F5000RBMweb頁麵切換導致track業務端口down
- 0關注
- 0收藏,550瀏覽
問題描述:
如下配置在雙機熱備+路由,主備模式。現在在WEB頁麵點切換後,主設備上的業務接口DOWN掉了,OSPF鄰居關係也沒了,這個正常嗎?(切換前備設備上的業務接口狀態正常,OSPF鄰居也正常)
RBM_S<GS-LanZhou-T3-ITL-FW-F5000-2>dis cu
#
version 7.1.064, Release 8190P19
#
sysname GS-LanZhou-T3-ITL-FW-F5000-2
#
clock protocol none
#
context Admin id 1
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 1 priority 1
#
track 1 interface GigabitEthernet1/0/1
#
ospf 1 router-id 172.18.192.230
area 0.0.0.0
network 172.18.192.228 0.0.0.3
#
dns server 8.8.8.8
dns server 114.114.114.114
#
remote-backup group
data-channel interface GigabitEthernet1/0/2
configuration sync-check interval 12
adjust-cost ospf enable absolute
local-ip 10.10.10.11
remote-ip 10.10.10.10
device-role secondary
#
password-recovery enable
#
vlan 1
#
stp global enable
#
interface NULL0
#
interface GigabitEthernet1/0/0
port link-mode route
ip address 192.168.0.1 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-mode route
ip address 172.18.192.230 255.255.255.252
ospf network-type p2p
manage https inbound
manage https outbound
manage ping inbound
manage ping outbound
#
interface GigabitEthernet1/0/2
port link-mode route
ip address 10.10.10.11 255.255.255.0
#
interface GigabitEthernet1/0/3
port link-mode route
#
interface GigabitEthernet1/0/4
port link-mode route
#
interface GigabitEthernet1/0/5
port link-mode route
#
interface GigabitEthernet1/0/6
port link-mode route
ip address 10.123.11.189 255.255.255.248
manage ping inbound
manage ping outbound
#
interface GigabitEthernet1/0/7
port link-mode route
#
interface GigabitEthernet1/0/8
port link-mode route
#
interface GigabitEthernet1/0/9
port link-mode route
#
interface vSys-interface1
#
security-zone name Local
#
security-zone name Trust
import interface GigabitEthernet1/0/1
#
security-zone name DMZ
#
security-zone name Untrust
import interface GigabitEthernet1/0/2
import interface GigabitEthernet1/0/6
#
security-zone name Management
import interface GigabitEthernet1/0/0
#
scheduler logfile size 16
#
line class console
authentication-mode scheme
user-role network-admin
#
line class vty
user-role network-operator
#
line con 0
user-role network-admin
#
line vty 0 63
authentication-mode scheme
user-role network-admin
#
ip route-static 0.0.0.0 0 172.18.192.229
#
undo info-center logfile enable
#
performance-management
#
ssh server enable
#
domain system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
password-control login idle-time 0
#
local-user admin class manage
password hash $h$6$GwHf1Yte2E1wndWR$ZF9DvkC4rIQMQCITEcGjkk4avrma16qsaREKUiXIRfnBnE85pDUnlGy63Gj/F9qxfuH7BxWPJrtWwn5STASJnQ==
service-type ssh terminal https
authorization-attribute user-role level-3
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
#
ssl renegotiation disable
ssl version ssl3.0 disable
ssl version tls1.0 disable
undo ssl version tls1.1 disable
#
ipsec logging negotiation enable
#
ike logging negotiation enable
#
ip https enable
webui log enable
#
loadbalance isp file flash:/lbispinfo_v1.5.tp
#
security-policy ip
rule 0 name 1
action pass
source-zone local
destination-zone trust
service ssh
rule 1 name trust-untrust
action pass
source-zone Trust
destination-zone Untrust
rule 6 name untrust-trust
action pass
source-zone Untrust
destination-zone Trust
rule 2 name ospf1
action pass
source-zone trust
destination-zone local
service ospf
service ssh
rule 3 name ospf2
action pass
source-zone local
destination-zone trust
service ospf
service ssh
rule 4 name ospf3
action pass
source-zone untrust
destination-zone local
service ospf
service ssh
rule 5 name ospf4
action pass
source-zone local
destination-zone untrust
service ospf
service ssh
#
return
RBM_P<GS-LanZhou-T3-ITL-FW-F5000-1>dis cu
#
version 7.1.064, Release 8190P19
#
sysname GS-LanZhou-T3-ITL-FW-F5000-1
#
clock protocol none
#
context Admin id 1
#
telnet server enable
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 1 priority 1
#
track 1 interface GigabitEthernet1/0/1
#
ospf 1 router-id 172.18.192.226
area 0.0.0.0
