Здравствуйте! Появилась следующая нетривиальная проблема. Есть циска 3550, обслуживает довольно крупную абонентскую сеть. Всегда вела себя адекватно. С незапамятных времен на ней настраивались и работали списки доступа. И вот недавно я проводил коренные изменения в его настройках а именно: появилась необходимость настроить dhcp snooping в связке с dinamyc arp inspector и ip source guard чтобы резать пользователей которые сидят со статикой. Потом настроил QoS на нем. И вообщем как-то незаметно перестали работать списки доступа (access-lists)... просто списки доступа это такая вещь которая была так сказать доверенная, т.е. ну никак не мог подумать что в циске она может по каким-то причинам отключиться. Хотя до всех этих изменений они работали, точно!
Я перерерыл все, узнал что списки доступа используют ассоциативную память, поставил sdm prefer access, который перераспределяет ассоциативную память под списки доступа... не помогло. Да у меня и немного этих списков доступа... под QoS четыре небольших списка и еще парй списков под клиентские сети в общей сложности все списки доступа имеют 115 строчек. Это много или мало???? Я думаю что для циски эти 115 строчек выполнить все равно что будерброд маслом намазать...
Вообщем поотключал я это все и QoS и dhcp snooping и dinamyc arp inspector и ip source guard, все равно списки не работают! Я уже начал грешить на все, думал что циска с ума сошла, сломалась, но волей судьбы буквально через неделю покупаем еще одну такую же циску 3550. Я ее с нуля настроил. Проверил специально все списки доступа. Все работало!!!! Значит поработала она недели две. Развернул на ней (новой) качество обслуживания (QoS), смотрю работает несоклько дней, все нормально списки доступа пашут, внедрил dhcp snooping, dinamyc arp inspector и ip source guard. И списки доступа перестали работать! Причем я как-то даже и не подумал сразу проверить после чего точно затыкаются эти списки доступа. Ну вообщем опять та же история, все технологии которые внедрил отключаю... списки доступа все равно не работают, и я даже не знаю на что грешить! Вообщем остался я у разбитого корыта. Ситуация очень не приятная... обыкновенные пользователи сейчас ничем не ограничены... вполть до того что имеют доступ в управляющую сеть (хотя пока об этом не догададываются).
Помогите пожалуйста!!!! Может кто слышал чего или может уже была у кого -нибудь такая проблема...
>[оверквотинг удален]
>и ip source guard. И списки доступа перестали работать! Причем я
>как-то даже и не подумал сразу проверить после чего точно затыкаются
>эти списки доступа. Ну вообщем опять та же история, все технологии
>которые внедрил отключаю... списки доступа все равно не работают, и я
>даже не знаю на что грешить! Вообщем остался я у разбитого
>корыта. Ситуация очень не приятная... обыкновенные пользователи сейчас ничем не ограничены...
>вполть до того что имеют доступ в управляющую сеть (хотя пока
>об этом не догададываются).
>Помогите пожалуйста!!!! Может кто слышал чего или может уже была у кого
>-нибудь такая проблема...покажите текущию конфигурацию (по возможности), а так же версию IOS, на которой работаете.
и покажите :
sh ip int
sh int stat
sh ip traf
sh memory stat
sh ip cef summ
>[оверквотинг удален]
>>-нибудь такая проблема...
>
>покажите текущию конфигурацию (по возможности), а так же версию IOS, на которой
>работаете.
