>[оверквотинг удален]
>>сети не было!
>>
>>после перезагрузки все возвращается на круги своя и может работать так от
>>дня до недели, потом опять та же история!!
>>help!
>>
>>PS: pps в моменты аномалии сравнимо с pps в момент, когда загрузка
>>10% в среднем по порту 16-20 тысяч пакетов
>
>sh run с обоих коммутаторов coreSwitch#sh run
Building configuration...
Current configuration : 8921 bytes
!
! No configuration change since last restart
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname coreSwitch
!
enable password ..............
!
username ......... password ...............
no aaa new-model
clock timezone KRS 7
clock summer-time KRS recurring last Sun Mar 3:00 last Sun Oct 3:00
ip subnet-zero
ip routing
ip host vpn.atllan.ru ....................
ip host vpn2.atllan.ru ..............
ip name-server ............
!
no ip rcmd domain-lookup
ip rcmd rsh-enable
ip rcmd remote-host sha 192.168.2.200 root
!
!
!
no file verify auto
!
spanning-tree mode pvst
spanning-tree extend system-id
no spanning-tree vlan 1-1000
!
vlan internal allocation policy ascending
!
!
interface Loopback0
ip address ..............
!
interface Loopback1
ip address ...............
!
interface GigabitEthernet0/1
description link_to_router
switchport trunk encapsulation dot1q
switchport mode trunk
storm-control broadcast level 5.00
storm-control multicast level 5.00
random-detect
arp timeout 60
!
interface GigabitEthernet0/2
description link_to_catalyst1
switchport trunk encapsulation dot1q
switchport mode trunk
storm-control broadcast level 3.00
storm-control multicast level 5.00
random-detect
arp timeout 60
!
interface GigabitEthernet0/3
description link_to_catalyst2
switchport trunk encapsulation dot1q
switchport mode trunk
storm-control broadcast level 5.00
storm-control multicast level 5.00
random-detect
arp timeout 60
!
interface GigabitEthernet0/4
description link_to_ASA
switchport access vlan 2
switchport mode dynamic desirable
random-detect
arp timeout 60
!
interface GigabitEthernet0/5
description games_server
switchport access vlan 2
switchport mode dynamic desirable
random-detect
arp timeout 60
!
interface GigabitEthernet0/6
description media
switchport access vlan 2
switchport mode dynamic desirable
random-detect
arp timeout 60
interface GigabitEthernet0/7
description files
switchport access vlan 2
switchport mode dynamic desirable
random-detect
arp timeout 60
!
interface GigabitEthernet0/8
description SKALA
switchport trunk encapsulation dot1q
switchport mode trunk
random-detect
arp timeout 60
!
interface GigabitEthernet0/9
switchport trunk encapsulation dot1q
switchport mode trunk
random-detect
arp timeout 60
!
interface GigabitEthernet0/10
switchport access vlan 2
switchport trunk encapsulation dot1q
switchport mode trunk
random-detect
arp timeout 60
!
interface GigabitEthernet0/11
description files_server
switchport access vlan 2
switchport mode dynamic desirable
random-detect
arp timeout 60
!
interface GigabitEthernet0/12
description PROXY_internal
switchport access vlan 2
switchport mode dynamic desirable
random-detect
arp timeout 60
!
interface Vlan1
no ip address
shutdown
!
interface Vlan2
ip address 172.19.88.1 255.255.248.0 secondary
ip address 10.0.0.1 255.0.0.0
ip access-group PRIVATE-IN in
ip access-group PRIVATE-OUT out
!
interface Vlan3
description Lint to Router
ip address .......................
random-detect
arp timeout 60
!
interface Vlan141
description ...
ip address .....................
random-detect
!
interface Vlan142
description ...
ip address ....................
random-detect
!
ip default-gateway ............
ip classless
ip route 0.0.0.0 0.0.0.0 .............. на головную циску
no ip http server
!
ip as-path access-list 44 permit ^$
ip as-path access-list 60 permit ^.........
