Есть Cisco 1760. Информация о версии IOS и пр. ниже. На FastEthernet0/0 локальная сетка вида 192.168.0.1/255.255.255.0, на Ethernet0/0 внешний мир. Периодически отваливается связь с внешним миром. Помогает reload, но ведб это не выход? Что можно сделать/посмотреть, сконфигурировать дополнительно?#sh ver
Cisco Internetwork Operating System Software
IOS (tm) C1700 Software (C1700-K9O3SY7-M), Version 12.2(15)T14, RELEASE SOFTWARE (fc4)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2004 by cisco Systems, Inc.
Compiled Fri 27-Aug-04 22:21 by cmong
Image text-base: 0x80008120, data-base: 0x80FC3BBCROM: System Bootstrap, Version 12.2(7r)XM2, RELEASE SOFTWARE (fc1)
ROM: C1700 Software (C1700-K9O3SY7-M), Version 12.2(15)T14, RELEASE SOFTWARE (fc4)xxxxx uptime is 3 hours, 30 minutes
System returned to ROM by reload
System image file is "flash:ios.bin"cisco 1760 (MPC860P) processor (revision 0x500) with 83114K/15190K bytes of memory.
Processor board ID FOC0905321N (354283980), with hardware revision 0000
MPC860P processor: part number 5, mask 2
Bridging software.
X.25 software, Version 3.0.0.
2 Ethernet/IEEE 802.3 interface(s)
1 FastEthernet/IEEE 802.3 interface(s)
1 Virtual Private Network (VPN) Module(s)
32K bytes of non-volatile configuration memory.
32768K bytes of processor board System flash (Read/Write)Configuration register is 0x2102
#sh run
Current configuration : 2040 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname xxxxx
!
logging queue-limit 100
!
ip subnet-zero
!
!
no ip domain lookup
ip name-server 212.44.130.6
ip name-server 195.68.135.5
ip name-server 192.168.0.2
!
ip audit notify log
ip audit po max-events 100
!
!
!
!
!
!
!
interface Tunnel1000
ip address 192.168.250.1 255.255.255.252
tunnel source yy.yy.yy.yy
tunnel destination xx.xx.xx.xx
tunnel mode ipip
!
interface Tunnel1001
ip address 192.168.251.1 255.255.255.252
tunnel source yy.yy.yy.yy
tunnel destination xx1.xx1.xx1.xx1
tunnel mode ipip
!
interface Tunnel1002
ip address 192.168.252.1 255.255.255.252
tunnel source yy.yy.yy.yy
tunnel destination xx2.xx2.xx2.xx2
tunnel mode ipip
!
interface Tunnel1003
ip address 192.168.253.1 255.255.255.252
tunnel source yy.yy.yy.yy
tunnel destination xx3.xx3.xx3.xx3
tunnel mode ipip
!
interface Ethernet0/0
ip address yy.yy.yy.yy 255.255.255.252
ip nat outside
no ip mroute-cache
half-duplex
no cdp enable
!
interface FastEthernet0/0
ip address 192.168.0.1 255.255.255.0
ip nat inside
no ip mroute-cache
speed auto
full-duplex
no cdp enable
!
interface Ethernet1/0
no ip address
no ip mroute-cache
shutdown
half-duplex
no cdp enable
!
ip nat inside source list 1 interface Ethernet0/0 overload
ip nat inside source static tcp 192.168.0.z zzzz yy.yy.yy.yy zzzz extendable no-alias
ip classless
ip route 0.0.0.0 0.0.0.0 yy.yy.yy.yy1
ip route 192.168.1.0 255.255.255.0 Tunnel1000
ip route 192.168.2.0 255.255.255.0 Tunnel1003
ip route 192.168.3.0 255.255.255.0 Tunnel1001
ip route 192.168.4.0 255.255.255.0 Tunnel1002
no ip http server
no ip http secure-server
!
!
!
access-list 1 permit 192.168.0.0 0.0.0.255
no cdp run
!
!
end
Для начала опишите, куда подключен fa0/0 и покажите sh int fa0/0 ДО и ПОСЛЕ отваливания внешнего мира.
>Для начала опишите, куда подключен fa0/0 и покажите sh int fa0/0 ДО
>и ПОСЛЕ отваливания внешнего мира.