>и покажите :
>sh ip int
>sh int stat
>sh ip traf
>sh memory stat
>sh ip cef summСпасибо что откликнулись! Версия ИОС - Cisco IOS Software, C3550 Software (C3550-IPSERVICESK9-M), Version 12.2(40)SE, RELEASE SOFTWARE (fc3)
sh ip int:
sw1-prom111#sh ip int
Vlan1 is up, line protocol is up
Internet address is 172.16.11.254/22
Broadcast address is 255.255.255.255
Address determined by non-volatile memory
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Multicast reserved groups joined: 224.0.0.9
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP Null turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Probe proxy name replies are disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
Vlan2 is up, line protocol is up
Internet protocol processing disabled
Vlan20 is up, line protocol is up
Internet address is 10.1.0.2/16
Broadcast address is 255.255.255.255
Address determined by non-volatile memory
MTU is 1500 bytes
Helper address is 172.16.2.2
Directed broadcast forwarding is disabled
Multicast reserved groups joined: 224.0.0.9
Outgoing access list is not set
Inbound access list is Kiselevka1
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP Null turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Probe proxy name replies are disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
Input features: Access List
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
Vlan21 is up, line protocol is up
Internet address is 10.2.0.2/16
Broadcast address is 255.255.255.255
Address determined by non-volatile memory
MTU is 1500 bytes
Helper address is 172.16.2.2
Directed broadcast forwarding is disabled
Multicast reserved groups joined: 224.0.0.9
Outgoing access list is not set
Inbound access list is Kiselevka2
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP Null turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Probe proxy name replies are disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
Input features: Access List
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
Vlan22 is up, line protocol is up
Internet address is 10.3.1.1/26
Broadcast address is 255.255.255.255
Address determined by non-volatile memory
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Multicast reserved groups joined: 224.0.0.9
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP Null turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Probe proxy name replies are disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
Vlan23 is up, line protocol is up
Internet address is 10.5.5.1/24
Broadcast address is 255.255.255.255
Address determined by non-volatile memory
MTU is 1500 bytes
Helper address is 172.16.2.2
Directed broadcast forwarding is disabled
Multicast reserved groups joined: 224.0.0.9
Outgoing access list is not set
Inbound access list is HomeClients-24
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP Null turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Probe proxy name replies are disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
Input features: Access List
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
Vlan24 is up, line protocol is up
Internet address is 10.5.6.1/24
Broadcast address is 255.255.255.255
Address determined by non-volatile memory
MTU is 1500 bytes
Helper address is 172.16.2.2
Directed broadcast forwarding is disabled
Multicast reserved groups joined: 224.0.0.9
Outgoing access list is not set
Inbound access list is HomeClients-24
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP Null turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Probe proxy name replies are disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
Input features: Access List
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
Vlan25 is up, line protocol is up
Internet address is 10.3.1.113/30
Broadcast address is 255.255.255.255
Address determined by non-volatile memory
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Multicast reserved groups joined: 224.0.0.9
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP Null turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Probe proxy name replies are disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
Vlan27 is up, line protocol is up
Internet address is 10.5.4.1/24
Broadcast address is 255.255.255.255
Address determined by non-volatile memory
MTU is 1500 bytes
Helper address is 172.16.2.2
Directed broadcast forwarding is disabled
Multicast reserved groups joined: 224.0.0.9
Outgoing access list is not set
Inbound access list is HomeClients-24
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP Null turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Probe proxy name replies are disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
Input features: Access List
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
FastEthernet0/1 is down, line protocol is down
Inbound access list is not set
FastEthernet0/2 is down, line protocol is down
Inbound access list is not set
FastEthernet0/3 is down, line protocol is down
Inbound access list is not set