!
ip access-list extended PRIVATE-IN
permit ip 172.3.0.0 0.248.255.255 any
permit ip 172.3.0.0 0.248.255.255 host 172.19.88.1
permit ip 172.3.0.0 0.248.255.255 host 192.168.0.1
permit ip 172.3.0.0 0.248.255.255 host ........
permit gre 172.3.0.0 0.248.255.255 host .......
permit ip 172.3.0.0 0.248.255.255 host .........
permit gre 172.3.0.0 0.248.255.255 host .........
permit gre 172.3.0.0 0.248.255.255 host 192.168.0.1
permit udp 172.3.0.0 0.248.255.255 host ..... eq domain
permit tcp 172.3.0.0 0.248.255.255 host ........ eq www
permit udp 172.3.0.0 0.248.255.255 host ........ eq domain
permit tcp 172.3.0.0 0.248.255.255 host ........ eq www
permit tcp 172.3.0.0 0.248.255.255 host ........ eq www
permit ip 10.0.0.0 0.255.255.255 host 10.0.0.1
permit ip 10.0.0.0 0.255.255.255 host 192.168.0.1
permit ip 10.0.0.0 0.255.255.255 host ........
permit ip 10.0.0.0 0.255.255.255 host ........
permit ip 10.0.0.0 0.255.255.255 10.0.0.0 0.255.255.255
permit gre 10.0.0.0 0.255.255.255 host 192.168.0.1
permit gre 10.0.0.0 0.255.255.255 host ........
permit gre 10.0.0.0 0.255.255.255 host ........
permit udp 10.0.0.0 0.255.255.255 host ........ eq domain
permit tcp 10.0.0.0 0.255.255.255 host ........ eq www
permit udp 10.0.0.0 0.255.255.255 host ........ eq domain
permit tcp 10.0.0.0 0.255.255.255 host ........ eq www
permit tcp 10.0.0.0 0.255.255.255 host ........ eq www
deny ip any any
deny gre any any
ip access-list extended PRIVATE-OUT
permit ip any 172.3.0.0 0.248.255.255
permit ip host 172.19.88.1 172.3.0.0 0.248.255.255
permit ip host ........ 172.3.0.0 0.248.255.255
permit ip host ........ 172.3.0.0 0.248.255.255
permit ip 172.3.0.0 0.248.255.255 172.3.0.0 0.248.255.255
permit gre host ........ 172.3.0.0 0.248.255.255
permit gre host ........ 172.3.0.0 0.248.255.255
permit udp host........ eq domain 172.3.0.0 0.248.255.255
permit tcp host........ eq www 172.3.0.0 0.248.255.255
permit tcp host ........ eq www 172.3.0.0 0.248.255.255
permit udp host ........ eq domain 172.3.0.0 0.248.255.255
permit tcp host ........ eq www 172.3.0.0 0.248.255.255
permit ip host 10.0.0.1 10.0.0.0 0.255.255.255
permit ip host ........ 10.0.0.0 0.255.255.255
permit ip host ........ 10.0.0.0 0.255.255.255
permit ip 10.0.0.0 0.255.255.255 10.0.0.0 0.255.255.255
permit gre host ........ 10.0.0.0 0.255.255.255
permit gre host ........ 10.0.0.0 0.255.255.255
permit udp host ........ eq domain 10.0.0.0 0.255.255.255
permit tcp host ........ eq www 10.0.0.0 0.255.255.255
permit tcp host ........ eq www 10.0.0.0 0.255.255.255
permit udp host ........ eq domain 10.0.0.0 0.255.255.255
permit tcp host ........ eq www 10.0.0.0 0.255.255.255
deny ip any any
!
logging facility local3
logging ...............
logging ...............
access-list 50 permit .........
.....................
!
