[除錯] ospf不穩定,要如何解?

看板Network作者 (vada)時間10年前 (2013/12/13 11:43), 編輯推噓6(6019)
留言25則, 7人參與, 最新討論串1/2 (看更多)
總公司和分公司有形成一個vpn lan,分公司有二條專線做流量的分流,和總公司跑ospf( 中間經過中華電信機房), 可是一直以來都有看到介面的log像下面, %OSPF-5-ADJCHG: Process 1, Nbr 192.168.4.48 on GigabitEthernet1/0/2 from LOADING to FULL, Loading Done %OSPF-5-ADJCHG: Process 1, Nbr 192.168.0.75 on GigabitEthernet1/0/2 from LOADING to FULL, Loading Done %OSPF-5-ADJCHG: Process 1, Nbr 192.168.4.254 on GigabitEthernet1/0/2 from LOADING to FULL, Loading Done %OSPF-5-ADJCHG: Process 1, Nbr 192.168.0.254 on GigabitEthernet1/0/2 from LOADING to FULL, Loading Done %OSPF-5-ADJCHG: Process 1, Nbr 192.168.0.52 on GigabitEthernet1/0/1 from 2WAY to DOWN, Neighbor Down: Dead timer expired %OSPF-5-ADJCHG: Process 1, Nbr 192.168.4.254 on GigabitEthernet1/0/2 from FULL to DOWN, Neighbor Down: Dead timer expired %OSPF-5-ADJCHG: Process 1, Nbr 192.168.0.254 on GigabitEthernet1/0/2 from FULL to DOWN, Neighbor Down: Dead timer expired %OSPF-5-ADJCHG: Process 1, Nbr 192.168.4.48 on GigabitEthernet1/0/2 from LOADING to FULL, Loading Done %OSPF-5-ADJCHG: Process 1, Nbr 192.168.4.254 on GigabitEthernet1/0/2 from LOADING to FULL, Loading Done %OSPF-5-ADJCHG: Process 1, Nbr 192.168.0.75 on GigabitEthernet1/0/2 from LOADING to FULL, Loading Done %OSPF-5-ADJCHG: Process 1, Nbr 192.168.0.254 on GigabitEthernet1/0/2 from LOADING to FULL, Loading Done %OSPF-5-ADJCHG: Process 1, Nbr 192.168.4.254 on GigabitEthernet1/0/2 from FULL to DOWN, Neighbor Down: Dead timer expired %OSPF-5-ADJCHG: Process 1, Nbr 192.168.0.254 on GigabitEthernet1/0/2 from FULL to DOWN, Neighbor Down: Dead timer expired %OSPF-5-ADJCHG: Process 1, Nbr 192.168.4.254 on GigabitEthernet1/0/1 from FULL to DOWN, Neighbor Down: Dead timer expired %OSPF-5-ADJCHG: Process 1, Nbr 192.168.0.254 on GigabitEthernet1/0/1 from FULL to DOWN, Neighbor Down: Dead timer ex 線路就一直在LOADING to FULL, Loading Done、from FULL to DOWN, Neighbor Down: Dead timer expired之間切換, 在正常的狀態下可以看到對外都有從兩路線路學到路由,在異常時從分公司的路由表也會 看到其中一路的路由會不見,然後又起來的不 穩定情形,請問有可能是什麼問題?已經困擾很久了。 -- ※ 發信站: 批踢踢實業坊(ptt.cc) ◆ From: 122.116.88.154
12/13 12:03, , 1F
確認一下,你們家專線是用ADSL或是v.35進線,這兩種都有
12/13 12:03, 1F
12/13 12:04, , 2F
不小的機率因為線路品質不穩(別懷疑)造成IGP溝通中斷
12/13 12:04, 2F
12/13 12:06, , 3F
接觸過不少客戶,用中華專線也是常常在跟neighbor斷線
12/13 12:06, 3F
12/13 12:58, , 4F
我們是用fttb的光纖
12/13 12:58, 4F
12/13 13:15, , 5F
排除網路品質問題的話,就得從你們的網路架構跟設定
12/13 13:15, 5F
12/13 13:16, , 6F
去找出有問題的地方了,只貼log很難知道怎麼除錯
12/13 13:16, 6F
12/13 13:18, , 7F
不過192.168.0.X跟192.168.4.X兩組IP應該是不同網段
12/13 13:18, 7F
12/13 13:19, , 8F
照理說應該只會分別從某個介面連到,你的log卻顯示
12/13 13:19, 8F
12/13 13:19, , 9F
giga1/0/1跟1/0/2兩個介面都能同時連到這兩個網段
12/13 13:19, 9F
12/13 13:20, , 10F
可能你們公司的架構比較特殊吧?
12/13 13:20, 10F
12/13 13:28, , 11F
能給公司網路架構嗎?兩個網段怎會在同一條線路?
12/13 13:28, 11F
12/13 13:31, , 12F
VPN耶....架構圖可以畫來看看嗎?
12/13 13:31, 12F
12/13 14:05, , 13F
建議可以先確認一下總公司跟分公司的ospf hello-interval
12/13 14:05, 13F
12/13 14:06, , 14F
或是dead-interval有沒有一致,看起來有點像這個問題
12/13 14:06, 14F
12/13 16:42, , 15F
兩邊都是cisco 3750,hello time都是預設應該是10秒
12/13 16:42, 15F
12/13 16:43, , 16F
可是下指令時sh ip ospf 1沒有看到hello time的資訊
12/13 16:43, 16F
12/13 16:45, , 17F
架構圖後補了。
12/13 16:45, 17F
12/13 17:10, , 18F
在exec模式下 sh ip ospf int port號 就能看
12/13 17:10, 18F
12/13 17:11, , 19F
不過應該不是那個問題,因為hellotime不匹配連鄰居都不會
12/13 17:11, 19F
12/13 17:11, , 20F
建立成功。
12/13 17:11, 20F
12/13 20:58, , 21F
這問題不難啊....
12/13 20:58, 21F
12/13 22:56, , 22F
a大,怎麼說?
12/13 22:56, 22F
12/14 22:36, , 23F
線路異常? 頻寬滿載?
12/14 22:36, 23F
頻寬沒滿,也沒有error packet
12/16 23:31, , 24F
先起個BFD看看到底是不是介面有問題再說吧.
12/16 23:31, 24F
是只要一邊起BFD就好了嗎?還是要兩邊都做?以前沒試過
12/17 00:38, , 25F
樓上高手高手高高手出現了~
12/17 00:38, 25F
※ 編輯: mikevada 來自: 122.116.88.154 (12/18 20:06)
更多 mikevada 的文章
文章代碼(AID): #1Ige9p8g (Network)
更多 mikevada 的文章
文章代碼(AID): #1Ige9p8g (Network)