FastEthernet0/4 is down, line protocol is down
Inbound access list is not set
FastEthernet0/5 is up, line protocol is up
Inbound access list is not set
FastEthernet0/6 is up, line protocol is up
Inbound access list is not set
FastEthernet0/7 is down, line protocol is down
Inbound access list is not set
FastEthernet0/8 is down, line protocol is down
Inbound access list is not set
FastEthernet0/9 is down, line protocol is down
Inbound access list is not set
FastEthernet0/10 is down, line protocol is down
Inbound access list is not set
FastEthernet0/11 is up, line protocol is up
Inbound access list is not set
FastEthernet0/12 is up, line protocol is up
Inbound access list is not set
FastEthernet0/13 is down, line protocol is down
Inbound access list is not set
FastEthernet0/14 is down, line protocol is down
Inbound access list is not set
FastEthernet0/15 is up, line protocol is up
Inbound access list is not set
FastEthernet0/16 is down, line protocol is down
Inbound access list is not set
FastEthernet0/17 is down, line protocol is down
Inbound access list is not set
FastEthernet0/18 is down, line protocol is down
Inbound access list is not set
FastEthernet0/19 is down, line protocol is down
Inbound access list is not set
FastEthernet0/20 is down, line protocol is down
Inbound access list is not set
FastEthernet0/21 is down, line protocol is down
Inbound access list is not set
FastEthernet0/22 is down, line protocol is down
Inbound access list is not set
FastEthernet0/23 is down, line protocol is down
Inbound access list is not set
FastEthernet0/24 is down, line protocol is down
Inbound access list is not set
GigabitEthernet0/1 is down, line protocol is down
Inbound access list is not set
GigabitEthernet0/2 is up, line protocol is up
Internet address is 172.16.3.2/30
Broadcast address is 255.255.255.255
Address determined by non-volatile memory
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Multicast reserved groups joined: 224.0.0.9
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP Null turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Probe proxy name replies are disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
Input features: QoS Classification, QoS Marking
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabledsh int stat:
sw1-prom111# sh int stat
Vlan1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 8 512 1656 240626
Route cache 0 0 0 0
Total 8 512 1656 240626
Vlan2
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
Vlan20
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 173608 12864155 63972 12999411
Route cache 69404 7027509 0 0
Total 243012 19891664 63972 12999411
Vlan21
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 38622 3750584 15084 1243206
Route cache 12131 1252372 0 0
Total 50753 5002956 15084 1243206
Vlan22
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 9691 1025811 2057 365158
Route cache 27 1982 0 0
Total 9718 1027793 2057 365158
Vlan23
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 1647 338240
Route cache 0 0 0 0
Total 0 0 1647 338240
Vlan24
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 1642 337350
Route cache 0 0 0 0
Total 0 0 1642 337350
Vlan25
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 10 640 1657 338420
Route cache 0 0 0 0
Total 10 640 1657 338420
Vlan27
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 727 78347 1811 349280
Route cache 85 8820 0 0
Total 812 87167 1811 349280
FastEthernet0/1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet0/2
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet0/3
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet0/4
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 47059 3100976
Route cache 0 0 0 0
Total 0 0 47059 3100976
FastEthernet0/5
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 106876 7103698
Route cache 0 0 0 0
Total 0 0 106876 7103698
FastEthernet0/6
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 169118 10783570
Route cache 0 0 0 0
Total 0 0 169118 10783570
FastEthernet0/7
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet0/8
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet0/9
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet0/10
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet0/11
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 29046 1996278
Route cache 0 0 0 0
Total 0 0 29046 1996278
FastEthernet0/12
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 52360 3570264
Route cache 0 0 0 0
Total 0 0 52360 3570264
FastEthernet0/13
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet0/14
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet0/15
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 119443 7774944
Route cache 0 0 0 0
Total 0 0 119443 7774944
FastEthernet0/16
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet0/17
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet0/18
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet0/19
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet0/20
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet0/21