arp access-list Krisa
arp 10.0.0.1 0005.ddc7.fe80 ARPA
arp 172.19.88.254 0016.e680.a825 ARPA
arp 172.19.88.253 0015.1710.7501 ARPA
arp 172.19.88.252 001e.58a7.ad65 ARPA
arp 172.19.88.135 0050.22b5.128a ARPA
arp 172.19.88.132 001d.0fc0.c586 ARPA
arp 172.19.88.130 000f.ea39.0881 ARPA
arp 172.19.88.137 00e0.4c7e.1c88 ARPA
arp 172.19.88.96 001a.4d5f.759f ARPA
arp 172.19.88.71 000e.a67c.9b24 ARPA
arp 172.19.88.70 001c.f0d5.c2d9 ARPA
arp 172.19.88.69 0019.6647.f1b8 ARPA
arp 172.19.88.68 0001.6cd4.4a0f ARPA
arp 172.19.88.67 001b.b964.0ea9 ARPA
arp 172.19.88.65 0014.2a3b.dbd5 ARPA
arp 172.19.88.64 0019.214b.7c15 ARPA
arp 172.19.88.77 0019.2130.dac2 ARPA
arp 172.19.88.76 001f.c688.8c4b ARPA
arp 172.19.88.74 0080.484f.e278 ARPA
arp 172.19.88.73 0007.95da.fe91 ARPA
arp 172.19.88.72 0016.ecfb.04c7 ARPA
arp 172.19.88.84 001e.9083.0e17 ARPA
arp 172.19.88.83 0016.e653.520c ARPA
arp 172.19.88.82 0019.5bfd.784a ARPA
arp 172.19.88.81 0013.d43f.f7a4 ARPA
arp 172.19.88.80 0017.9ac2.0c95 ARPA
arp 172.19.88.95 001b.fc86.3bf3 ARPA
arp 172.19.88.93 0019.214b.3af8 ARPA
arp 172.19.88.92 0022.15ba.a515 ARPA
arp 172.19.88.90 0018.f303.db62 ARPA
arp 172.19.88.89 0019.5b83.4964 ARPA
arp 172.19.88.88 00c0.df11.ebc1 ARPA
arp 172.19.88.37 0050.22b0.62ae ARPA
arp 172.19.88.36 00e0.4d43.0b90 ARPA
arp 172.19.88.35 00a0.d16f.047a ARPA
arp 172.19.88.33 0004.6145.da2f ARPA
arp 172.19.88.32 000f.ea33.ab17 ARPA
arp 172.19.88.60 0001.6cfd.0cb8 ARPA
arp 172.19.88.3 0020.ed83.14ba ARPA
arp 172.19.88.1 0005.ddc7.fe80 ARPA
arp 10.254.254.251 0004.23d6.a869 ARPA
arp 10.254.254.254 0016.e680.a824 ARPA
arp 10.254.254.253 0013.d483.7608 ARPA
arp 172.19.88.25 001d.72c2.8bbd ARPA
snmp-server community private RW 50
snmp-server community public RO 50
!
control-plane
!
!
line con 0
line vty 0 4
no login
line vty 5 15
no login
!
ntp clock-period 17180219
ntp server ........
ntp server ........
end
***********************************************3553 48x************************
sm3550#sh run
Building configuration...
Current configuration : 14727 bytes
!
! Last configuration change at 11:28:57 KRS Fri May 15 2009 by user
! NVRAM config last updated at 19:25:52 KRS Tue May 12 2009 by user
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname sm3550
!
enable secret ...
!
username...
no aaa new-model
clock timezone KRS 7
clock summer-time KRS recurring last Sun Mar 3:00 last Sun Oct 3:00
ip subnet-zero
ip routing
ip host vpn.atllan.ru ...
ip name-server ...
!
no ip rcmd domain-lookup
ip rcmd rsh-enable
ip rcmd remote-host sha 192.168.2.200 root
ip rcmd remote-host sha 10.254.254.251 root
ip rcmd remote-host sha ... root
!
!
!
no file verify auto
!
spanning-tree mode pvst
spanning-tree extend system-id
no spanning-tree vlan 1-1000
!
vlan internal allocation policy ascending
!
!
interface FastEthernet0/1
description ASA_managment
switchport access vlan 3
switchport mode dynamic desirable
random-detect
!
interface FastEthernet0/2
description Billing-Server
switchport access vlan 3
switchport mode dynamic desirable
!
interface FastEthernet0/3
description Telematic-Server
switchport access vlan 3
switchport mode dynamic desirable
!
interface FastEthernet0/4
description ipradio
switchport access vlan 2
switchport mode dynamic desirable
!
interface FastEthernet0/5
description TELEMATIK2
switchport access vlan 3
switchport mode dynamic desirable
!
interface FastEthernet0/6
description games
switchport access vlan 3
switchport mode dynamic desirable
!
interface FastEthernet0/7
description archives_gorod
switchport access vlan 3
switchport mode dynamic desirable
!
interface FastEthernet0/8
description test-port
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/9
description Link_to_Office
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/10
description files_gorod
switchport access vlan 2
switchport mode dynamic desirable
!