В описании проблемы ошибся...fa0/0 подключён в локальную сеть - 192.168.0.0/255.255.255.0
#sh int fa0/0
FastEthernet0/0 is up, line protocol is up
Hardware is PQUICC_FEC, address is 0012.430c.da32 (bia 0012.430c.da32)
Internet address is 192.168.0.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 160000 bits/sec, 84 packets/sec
5 minute output rate 100000 bits/sec, 73 packets/sec
940597 packets input, 410582061 bytes
Received 5588 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
939412 packets output, 236727461 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped outа вот eth0/0 во внешний мир...
Состояние ДОEthernet0/0 is up, line protocol is up
Hardware is PQUICC Ethernet, address is 0004.dc0c.eab3 (bia 0004.dc0c.eab3)
Internet address is yy.yy.yy.yy/30
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
reliability 255/255, txload 3/255, rxload 2/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Half-duplex, 10BaseT
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:03, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 74
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 92000 bits/sec, 69 packets/sec
5 minute output rate 143000 bits/sec, 73 packets/sec
931439 packets input, 247198107 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
929805 packets output, 419832399 bytes, 0 underruns
0 output errors, 97074 collisions, 0 interface resets
0 babbles, 0 late collision, 9722 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped outСостояние ПОСЛЕ
пока нет....
Есть!
Ethernet0/0 is up, line protocol is up
Hardware is PQUICC Ethernet, address is 0004.dc0c.eab3 (bia 0004.dc0c.eab3)
Internet address is yy.yy.yy.yy/30
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
reliability 255/255, txload 19/255, rxload 4/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Half-duplex, 10BaseT
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:01:11, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 2773
Queueing strategy: fifo
Output queue: 40/40 (size/max)
5 minute input rate 167000 bits/sec, 87 packets/sec
5 minute output rate 762000 bits/sec, 111 packets/sec
977266 packets input, 262298357 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
1 input errors, 0 CRC, 0 frame, 0 overrun, 1 ignored
0 input packets with dribble condition detected
983491 packets output, 465432321 bytes, 0 underruns
0 output errors, 109291 collisions, 0 interface resets
0 babbles, 0 late collision, 10165 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped outПричём это состояние - недоступности линка, возникает практически всегда при наличии большого исходящего трафика в каком-либо из тунеллей. (копирую компакт диск по сети из одного филиала в другой...)
>>Для начала опишите, куда подключен fa0/0 и покажите sh int fa0/0 ДО
>>и ПОСЛЕ отваливания внешнего мира.
>В описании проблемы ошибся...
>
>fa0/0 подключён в локальную сеть - 192.168.0.0/255.255.255.0
>
>#sh int fa0/0
>FastEthernet0/0 is up, line protocol is up
> Hardware is PQUICC_FEC, address is 0012.430c.da32 (bia 0012.430c.da32)
> Internet address is 192.168.0.1/24
> MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
> reliability 255/255, txload 1/255, rxload 1/255
> Encapsulation ARPA, loopback not set
> Keepalive set (10 sec)
> Full-duplex, 100Mb/s, 100BaseTX/FX
> ARP type: ARPA, ARP Timeout 04:00:00
> Last input 00:00:00, output 00:00:00, output hang never
> Last clearing of "show interface" counters never
> Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
> Queueing strategy: fifo
> Output queue: 0/40 (size/max)
> 5 minute input rate 160000 bits/sec, 84 packets/sec
> 5 minute output rate 100000 bits/sec, 73 packets/sec
> 940597 packets input, 410582061 bytes
> Received 5588 broadcasts, 0 runts, 0 giants,
>0 throttles
> 0 input errors, 0 CRC, 0 frame,
>0 overrun, 0 ignored
> 0 watchdog
> 0 input packets with dribble condition detected
>
> 939412 packets output, 236727461 bytes, 0 underruns
>
> 0 output errors, 0 collisions, 1 interface
>resets
> 0 babbles, 0 late collision, 0 deferred
>
> 0 lost carrier, 0 no carrier
> 0 output buffer failures, 0 output buffers
>swapped out
>
>а вот eth0/0 во внешний мир...