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet0/22
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet0/23
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet0/24
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
GigabitEthernet0/1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
GigabitEthernet0/2
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 31240 4545740 20738 2412699
Route cache 958 204876 0 0
Total 32198 4750616 20738 2412699sh ip traf:
sw1-prom111# sh ip traf
IP statistics:
Rcvd: 137565662 total, 36826 local destination
0 format errors, 20 checksum errors, 12187 bad hop count
0 unknown protocol, 24 not a gateway
0 security failures, 0 bad options, 3882 with options
Opts: 0 end, 0 nop, 0 basic security, 0 loose source route
0 timestamp, 0 extended security, 0 record route
0 stream ID, 0 strict source route, 3882 alert, 0 cipso, 0 ump
0 other
Frags: 0 reassembled, 0 timeouts, 0 couldn't reassemble
0 fragmented, 0 couldn't fragment
Bcast: 9350 received, 81 sent
Mcast: 1642 received, 14830 sent
Sent: 88357 generated, 137514862 forwarded
Drop: 18902 encapsulation failed, 0 unresolved, 0 no adjacency
1054 no route, 0 unicast RPF, 421 forced drop
0 options denied, 0 source IP address zeroICMP statistics:
Rcvd: 0 format errors, 0 checksum errors, 0 redirects, 0 unreachable
1598 echo, 0 echo reply, 0 mask requests, 0 mask replies, 0 quench
0 parameter, 0 timestamp, 0 info request, 0 other
0 irdp solicitations, 0 irdp advertisements
Sent: 29 redirects, 45748 unreachable, 10 echo, 1598 echo reply
0 mask requests, 0 mask replies, 0 quench, 0 timestamp
0 info reply, 12130 time exceeded, 0 parameter problem
0 irdp solicitations, 0 irdp advertisementsTCP statistics:
Rcvd: 5417 total, 0 checksum errors, 2 no port
Sent: 5206 totalUDP statistics:
Rcvd: 29821 total, 0 checksum errors, 9241 no port
Sent: 33577 total, 99 forwarded broadcastsBGP statistics:
Rcvd: 0 total, 0 opens, 0 notifications, 0 updates
0 keepalives, 0 route-refresh, 0 unrecognized
Sent: 0 total, 0 opens, 0 notifications, 0 updates
0 keepalives, 0 route-refreshEIGRP-IPv4 statistics:
Rcvd: 0 total
Sent: 0 totalPIMv2 statistics: Sent/Received
Total: 0/0, 0 checksum errors, 0 format errors
Registers: 0/0 (0 non-rp, 0 non-sm-group), Register Stops: 0/0, Hellos: 0/0
Join/Prunes: 0/0, Asserts: 0/0, grafts: 0/0
Bootstraps: 0/0, Candidate_RP_Advertisements: 0/0
State-Refresh: 0/0IGMP statistics: Sent/Received
Total: 0/0, Format errors: 0/0, Checksum errors: 0/0
Host Queries: 0/0, Host Reports: 0/0, Host Leaves: 0/0
DVMRP: 0/0, PIM: 0/0OSPF statistics:
Rcvd: 0 total, 0 checksum errors
0 hello, 0 database desc, 0 link state req
0 link state updates, 0 link state acksSent: 0 total
0 hello, 0 database desc, 0 link state req
0 link state updates, 0 link state acksARP statistics:
Rcvd: 115255 requests, 146 replies, 0 reverse, 0 other
Sent: 18065 requests, 3443 replies (1714 proxy), 0 reverse
Drop due to input queue full: 0
sh memory stat:
sw1-prom111# sh memory stat
Head Total(b) Used(b) Free(b) Lowest(b) Largest(b)
Processor 1A95D0C 39484148 17433284 22050864 20869508 20776060
I/O 80000000 8388608 3038268 5350340 5093956 5083192
sh ip cef summ:
sw1-prom111#sh ip cef summ
IPv4 CEF is enabled and running
VRF Default:
167 prefixes (167/0 fwd/non-fwd)
Table id 0
Database epoch: 0 (167 entries at this epoch)
Конфигурационый файл:Current configuration : 19752 bytes
!
! Last configuration change at 08:56:51 UTC Wed Dec 12 2007 by anton
! NVRAM config last updated at 08:56:52 UTC Wed Dec 12 2007 by anton
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname sw1-prom111
!
enable password 7 01100F175804
!aaa new-model
aaa configuration config-username anton
!
aaa session-id common
errdisable recovery cause udld
errdisable recovery cause bpduguard
errdisable recovery cause security-violation
errdisable recovery cause channel-misconfig
errdisable recovery cause pagp-flap
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery cause sfp-config-mismatch
errdisable recovery cause gbic-invalid
errdisable recovery cause l2ptguard
errdisable recovery cause psecure-violation
errdisable recovery cause port-mode-failure
errdisable recovery cause dhcp-rate-limit
errdisable recovery cause mac-limit
errdisable recovery cause unicast-flood
errdisable recovery cause vmps
errdisable recovery cause storm-control
errdisable recovery cause arp-inspection
errdisable recovery cause link-monitor-failure
errdisable recovery cause oam-remote-failure
errdisable recovery cause loopback
errdisable recovery interval 60
mls aclmerge delay 100
mls qos
ip subnet-zero
ip routing!
ip dhcp snooping vlan 20-22,25,27
ip dhcp snooping database flash:/dhcpsnoop.text
no ip dhcp snooping verify mac-address
ip dhcp snooping
vtp mode transparent
!
password encryption aes
!
vlan internal allocation policy ascending
!
vlan 2
name Managment
!
vlan 20
name kis1
!
vlan 21
name kis2
!
vlan 22
name KDprogress
!
vlan 23
name KiselClients10-5-5
!
vlan 24
name KiselClients10-5-6
!
vlan 25
name BauMarket
!
vlan 27
name Kiselevka10-5-4
!
