interface GigabitEthernet0/14, changed stap
Mar 30 01:28:15.486: %LINK-3-UPDOWN: Interface GigabitEthernet0/15, changed stap
Mar 30 01:28:15.544: %LINK-3-UPDOWN: Interface GigabitEthernet0/19, changed stap
Mar 30 01:28:15.565: %LINK-3-UPDOWN: Interface GigabitEthernet0/2, changed statp
Mar 30 01:28:15.570: %LINK-3-UPDOWN: Interface GigabitEthernet0/6, changed statp
Mar 30 01:28:15.607: %LINK-3-UPDOWN: Interface GigabitEthernet0/13, changed stap
Mar 30 01:28:15.607: %LINK-3-UPDOWN: Interface GigabitEthernet0/16, changed stap
Mar 30 01:28:15.643: %LINK-3-UPDOWN: Interface GigabitEthernet0/9, changed statp
Mar 30 01:28:15.643: %LINK-3-UPDOWN: Interface GigabitEthernet0/24, changed stap
Mar 30 01:28:15.816: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthn
Mar 30 01:28:16.451: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthp
Mar 30 01:28:16.451: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthp
Mar 30 01:28:16.482: %LINK-3-UPDOWN: Interface GigabitEthernet0/11, changed stap
Mar 30 01:28:16.487: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthp
Mar 30 01:28:16.487: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthp
Mar 30 01:28:16.545: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthp
Mar 30 01:28:16.566: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthp
Mar 30 01:28:16.571: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthp
Mar 30 01:28:16.608: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthp
Mar 30 01:28:16.608: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthp
Mar 30 01:28:16.645: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthp
Mar 30 01:28:16.645: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthp
Mar 30 01:28:16.723: %LINK-3-UPDOWN: Interface GigabitEthernet0/17, changed stap
Mar 30 01:28:16.723: %LINK-3-UPDOWN: Interface GigabitEthernet0/18, changed stap
Mar 30 01:28:16.765: %LINK-3-UPDOWN: Interface GigabitEthernet0/20, changed stap
Mar 30 01:28:17.484: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthp
Mar 30 01:28:17.725: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthp
Mar 30 01:28:17.725: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthp
Mar 30 01:28:17.767: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthp
Mar 30 01:28:21.772: %PKI-6-AUTOSAVE: Running configuration saved to NVRAM
Mar 30 01:28:24.986: %LINK-3-UPDOWN: Interface GigabitEthernet0/7, changed statp
Mar 30 01:28:25.988: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthp
Mar 30 01:28:37.218: %LINK-3-UPDOWN: Interface GigabitEthernet0/22, changed stap
Mar 30 01:28:38.219: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthp
Mar 30 01:28:42.193: %DTP-5-DOMAINMISMATCH: Unable to perform trunk negotiation.
Mar 30 02:18:10.717: %ETHCNTR-3-LOOP_BACK_DETECTED: Loop-back detected on Gigab.
Mar 30 02:18:10.717: %PM-4-ERR_DISABLE: loopback error detected on Gi0/19, putte
Mar 30 02:18:11.724: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthn
Mar 30 02:18:12.730: %LINK-3-UPDOWN: Interface GigabitEthernet0/19, changed stan
Switch#
Switch#
Switch#
Switch#configure
Configuring from terminal, memory, or network [terminal]? 
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#errdisable recovery cause loopback
Switch(config)#eixt
                ^
% Invalid input detected at '^' marker.

Switch(config)#show errdisable recovery
                 ^
% Invalid input detected at '^' marker.

Switch(config)#show errdisable recovery
                 ^
% Invalid input detected at '^' marker.

Switch(config)#exit
Switch#
Mar 30 02:59:05.434: %SYS-5-CONFIG_I: Configured from console by consoleshow 
% Type "show ?" for a list of subcommands
Switch#
Switch#show errdisable recovery
ErrDisable Reason            Timer Status
-----------------            --------------
bpduguard                    Disabled
channel-misconfig (STP)      Disabled
dhcp-rate-limit              Disabled
dtp-flap                     Disabled
gbic-invalid                 Disabled
inline-power                 Disabled
link-flap                    Disabled
mac-limit                    Disabled
loopback                     Enabled
pagp-flap                    Disabled
port-mode-failure            Disabled
pppoe-ia-rate-limit          Disabled
psecure-violation            Disabled
security-violation           Disabled
sfp-config-mismatch          Disabled
small-frame                  Disabled
storm-control                Disabled
udld                         Disabled
vmps                         Disabled
psp                          Disabled

