URL: https://www.opennet.me/cgi-bin/openforum/vsluhboard.cgi
Форум: vsluhforumID6
Нить номер: 23144
[ Назад ]

Исходное сообщение
"Cisco 2950 - 3560 - 2801"
Отправлено Stingray , 26-Сен-11 13:47

Возникла проблема - трафик vlan идет на 2801, хотя должен маршрутизироваться силами 3560. Конфиги вроде как правильные, сделано по cisco.com. Но на деле на роутере выходит иначе:
KRV1RTR01#sh ip ca fl | i K
Fa0/0         10.61.2.185     Fa0/0         10.61.2.34      06 0F92 15BE   139K
Fa0/0         10.61.2.185     Fa0/0*        10.61.2.34      06 0F92 15BE   139K
Fa0/0         10.61.2.201     Fa0/0*        10.61.2.34      06 1213 15BE   381K
Fa0/0         10.61.2.201     Null          10.61.2.34      06 1213 15BE   381K
Fa0/0         10.61.2.226     Fa0/0         10.61.2.34      06 0619 15BE   378K
Fa0/0         10.61.2.226     Fa0/0*        10.61.2.34      06 0619 15BE   378K
Куда копать, уважаемые?

Содержание

Cisco 2950 - 3560 - 2801,rakis, 16:37 , 26-Сен-11
- Cisco 2950 - 3560 - 2801,Stingray, 16:48 , 26-Сен-11
  - Cisco 2950 - 3560 - 2801,rakis, 21:14 , 26-Сен-11
    - Cisco 2950 - 3560 - 2801,Stingray, 23:05 , 26-Сен-11

Сообщения в этом обсуждении

"Cisco 2950 - 3560 - 2801"
Отправлено rakis , 26-Сен-11 16:37

Пришлите пожалуйста вывод команд с 3560:
sh cdp nei
sh ip int bri
sh vl bri
sh ip rou 0.0.0.0