!
class-map match-any Queue1
match access-group name QoS_Punk
class-map match-any Queue3
match access-group name QoS_Internet
class-map match-any Queue2
match access-group name QoS_WEB
class-map match-any Queue4
match access-group name QoS_Critical
class-map match-all VBQueue4
match vlan 1-90
match class-map Queue4
class-map match-all VBQueue1
match vlan 1-90
match class-map Queue1
class-map match-all VBQueue3
match vlan 1-90
match class-map Queue3
class-map match-all VBQueue2
match vlan 1-90
match class-map Queue2
!
!
policy-map PB
class Queue1
set dscp cs1
class Queue2
set dscp cs3
class Queue3
set dscp cs5
class Queue4
set dscp cs7
policy-map VB
class VBQueue1
set dscp cs1
class VBQueue2
set dscp cs3
class VBQueue3
set dscp cs5
class VBQueue4
set dscp cs7
class class-default
!
!
!
!
!
!
interface FastEthernet0/1
switchport mode access
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/2
switchport access vlan 2
switchport mode access
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/3
switchport mode dynamic desirable
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/4
switchport access vlan 20
switchport mode access
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/5
switchport access vlan 20
switchport mode access
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/6
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,2,20,21,25
switchport mode trunk
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
no cdp enable
service-policy input VB
!
interface FastEthernet0/7
switchport access vlan 20
switchport mode access
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/8
switchport access vlan 21
switchport mode access
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
no cdp enable
spanning-tree bpdufilter enable
spanning-tree bpduguard enable
spanning-tree vlan 21 cost 10
service-policy input VB
!
interface FastEthernet0/9
switchport access vlan 21
switchport mode access
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/10
switchport access vlan 21
switchport mode access
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/11
switchport access vlan 21
switchport mode access
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/12
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,2,27
switchport mode trunk
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/13
switchport mode dynamic desirable
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/14
switchport mode dynamic desirable
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/15
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,22-24,26
switchport mode trunk
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/16
switchport mode dynamic desirable
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/17
switchport mode dynamic desirable
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/18
switchport mode dynamic desirable
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/19
switchport mode dynamic desirable
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/20
switchport mode dynamic desirable
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/21
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,2,22,28
switchport mode trunk
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/22
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,22-24,26
switchport mode trunk
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/23
switchport mode dynamic desirable
ip arp inspection limit none
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
!
interface FastEthernet0/24
switchport trunk encapsulation dot1q
switchport mode trunk
storm-control broadcast level 10.00 5.00
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input VB
ip dhcp snooping trust
!
interface GigabitEthernet0/1
switchport mode dynamic desirable
!
interface GigabitEthernet0/2
no switchport
ip arp inspection trust
ip address 172.16.3.2 255.255.255.252
speed nonegotiate
wrr-queue bandwidth 50 25 25 1
wrr-queue cos-map 1 0 1 2 4 6
wrr-queue cos-map 2 3
wrr-queue cos-map 3 5
wrr-queue cos-map 4 7
priority-queue out
service-policy input PB
!
interface Vlan1
description default
ip address 172.16.11.254 255.255.252.0
!
interface Vlan2
description Managment
no ip address
!
interface Vlan20
ip address 10.1.0.2 255.255.0.0
ip access-group Kiselevka1 in
ip helper-address 172.16.2.2
!
interface Vlan21
ip address 10.2.0.2 255.255.0.0
ip access-group Kiselevka2 in
ip helper-address 172.16.2.2
!
interface Vlan22
ip address 10.3.1.1 255.255.255.192
!