network 172.18.192.224 0.0.0.3
#
dns server 8.8.8.8
dns server 114.114.114.114
#
remote-backup group
data-channel interface GigabitEthernet1/0/2
configuration sync-check interval 12
track interface GigabitEthernet1/0/1
local-ip 10.10.10.10
remote-ip 10.10.10.11
device-role primary
#
password-recovery enable
#
vlan 1
#
stp global enable
#
interface NULL0
#
interface GigabitEthernet1/0/0
port link-mode route
ip address 192.168.0.1 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-mode route
ip address 172.18.192.226 255.255.255.252
ospf network-type p2p
manage https inbound
manage https outbound
manage ping inbound
manage ping outbound
#
interface GigabitEthernet1/0/2
port link-mode route
ip address 10.10.10.10 255.255.255.0
#
interface GigabitEthernet1/0/3
port link-mode route
#
interface GigabitEthernet1/0/4
port link-mode route
#
interface GigabitEthernet1/0/5
port link-mode route
#
interface GigabitEthernet1/0/6
port link-mode route
ip address 10.123.11.188 255.255.255.248
manage ping inbound
manage ping outbound
#
interface GigabitEthernet1/0/7
port link-mode route
#
interface GigabitEthernet1/0/8
port link-mode route
#
interface GigabitEthernet1/0/9
port link-mode route
#
interface vSys-interface1
#
security-zone name Local
#
security-zone name Trust
import interface GigabitEthernet1/0/1
#
security-zone name DMZ
#
security-zone name Untrust
import interface GigabitEthernet1/0/2
import interface GigabitEthernet1/0/6
#
security-zone name Management
import interface GigabitEthernet1/0/0
#
scheduler logfile size 16
#
line class console
authentication-mode scheme
user-role network-admin
#
line class vty
user-role network-operator
#
line con 0
user-role network-admin
#
line vty 0 63
authentication-mode scheme
user-role network-admin
#
undo info-center logfile enable
#
performance-management
#
ssh server enable
#
domain system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
password-control login idle-time 0
#
local-user admin class manage
password hash $h$6$zQqGHwBHeMjjS+hO$ZE5Ykbv43Vtu9YxIspOVSt+ntmkdV2EUwbWieNyp08ZY+Vj/qQPMGTWllIWbWW22Cqs846ML4xExghoi1aG3nw==
service-type ssh terminal https
authorization-attribute user-role level-3
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
#
ssl renegotiation disable
ssl version ssl3.0 disable
ssl version tls1.0 disable
undo ssl version tls1.1 disable
#
ipsec logging negotiation enable
#
ike logging negotiation enable
#
ip https enable
webui log enable
#
loadbalance isp file flash:/lbispinfo_v1.5.tp
#
security-policy ip
rule 0 name 1
action pass
source-zone local
destination-zone trust
service ssh
rule 1 name trust-untrust
action pass
source-zone Trust
destination-zone Untrust
rule 6 name untrust-trust
action pass
source-zone Untrust
destination-zone Trust
rule 2 name ospf1
action pass
source-zone trust
destination-zone local
service ospf
service ssh
rule 3 name ospf2
action pass
source-zone local
destination-zone trust
service ospf
service ssh
rule 4 name ospf3
action pass
source-zone untrust
destination-zone local
service ospf
service ssh
rule 5 name ospf4
action pass
source-zone local
destination-zone untrust
service ospf
service ssh
#
return
- 2025-02-20提問
- 舉報
-
(0)
最佳答案
在雙機熱備+路由,主備模式下,當從WEB頁麵觸發切換後,如果主設備上的業務接口Down掉,且OSPF鄰居關係消失,這通常表明設備正在進行狀態遷移,可能的原因包括:
1. **接口配置變更**:如刪除接口地址或在接口上關閉OSPF,這會直接導致鄰居關係斷開。
2. **接口狀態變化**:接口down或MTU(最大傳輸單元)改變,也會使得OSPF鄰居關係無法維持。
3. **Track狀態不正常**:如果上下行接口的Track狀態不正常,例如接口down,這可能觸發主備切換,進而影響7層業務。
在這樣的情況下,業務接口Down和OSPF鄰居關係的丟失是切換過程中的正常現象,但這並不意味著業務沒有問題。由於主備設備均出現異常,流量處理會受到影響,可能需要工程師進一步排查具體原因,例如LB(負載均衡)設備是否正常工作,以及網絡配置是否正確。
建議聯係網絡工程師,提供詳細的日誌信息和配置狀態,以便進行深入分析和故障排除。同時,檢查接口狀態、MTU設置和Track狀態,確保網絡環境穩定,有助於快速恢複業務。
- 2025-02-20回答
- 評論(0)
- 舉報
-
(0)
親~登錄後才可以操作哦!
確定你的郵箱還未認證,請認證郵箱或綁定手機後進行當前操作
舉報
×
侵犯我的權益
×
侵犯了我企業的權益
×
- 1. 您舉報的內容是什麼?(請在郵件中列出您舉報的內容和鏈接地址)
- 2. 您是誰?(身份證明材料,可以是身份證或護照等證件)
- 3. 是哪家企業?(營業執照,單位登記證明等證件)
- 4. 您與該企業的關係是?(您是企業法人或被授權人,需提供企業委托授權書)
抄襲了我的內容
×
原文鏈接或出處
誹謗我
×
- 1. 您舉報的內容以及侵犯了您什麼權益?(請在郵件中列出您舉報的內容、鏈接地址,並給出簡短的說明)
- 2. 您是誰?(身份證明材料,可以是身份證或護照等證件)
對根叔社區有害的內容
×
不規範轉載
×
舉報說明
暫無評論