Timer interval: 300 seconds

Interfaces that will be enabled at the next timeout:

Interface       Errdisable reason       Time left(sec)
---------       -----------------       --------------
Gi0/19                  loopback          264

Switch#
Switch#
Switch#
Switch#
Switch#
Switch#
Switch#
Switch#
Switch#
Switch#
Switch#
Switch#
Switch#show errdisable recovery
1
0
查看评论
发表评论
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场

Patch构建OVS网桥和OVS网桥相连的网络

将多个主机(物理机或虚拟机)连接到同一个网桥上,实现它们之间的通信,但是要构建复杂的网络,就需要多个网桥,在装有open vswitch的主机上建立两个网桥,实现它们之间的连接,构建结果如下: 1. ...
  • qiqishuang
  • qiqishuang
  • 2016-05-31 16:12
  • 2835

对openvSwitch中不同类型端口的理解

同一主机上的OVS中可以创建多个网桥(即多个datapath实例),每个bridge可以通过patch ports互联,而netdev ports是OVS对底层物理端口的抽象封装,internal 类...
  • vonzhoufz
  • vonzhoufz
  • 2014-10-10 18:49
  • 5599

网络----虚拟交换机---open vswitch

虚拟交换机:来模拟物理交换机的作用。软件实现 目前业界应用比较广泛的vSwitch, 开源的有Open vSwitch 商用的有VMware的VSS(vSphere Standard vSwitch...
  • Michaelwubo
  • Michaelwubo
  • 2016-09-28 13:28
  • 2281

最简单的使用OVS和控制器做路由的方法

参考文献:http://www.sdnap.com/sdn-technology/5913.html 如上图就是网络拓扑图,其中controller就是控制器,ES1~3是边缘交换机,使用了OVS,...
  • batmancn
  • batmancn
  • 2016-05-21 13:09
  • 1822

Patch构建OVS网桥和OVS网桥相连的网络

将多个主机(物理机或虚拟机)连接到同一个网桥上,实现它们之间的通信,但是要构建复杂的网络,就需要多个网桥,在装有open vswitch的主机上建立两个网桥,实现它们之间的连接,构建结果如下: 1. ...
  • qiqishuang
  • qiqishuang
  • 2016-05-31 16:12
  • 2835

重磅:虚拟化交换机性能优化

嘉宾介绍: 刘年超,现任职中兴通讯云计算&政企业务产品部,负责云数据中心产品架构规划,见证公司基于SDN架构云数据中心从无到有。目前对Openstack、KVM、vSwitch、SDN/NF...
  • jincm13
  • jincm13
  • 2016-03-22 14:35
  • 3057

OVS转发面分析

OVS的转发面?      安装OVS的时候需要安装gre、openvswitch、libcrc32c、vxlan等内核模块。这些模块中,至少openvswitch是带内核编译选项编译出来的,代码在...
  • batmancn
  • batmancn
  • 2016-01-27 15:27
  • 1105

关于OVS的PATCH端口的测试和思考

OVS支持多种端口类型,可以从端口设置命令ovs-vsctl set interface type=..设置端口类型,其中一种端口类型为PATCH。PATCH类型的端口有如下定义:“A pair ...
  • dreamhu_scu
  • dreamhu_scu
  • 2014-12-31 11:15
  • 3552

采用ovs-docker为容器创建双外部网络

在之前一篇文章《利用iptables给Docker绑定一个外网IP》大致介绍了docker的默认网络配置,尝试了手动为docker绑定一个外部网络IP。 而在实际开发中可能不仅仅只有简单的一个网络,...
  • shipengfei92
  • shipengfei92
  • 2015-07-28 10:26
  • 673

OpenStack网络实战系列一:通过Openvswitch实践了解交换机的基本概念和操作

本文通过openvswitch和Linux网络命名空间的基本操作帮助大家初步理解网络交换机的基本概念及操作,为后续理解和研究openstack网络概念打下初步基础。
  • zztflyer
  • zztflyer
  • 2016-07-04 19:21
  • 2565
    个人资料
    • 访问:50405次
    • 积分:718
    • 等级:
    • 排名:千里之外
    • 原创:21篇
    • 转载:5篇
    • 译文:0篇
    • 评论:8条
    文章分类
    最新评论