"Cisco 2950 - 3560 - 2801"
Отправлено Stingray , 26-Сен-11 16:48

> Пришлите пожалуйста вывод команд с 3560:
> sh cdp nei
> sh ip int bri
> sh vl bri
> sh ip rou 0.0.0.0
Пожалуйста:
krv1swt01#sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
                  D - Remote, C - CVTA, M - Two-port Mac Relay
Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
krv1swt2         Gig 0/5           126              S I   WS-C2960- Gig 0/4
KRV1RTR01.fnm.loc
                 Gig 0/12          124             R S I  2801      Fas 0/0
krv1swt01#sh ip int bri
Interface              IP-Address      OK? Method Status                Protocol
Vlan1                  unassigned      YES NVRAM  administratively down down
Vlan10                 10.61.2.1       YES NVRAM  up                    up
Vlan20                 10.61.4.1       YES NVRAM  up                    up
Vlan30                 10.61.8.1       YES NVRAM  up                    up
GigabitEthernet0/1     unassigned      YES NVRAM  down                  down
GigabitEthernet0/2     unassigned      YES unset  down                  down
GigabitEthernet0/3     unassigned      YES unset  up                    up
GigabitEthernet0/4     unassigned      YES unset  up                    up
GigabitEthernet0/5     unassigned      YES unset  up                    up
GigabitEthernet0/6     unassigned      YES unset  up                    up
GigabitEthernet0/7     unassigned      YES unset  down                  down
GigabitEthernet0/8     unassigned      YES unset  up                    up
GigabitEthernet0/9     unassigned      YES unset  up                    up
GigabitEthernet0/10    unassigned      YES unset  up                    up
GigabitEthernet0/11    unassigned      YES unset  up                    up
GigabitEthernet0/12    unassigned      YES unset  up                    up
GigabitEthernet0/13    unassigned      YES unset  up                    up
GigabitEthernet0/14    unassigned      YES unset  up                    up
GigabitEthernet0/15    unassigned      YES unset  up                    up
GigabitEthernet0/16    unassigned      YES unset  up                    up
GigabitEthernet0/17    unassigned      YES unset  down                  down
GigabitEthernet0/18    unassigned      YES unset  down                  down
GigabitEthernet0/19    unassigned      YES unset  down                  down
GigabitEthernet0/20    unassigned      YES unset  down                  down
GigabitEthernet0/21    unassigned      YES unset  down                  down
GigabitEthernet0/22    unassigned      YES unset  down                  down
GigabitEthernet0/23    unassigned      YES unset  down                  down
GigabitEthernet0/24    unassigned      YES unset  down                  down
GigabitEthernet0/25    unassigned      YES unset  down                  down
GigabitEthernet0/26    unassigned      YES unset  down                  down
GigabitEthernet0/27    unassigned      YES unset  down                  down
GigabitEthernet0/28    unassigned      YES unset  down                  down
krv1swt01#sh vl bri
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Gi0/4, Gi0/25, Gi0/26, Gi0/27, Gi0/28
10   LAN                              active    Gi0/2, Gi0/3, Gi0/6, Gi0/7, Gi0/8, Gi0/9, Gi0/10, Gi0/12, Gi0/13, Gi0/14, Gi0/15, Gi0/16, Gi0/17, Gi0/18
                                                Gi0/19, Gi0/20, Gi0/21, Gi0/22, Gi0/23, Gi0/24
20   WiFi                             active
30   VoIP                             active
1002 fddi-default                     act/unsup
1003 trcrf-default                    act/unsup
1004 fddinet-default                  act/unsup
1005 trbrf-default                    act/unsup
krv1swt01#sh ip rou 0.0.0.0
Routing entry for 0.0.0.0/0, supernet
  Known via "static", distance 1, metric 0, candidate default path
  Routing Descriptor Blocks:
  * 10.61.2.2, permanent
      Route metric is 0, traffic share count is 1

"Cisco 2950 - 3560 - 2801"
Отправлено rakis , 26-Сен-11 21:14

можете еще прислать конфиги Gi0/5 и Gi0/12 c 3560?
и описать, вкратце, что хотите настроить в итоге?
2950 (User Access) - 3560 (Core/Distribution/Inter VLAN Routing) - 2801 - Internet
так?

"Cisco 2950 - 3560 - 2801"
Отправлено Stingray , 26-Сен-11 23:05

> можете еще прислать конфиги Gi0/5 и Gi0/12 c 3560?
> и описать, вкратце, что хотите настроить в итоге?
> 2950 (User Access) - 3560 (Core/Distribution/Inter VLAN Routing) - 2801 - Internet
> так?
Да, именно так - проблема оказалась в ip local-proxy-arp
После no ip local-proxy-arp и ip redirects на fa0/0 2801 трафик стал нормально идти через 3560
Всё это писано в гайде циско:
Usage Guidelines
The local proxy ARP feature allows the Multilayer Switching Feature Card (MSFC) to respond to ARP requests for IP addresses within a subnet where normally no routing is required. With the local proxy ARP feature enabled, the MSFC responds to all ARP requests for IP addresses within the subnet and forwards all traffic between hosts in the subnet. Use this feature only on subnets where hosts are intentionally prevented from communicating directly to the Catalyst 6500 series switch on which they are connected.
Before the local proxy ARP feature can be used, the IP proxy ARP feature must be enabled. The IP proxy ARP feature is enabled by default.
Internet Control Message Protocol (ICMP) redirects are disabled on interfaces where the local proxy ARP feature is enabled.
Конфиг Gi0/5 и Gi0/12:
interface GigabitEthernet0/12
description uplink_2801
switchport access vlan 10
duplex full
interface GigabitEthernet0/5
description dnlink to 2950
switchport trunk encapsulation dot1q
switchport mode trunk
speed 1000
duplex full