interface Vlan23
description KiselClients10-5-5
ip address 10.5.5.1 255.255.255.0
ip access-group HomeClients-24 in
ip helper-address 172.16.2.2
!
interface Vlan24
description description KiselClients10-5-6
ip address 10.5.6.1 255.255.255.0
ip access-group HomeClients-24 in
ip helper-address 172.16.2.2
!
interface Vlan25
description BauMarket
ip address 10.3.1.113 255.255.255.252
!
interface Vlan27
ip address 10.5.4.1 255.255.255.0
ip access-group HomeClients-24 in
ip helper-address 172.16.2.2
!
router rip
version 2
network 10.0.0.0
network 172.16.0.0
!
ip classless
ip forward-protocol udp bootpc
ip forward-protocol udp bootps
ip route 192.168.254.0 255.255.255.0 172.16.3.1
no ip http server
no ip http secure-server
!
!
ip access-list extended HomeClients-16
permit tcp any host 172.16.2.2 eq www 443
permit udp any host 172.16.2.2 eq domain
permit udp any any eq bootpc
permit udp any any eq bootps
permit icmp any any
deny ip 10.0.213.0 0.255.0.255 any
permit tcp any host 172.16.2.2 range 10050 10180
permit tcp any host 172.16.2.10 eq 1723
permit gre any host 172.16.2.10
permit tcp any host 172.16.2.2 eq 6667 9997 411 smtp pop3 ftp ftp-data
permit ip any 172.16.5.0 0.0.0.255
permit tcp any any eq 4000
permit tcp any eq 4000 any
permit udp any any eq 4200
permit udp any eq 4200 any
permit udp any host 172.16.2.10 eq ntp
permit tcp any host 10.1.25.32 eq www ftp ftp-data
ip access-list extended HomeClients-24
permit tcp any host 172.16.2.2 eq www 443
permit udp any host 172.16.2.2 eq domain
permit udp any any eq bootpc
permit udp any any eq bootps
permit icmp any any
deny ip 10.0.0.200 0.255.255.55 any
permit tcp any host 172.16.2.2 range 10050 10180
permit tcp any host 172.16.2.10 eq 1723
permit gre any host 172.16.2.10
permit tcp any host 172.16.2.2 eq 6667 9997 411 smtp pop3 ftp ftp-data
permit ip any 172.16.5.0 0.0.0.255
permit tcp any any eq 4000
permit tcp any eq 4000 any
permit udp any any eq 4200
permit udp any eq 4200 any
permit udp any host 172.16.2.10 eq ntp
permit tcp any host 10.1.25.32 eq www ftp ftp-data
ip access-list extended Kiselevka1
permit ip host 10.1.1.42 any
permit tcp any any established
permit tcp 10.1.0.0 0.0.255.255 host 172.16.2.2 eq www 443
permit udp 10.1.0.0 0.0.255.255 host 172.16.2.2 eq domain
deny ip 10.0.213.0 0.255.0.255 any
deny ip 10.1.213.0 0.0.0.255 any log
deny ip any 10.0.213.0 0.255.0.255
permit tcp any host 172.16.2.2 eq 6697
permit ip 10.1.0.0 0.0.255.255 10.2.0.0 0.0.255.255
permit ip 10.1.0.0 0.0.255.255 172.16.5.0 0.0.0.127
permit tcp 10.1.0.0 0.0.255.255 host 172.16.2.10 eq 1723
permit gre 10.1.0.0 0.0.255.255 host 172.16.2.10
permit tcp any any eq 4000
permit tcp any eq 4000 any
permit udp any any eq 4200
permit tcp 10.1.0.0 0.0.255.255 host 172.16.2.2 eq ftp-data ftp
permit tcp 10.1.0.0 0.0.255.255 host 172.16.2.2 range 10050 10180
permit tcp 10.1.0.0 0.0.255.255 host 172.16.2.2 eq 6667 smtp pop3 log-input
permit tcp 10.1.0.0 0.0.255.255 host 172.16.2.3 eq www
permit tcp 10.1.0.0 0.0.255.255 host 172.16.2.2 eq 411
permit udp any any eq bootpc bootps
permit icmp any any