>Состояние ДО
>
>Ethernet0/0 is up, line protocol is up
> Hardware is PQUICC Ethernet, address is 0004.dc0c.eab3 (bia 0004.dc0c.eab3)
> Internet address is yy.yy.yy.yy/30
> MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
> reliability 255/255, txload 3/255, rxload 2/255
> Encapsulation ARPA, loopback not set
> Keepalive set (10 sec)
> Half-duplex, 10BaseT
> ARP type: ARPA, ARP Timeout 04:00:00
> Last input 00:00:03, output 00:00:00, output hang never
> Last clearing of "show interface" counters never
> Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 74
> Queueing strategy: fifo
> Output queue: 0/40 (size/max)
> 5 minute input rate 92000 bits/sec, 69 packets/sec
> 5 minute output rate 143000 bits/sec, 73 packets/sec
> 931439 packets input, 247198107 bytes, 0 no
>buffer
> Received 0 broadcasts, 0 runts, 0 giants,
>0 throttles
> 0 input errors, 0 CRC, 0 frame,
>0 overrun, 0 ignored
> 0 input packets with dribble condition detected
>
> 929805 packets output, 419832399 bytes, 0 underruns
>
> 0 output errors, 97074 collisions, 0 interface
>resets
> 0 babbles, 0 late collision, 9722 deferred
>
> 0 lost carrier, 0 no carrier
> 0 output buffer failures, 0 output buffers
>swapped out
>
>Состояние ПОСЛЕ
>пока нет....
>Есть!
>Ethernet0/0 is up, line protocol is up
> Hardware is PQUICC Ethernet, address is 0004.dc0c.eab3 (bia 0004.dc0c.eab3)
> Internet address is yy.yy.yy.yy/30
> MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
> reliability 255/255, txload 19/255, rxload 4/255
> Encapsulation ARPA, loopback not set
> Keepalive set (10 sec)
> Half-duplex, 10BaseT
> ARP type: ARPA, ARP Timeout 04:00:00
> Last input 00:00:00, output 00:01:11, output hang never
> Last clearing of "show interface" counters never
> Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 2773
> Queueing strategy: fifo
> Output queue: 40/40 (size/max)
> 5 minute input rate 167000 bits/sec, 87 packets/sec
> 5 minute output rate 762000 bits/sec, 111 packets/sec
> 977266 packets input, 262298357 bytes, 0 no
>buffer
> Received 0 broadcasts, 0 runts, 0 giants,
>0 throttles
> 1 input errors, 0 CRC, 0 frame,
>0 overrun, 1 ignored
> 0 input packets with dribble condition detected
>
> 983491 packets output, 465432321 bytes, 0 underruns
>
> 0 output errors, 109291 collisions, 0 interface
>resets
> 0 babbles, 0 late collision, 10165 deferred
>
> 0 lost carrier, 0 no carrier
> 0 output buffer failures, 0 output buffers
>swapped out
>
>Причём это состояние - недоступности линка, возникает практически всегда при наличии большого
>исходящего трафика в каком-либо из тунеллей. (копирую компакт диск по сети
>из одного филиала в другой...)Уверены, что отваливается именно ethernet,а не туннели?
sh buffers покажите в момент отвала
>>>Для начала опишите, куда подключен fa0/0 и покажите sh int fa0/0 ДО
>>>и ПОСЛЕ отваливания внешнего мира.
>>В описании проблемы ошибся...
>>
>>fa0/0 подключён в локальную сеть - 192.168.0.0/255.255.255.0
>>
>>#sh int fa0/0
>>FastEthernet0/0 is up, line protocol is up
>> Hardware is PQUICC_FEC, address is 0012.430c.da32 (bia 0012.430c.da32)
>> Internet address is 192.168.0.1/24
>> MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
>> reliability 255/255, txload 1/255, rxload 1/255
>> Encapsulation ARPA, loopback not set
>> Keepalive set (10 sec)
>> Full-duplex, 100Mb/s, 100BaseTX/FX
>> ARP type: ARPA, ARP Timeout 04:00:00
>> Last input 00:00:00, output 00:00:00, output hang never
>> Last clearing of "show interface" counters never
>> Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
>> Queueing strategy: fifo
>> Output queue: 0/40 (size/max)
>> 5 minute input rate 160000 bits/sec, 84 packets/sec
>> 5 minute output rate 100000 bits/sec, 73 packets/sec
>> 940597 packets input, 410582061 bytes
>> Received 5588 broadcasts, 0 runts, 0 giants,
>>0 throttles
>> 0 input errors, 0 CRC, 0 frame,
>>0 overrun, 0 ignored
>> 0 watchdog
>> 0 input packets with dribble condition detected
>>
>> 939412 packets output, 236727461 bytes, 0 underruns
>>
>> 0 output errors, 0 collisions, 1 interface
>>resets
>> 0 babbles, 0 late collision, 0 deferred
>>
>> 0 lost carrier, 0 no carrier
>> 0 output buffer failures, 0 output buffers
>>swapped out
>>
>>а вот eth0/0 во внешний мир...
