起因是因为机房进行简单的网络调整,把原来由cisco 3750跟H3C S5500 做链路聚合换成2台cisco 3750 做堆叠,由于调整时在凌晨进行的,我没有参与当晚调整。而cisco 3750还连接着一台cisco 3560,出事的就是这台3560了,当晚这台3560什么都没配置,根本就没动它。
同事配置好2台 3750 堆叠之后就回家睡觉去了,我第二天回来上班,刚开始的时候也没啥问题,后来其它部门的同事说有一台服务器远程连接不上,这台服务器跟客户端都是连接在cisco 3560上面的,我去看了一下是客户端获取不了IP地址了,原来这台机连接的网段是可以自动获取IP地址的。
然后我就去机房看了一下交换机,发现这台获取不了IP的机器连接的cisco 3560 的端口跟连接服务器的端口都变成橙色了。
登录交换机看一下配置,show 了一下端口没发现异常。
Switch#show int gi0/1
GigabitEthernet0/1 is up, line protocol is up (connected)
Hardware is Gigabit Ethernet, address is 0026.cad6.ee81 (bia 0026.cad6.ee81)
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:00:08, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
143 packets input, 19483 bytes, 0 no buffer
Received 143 broadcasts (66 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 66 multicast, 0 pause input
0 input packets with dribble condition detected
143 packets output, 10523 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
然后再show run 查看一下
show run (一部分省略)
interface GigabitEthernet0/1
switchport access vlan 300
!
interface GigabitEthernet0/2
switchport access vlan 300
!
interface GigabitEthernet0/3
switchport access vlan 300
然后再show 了一下vlan 然后发现,怎么vlan 300 不见了?
show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi0/16, Gi0/17, Gi0/18, Gi0/19
Gi0/20, Gi0/21, Gi0/22, Gi0/23
Gi0/24, Gi0/25, Gi0/26, Gi0/27
Gi0/28
10 pc-trans active
20 VLAN0020 active
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
看到有些vlan信息不见了,就再show vtp status
Switch#show vtp status
VTP Version capable : 1 to 3
VTP version running : 2
VTP Domain Name : xxxxx
VTP Pruning Mode : Enabled
VTP Traps Generation : Disabled
Device ID : 0026.cad6.ee80
Configuration last modified by 192.168.2.251 at 3-9-93 23:22:10 (时间别较真,我后来模拟当时的环境弄出来的)
Local updater ID is 192.168.2.251 on interface Vl1 (lowest numbered VLAN interface found)
Feature VLAN:
--------------
VTP Operating Mode : Server
Maximum VLANs supported locally : 1005
Number of existing VLANs : 50
Configuration Revision : 32
MD5 digest : 0x0F 0x3A 0xCF 0x27 0xE0 0x18 0xF2 0xBB
0x77 0xF9 0x91 0x7B 0x94 0x4B 0xA9 0xC0
然后我登陆做了叠堆的3750上查看了VTP信息,果然3750上的信息跟3560上的VTP信息一样,悲剧,3560上的VTP信息被3750同步掉了,搞得有一些vlan 被同步掉了,当然访问不了啊。
解决:为了安全,首先将3560的 VTP 模式改成透明模式,然后把丢失的vlan 添加回去,至此问题解决了,客户端可以获取IP地址,也可以访问服务器了。以下为配置
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#vtp mode tr
Switch(config)#vtp mode transparent
Setting device to VTP Transparent mode for VLANS.
Switch(config)#vlan 300
Switch(config-vlan)#exit
Switch(config)#exit
Switch#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi0/16, Gi0/17, Gi0/18, Gi0/19
Gi0/20, Gi0/21, Gi0/22, Gi0/23
Gi0/24, Gi0/25, Gi0/26, Gi0/27
Gi0/28
10 pc-trans active
300 VLAN0300 active Gi0/1, Gi0/2, Gi0/3, Gi0/4
Gi0/5, Gi0/6, Gi0/7, Gi0/8
Gi0/9, Gi0/10, Gi0/11, Gi0/12
Gi0/13, Gi0/14, Gi0/15
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
转载于:https://blog.51cto.com/dcx33/1222565
扫一扫
7627
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