permit tcp host 10.1.8.88 host 172.16.2.1 eq www 443
permit tcp 10.1.0.0 0.0.255.255 host 172.16.2.10 eq 123
permit udp 10.1.0.0 0.0.255.255 host 172.16.2.10 eq ntp
permit tcp host 10.1.8.88 host 172.16.2.1 eq 3306
permit udp any eq 4200 any
permit tcp host 10.1.1.42 host 172.16.2.2 eq 411
permit tcp host 10.1.1.64 host 172.16.2.254 eq 22
permit tcp host 10.1.1.64 host 172.16.2.2 eq 22
permit tcp host 10.1.1.64 host 172.16.2.10 eq 22
permit tcp host 10.1.1.42 host 172.16.2.254 eq 22
permit tcp host 10.1.1.42 host 172.16.2.2 eq 22
permit tcp host 10.1.1.42 host 172.16.2.10 eq 22
permit tcp host 10.1.1.64 host 172.16.2.1 eq www 443
permit tcp host 10.1.1.42 host 172.16.3.2 eq 22
permit tcp host 10.1.1.64 host 172.16.3.2 eq 22
ip access-list extended Kiselevka2
permit tcp 10.2.0.0 0.0.255.255 host 172.16.2.2 eq www 443
permit udp 10.2.0.0 0.0.255.255 host 172.16.2.2 eq domain
deny ip 10.2.213.0 0.0.0.255 any
permit ip 10.2.0.0 0.0.255.255 10.1.0.0 0.0.255.255
permit ip 10.2.0.0 0.0.255.255 172.16.5.0 0.0.0.127
permit tcp 10.2.0.0 0.0.255.255 host 172.16.2.10 eq 1723
permit gre 10.2.0.0 0.0.255.255 host 172.16.2.10
permit tcp any any eq 4000
permit tcp any eq 4000 any
permit udp any any eq 4200
permit tcp 10.2.0.0 0.0.255.255 host 172.16.2.2 eq ftp-data ftp
permit tcp 10.2.0.0 0.0.255.255 host 172.16.2.2 range 10050 10180
permit tcp 10.2.0.0 0.0.255.255 host 172.16.2.2 eq 6667 smtp pop3
permit tcp 10.2.0.0 0.0.255.255 host 172.16.2.3 eq www
permit udp any any eq bootpc bootps
permit tcp 10.2.0.0 0.0.255.255 host 172.16.2.2 eq 411
permit icmp any any
permit udp 10.2.0.0 0.0.255.255 host 172.16.2.10 eq ntp
ip access-list extended QoS_Critical
permit tcp 172.16.1.0 0.0.0.255 eq 22 telnet www any
permit tcp any eq 22 telnet www 172.16.1.0 0.0.0.255
permit tcp 172.16.2.0 0.0.0.255 eq 22 telnet www any
permit tcp any eq 22 telnet www 172.16.2.0 0.0.0.255
permit udp any any eq bootpc bootps
permit udp any eq bootpc bootps any
ip access-list extended QoS_Internet
permit tcp any host 172.16.2.10 eq 1723
permit tcp host 172.16.2.10 eq 1723 any
permit gre any host 172.16.2.10
permit gre host 172.16.2.10 any
ip access-list extended QoS_Punk
permit tcp any any eq 4000
permit tcp any eq 4000 any
permit udp any any eq 4200
permit tcp any host 172.16.2.2 eq ftp-data ftp
permit tcp any host 172.16.2.2 range 10050 10180
permit udp any eq 4200 any
ip access-list extended QoS_WEB
permit tcp any host 172.16.2.2 eq domain
permit tcp host 172.16.2.2 eq domain any
permit tcp any host 172.16.2.2 eq www 443 6667
permit tcp host 172.16.2.2 eq www 443 6667 any
permit tcp any host 172.16.2.10 eq 123
permit tcp host 172.16.2.10 eq 123 any
permit icmp any any
permit ip 172.16.5.0 0.0.0.255 any
permit ip any 172.16.5.0 0.0.0.255
permit tcp any host 172.16.2.2 eq 411
permit tcp host 172.16.2.2 eq 411 any
!
snmp-server community test RW
snmp-server host 172.16.2.100 test
radius-server source-ports 1645-1646
!
control-plane!
line con 0
line vty 0 4
password 7
line vty 5 15
password 7
!
ntp clock-period 17180357
ntp server 172.16.2.10
end
Я вот стал менять 2950 на 3550 и сталкнулся с такой же проблемой!