>>Состояние ДО
>>
>>Ethernet0/0 is up, line protocol is up
>> Hardware is PQUICC Ethernet, address is 0004.dc0c.eab3 (bia 0004.dc0c.eab3)
>> Internet address is yy.yy.yy.yy/30
>> MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
>> reliability 255/255, txload 3/255, rxload 2/255
>> Encapsulation ARPA, loopback not set
>> Keepalive set (10 sec)
>> Half-duplex, 10BaseT
>> ARP type: ARPA, ARP Timeout 04:00:00
>> Last input 00:00:03, output 00:00:00, output hang never
>> Last clearing of "show interface" counters never
>> Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 74
>> Queueing strategy: fifo
>> Output queue: 0/40 (size/max)
>> 5 minute input rate 92000 bits/sec, 69 packets/sec
>> 5 minute output rate 143000 bits/sec, 73 packets/sec
>> 931439 packets input, 247198107 bytes, 0 no
>>buffer
>> Received 0 broadcasts, 0 runts, 0 giants,
>>0 throttles
>> 0 input errors, 0 CRC, 0 frame,
>>0 overrun, 0 ignored
>> 0 input packets with dribble condition detected
>>
>> 929805 packets output, 419832399 bytes, 0 underruns
>>
>> 0 output errors, 97074 collisions, 0 interface
>>resets
>> 0 babbles, 0 late collision, 9722 deferred
>>
>> 0 lost carrier, 0 no carrier
>> 0 output buffer failures, 0 output buffers
>>swapped out
>>
>>Состояние ПОСЛЕ
>>пока нет....
>>Есть!
>>Ethernet0/0 is up, line protocol is up
>> Hardware is PQUICC Ethernet, address is 0004.dc0c.eab3 (bia 0004.dc0c.eab3)
>> Internet address is yy.yy.yy.yy/30
>> MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
>> reliability 255/255, txload 19/255, rxload 4/255
>> Encapsulation ARPA, loopback not set
>> Keepalive set (10 sec)
>> Half-duplex, 10BaseT
>> ARP type: ARPA, ARP Timeout 04:00:00
>> Last input 00:00:00, output 00:01:11, output hang never
>> Last clearing of "show interface" counters never
>> Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 2773
>> Queueing strategy: fifo
>> Output queue: 40/40 (size/max)
>> 5 minute input rate 167000 bits/sec, 87 packets/sec
>> 5 minute output rate 762000 bits/sec, 111 packets/sec
>> 977266 packets input, 262298357 bytes, 0 no
>>buffer
>> Received 0 broadcasts, 0 runts, 0 giants,
>>0 throttles
>> 1 input errors, 0 CRC, 0 frame,
>>0 overrun, 1 ignored
>> 0 input packets with dribble condition detected
>>
>> 983491 packets output, 465432321 bytes, 0 underruns
>>
>> 0 output errors, 109291 collisions, 0 interface
>>resets
>> 0 babbles, 0 late collision, 10165 deferred
>>
>> 0 lost carrier, 0 no carrier
>> 0 output buffer failures, 0 output buffers
>>swapped out
>>
>>Причём это состояние - недоступности линка, возникает практически всегда при наличии большого
>>исходящего трафика в каком-либо из тунеллей. (копирую компакт диск по сети
>>из одного филиала в другой...)
>
>Уверены, что отваливается именно ethernet,а не туннели?
>
>sh buffers покажите в момент отвалавот именно что eth0/0... ни один внешний адрес, даже шлюз провайдера ПОСЛЕ не пингуется..., что уж тут говорить о тунелях...
настораживает эта цифра Total output drops: 2773
может действительно буферы...
>настораживает эта цифра Total output drops: 2773
>может действительно буферы...#sh buffers
Buffer elements:
458 in free list (500 max allowed)
29815 hits, 0 misses, 0 createdPublic buffer pools:
Small buffers, 104 bytes (total 62, permanent 50, peak 62 @ 00:33:35):
51 in free list (20 min, 150 max allowed)
20717 hits, 10 misses, 0 trims, 12 created
0 failures (0 no memory)
Middle buffers, 600 bytes (total 31, permanent 25, peak 31 @ 00:33:32):
29 in free list (10 min, 150 max allowed)
4081 hits, 2 misses, 0 trims, 6 created
0 failures (0 no memory)
Big buffers, 1536 bytes (total 50, permanent 50):
50 in free list (5 min, 150 max allowed)
4128 hits, 0 misses, 0 trims, 0 created
0 failures (0 no memory)
VeryBig buffers, 4520 bytes (total 10, permanent 10):
10 in free list (0 min, 100 max allowed)
0 hits, 0 misses, 0 trims, 0 created
0 failures (0 no memory)
Large buffers, 5024 bytes (total 0, permanent 0):
0 in free list (0 min, 10 max allowed)
0 hits, 0 misses, 0 trims, 0 created
0 failures (0 no memory)
Huge buffers, 18024 bytes (total 0, permanent 0):
0 in free list (0 min, 4 max allowed)
0 hits, 0 misses, 0 trims, 0 created
0 failures (0 no memory)Header pools:
Header buffers, 0 bytes (total 137, permanent 128, peak 137 @ 00:33:48):
9 in free list (10 min, 512 max allowed)
125 hits, 3 misses, 0 trims, 9 created
0 failures (0 no memory)
128 max cache size, 94 in cache
1287 hits in cache, 0 misses in cacheParticle Clones:
1024 clones, 8 hits, 0 missesPublic particle pools:
F/S buffers, 256 bytes (total 384, permanent 384):
128 in free list (128 min, 1024 max allowed)
257 hits, 0 misses, 0 trims, 0 created
0 failures (0 no memory)
256 max cache size, 214 in cache
13155 hits in cache, 0 misses in cache
Normal buffers, 1548 bytes (total 512, permanent 512):
240 in free list (128 min, 1024 max allowed)
340 hits, 0 misses, 0 trims, 0 created
0 failures (0 no memory)
128 max cache size, 128 in cache
0 hits in cache, 0 misses in cachePrivate particle pools:
FastEthernet0/0 buffers, 1536 bytes (total 96, permanent 96):
0 in free list (0 min, 96 max allowed)
96 hits, 0 fallbacks
96 max cache size, 23 in cache
37955 hits in cache, 0 misses in cache
Ethernet0/0 buffers, 1548 bytes (total 32, permanent 32):
0 in free list (0 min, 32 max allowed)
32 hits, 0 fallbacks
32 max cache size, 16 in cache
34160 hits in cache, 20 misses in cache
Ethernet1/0 buffers, 1548 bytes (total 32, permanent 32):
0 in free list (0 min, 32 max allowed)
32 hits, 0 fallbacks
32 max cache size, 32 in cache
0 hits in cache, 0 misses in cache
C1700_EM buffers, 1548 bytes (total 129, permanent 129):
0 in free list (0 min, 129 max allowed)
129 hits, 0 fallbacks
129 max cache size, 129 in cache
0 hits in cache, 0 misses in cacheИнформация о буферах...
Недосмотрел:Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 2773
Queueing strategy: fifo
Output queue: 40/40 (size/max)на e0/0 забивается выходная очередь
шепните циске fair-queue на e0/0
а еще лучше настройте нормальный класс с fair-queue и wred
>Недосмотрел:
>
>Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 2773
>Queueing strategy: fifo
>Output queue: 40/40 (size/max)
>
>на e0/0 забивается выходная очередь
>
>шепните циске fair-queue на e0/0
>
>а еще лучше настройте нормальный класс с fair-queue и wredпремного благодарен, а не поделитесь ссылкой на rtfm по fair-queue и wred. мои знания по cisco оставляют желать лучшего...
policy-map out
class class-default
fair-queue
random-detect
random-detect exponential-weighting-constant 5
и int e0/0
service-policy output outТИпа того.. Мануал ищите на cisco.com, когда оно поднимется :-) У меня сейчас лежит..
>policy-map out
>class class-default
> fair-queue
> random-detect
> random-detect exponential-weighting-constant 5
>
>
>и int e0/0
>service-policy output out
>
>ТИпа того.. Мануал ищите на cisco.com, когда оно поднимется :-) У меня
>сейчас лежит..Big thanks. Работает, пока в первом варианте - fair-queue для eth0/0. Буду пытаться учить мат.часть...