Не работают ACL и из-за них же, наверно, не работает policy-mapпомагите решить
>Я вот стал менять 2950 на 3550 и сталкнулся с такой же
>проблемой!
>Не работают ACL и из-за них же, наверно, не работает policy-map
>
>помагите решитьВообщем, как выяснилось это баг IOS'а. Мы взяли на нее (циску 3550) тех. поддержку и слили решать эту проблему туда. Где-то около полугода мы давали информацию которую у нас запрашивали, когда они поняли что проблема не тривиальна, они запросили к ней (к циске) прямой доступ, что собственно мы им и организовали, они убедились что проблема имеет место быть :). Потом они пытались смоделировать такую же ситуацию у себя в лаборатории у них не получилось, в начале они грешили на то что у нас типа трафик какой-то особенный передается... цисковский спец из их тех поддержки уже писал нам что инженеры сами не понимают в чем проблема и голову сломали, и что это история по его мнению должна попасть в историю корпорации Cisco ))) вообщем им там всем интересно где собака порылась. Нам даже звонил один из разработчиков IOS'a по русски парень разговаривал :) ).
Вообщем я уже потом в армию успел съездить на месячные сборы, и сразу как приехал нам сообщили что нашли багу в коде реализующего QOS, и что должны скоро выпустить релиз в котором все будет поправлено, это было 4 августа, сейчас вот уже 21 октября а новостей все нет... блин эпопея какая-то получилась... мы в отеделе уже скоро будем отмечать ровно год решения это проблемы :)
Нам сообщили что этой баге дали следующий номер - CSCsq53204. Можете посмотреть информацию по нему в BugToolkit-еДля вас существует два решения проблемы:
1) Быстрый способ. Поставить более старую версию IOS где-то апрельские релизы 2007 года а может и старше
2) Медленный способ. Подождать пока выпустят свежую версию IOS в которой вышеупомянутый баг будет удален... точных сроков не скажу, но по идее должно быть скоро.
3) Комбинация первого и второго способа )) Ставить старую ОИС, потом как новую выпустят переходить на нее
Удачи!
>Для вас существует два решения проблемы:
>1) Быстрый способ. Поставить более старую версию IOS где-то апрельские релизы 2007
>года а может и старше
>2) Медленный способ. Подождать пока выпустят свежую версию IOS в которой вышеупомянутый
>баг будет удален... точных сроков не скажу, но по идее должно
>быть скоро.
>3) Комбинация первого и второго способа )) Ставить старую ОИС, потом как
>новую выпустят переходить на нее
>Удачи!Спасибо за информацию!
Я вот попробовал Cisco IOS Software, C3550 Software (C3550-IPSERVICESK9-M), Version 12.2(25)SEE3, RELEASE SOFTWARE (fc2) и чё то вроде так же не работает...
Не подскажете какую именно прошивку вы проверяли из старых?
>[оверквотинг удален]
>>баг будет удален... точных сроков не скажу, но по идее должно
>>быть скоро.
>>3) Комбинация первого и второго способа )) Ставить старую ОИС, потом как
>>новую выпустят переходить на нее
>>Удачи!
>
>Спасибо за информацию!
>Я вот попробовал Cisco IOS Software, C3550 Software (C3550-IPSERVICESK9-M), Version 12.2(25)SEE3, RELEASE
>SOFTWARE (fc2) и чё то вроде так же не работает...
>Не подскажете какую именно прошивку вы проверяли из старых?Недавно нам ответил саппорт Cisco, сообщили что версия ИОС с исправленным багом выйдет в январе в версии 12.2(50).
Насколько я помню этого бага нету в версии 12.2(25)SEE если и там не будет работать то ставьте еще более старую прошивку.