interface FastEthernet0/11
description Switch N1
switchport access vlan 2
switchport mode dynamic desirable
random-detect
!
interface FastEthernet0/12
description Switch N11
switchport trunk encapsulation dot1q
switchport mode trunk
random-detect
!
interface FastEthernet0/13
description Switch N3
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/14
description Switch N4
switchport trunk encapsulation dot1q
switchport mode trunk
duplex full
random-detect
!
interface FastEthernet0/15
description Switch N8 Slav_1_6
switchport trunk encapsulation dot1q
switchport mode trunk
random-detect
!
interface FastEthernet0/16
description Switch N6
switchport trunk encapsulation dot1q
switchport mode trunk
random-detect
!
interface FastEthernet0/17
description Switch N7
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/18
description Switch N8
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/19
description sssr_31_4
switchport trunk encapsulation dot1q
switchport mode trunk
random-detect
!
interface FastEthernet0/20
description Switch N10
switchport trunk encapsulation dot1q
switchport mode trunk
random-detect
!
interface FastEthernet0/21
description Switch N11
switchport trunk encapsulation dot1q
switchport mode trunk
random-detect
!
interface FastEthernet0/22
description Switch N12
switchport trunk encapsulation dot1q
switchport mode trunk
speed 100
duplex full
random-detect
!
interface FastEthernet0/23
description Switch N13
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
duplex full
random-detect
interface FastEthernet0/24
description Switch N14
switchport trunk encapsulation dot1q
switchport mode trunk
random-detect
!
interface FastEthernet0/25
description Switch N15
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/26
description Switch N16
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/27
description Switch N17
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/28
description Switch N18
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/29
description Switch N19
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/30
description Switch N20
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/31
description Switch N21
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/32
description Switch N22
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/33
description Switch N23
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/34
description Switch N24
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/35
description Switch N25
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/36
description Switch N26
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/37
description Switch N27
switchport trunk encapsulation dot1q
switchport mode trunk
random-detect
!
interface FastEthernet0/38
description Switch N28
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/39
description Switch N29
switchport trunk encapsulation dot1q
switchport mode trunk
random-detect
!
interface FastEthernet0/40
description Switch N30
switchport trunk encapsulation dot1q
switchport mode trunk
speed 100
duplex full
random-detect
!
interface FastEthernet0/41
description Switch N31
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/42
description Switch N32
switchport trunk encapsulation dot1q
switchport mode trunk
random-detect
!
interface FastEthernet0/43
description Switch N33
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/44
description Switch N34
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/45
description Switch N35
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/46
description Switch N36
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/47
description Switch N37
switchport trunk encapsulation dot1q
switchport mode trunk
ip access-group TCPUDP50138 in
random-detect
!
interface FastEthernet0/48
description ..
switchport access vlan 10
switchport mode dynamic desirable
random-detect
!
interface GigabitEthernet0/1
description File-Server
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet0/2
description File-Server_2
switchport access vlan 2
switchport mode dynamic desirable
!
interface Vlan1
no ip address
!
interface Vlan2
no ip address
ip access-group PRIVATE-IN in
ip access-group PRIVATE-OUT out
random-detect
arp timeout 60
interface Vlan3
description Link to Router
ip address ... 255.255.255.240 secondary
ip address ... 255.255.255.224
random-detect
arp timeout 60
!
interface Vlan4
description
ip address 192.168.2.254 255.255.255.0
ip access-group SAFEACL-IN in
ip access-group SAFEACL-OUT out
random-detect
arp timeout 60
!
interface Vlan5
description
ip address 192.168.3.1 255.255.255.252
ip access-group SAFEACL-IN in
ip access-group SAFEACL-OUT out
random-detect
arp timeout 60
!
interface Vlan6
description
ip address 192.168.3.5 255.255.255.252
ip access-group SAFEACL-IN in
ip access-group SAFEACL-OUT out
random-detect
arp timeout 60
!
interface Vlan7
description SibenergoService
ip address 192.168.3.33 255.255.255.248
ip access-group SAFEACL-IN in
ip access-group SAFEACL-OUT out
random-detect
arp timeout 60
!
interface Vlan8
description EniseyAlmaz
ip address 192.168.3.13 255.255.255.252
ip access-group SAFEACL-IN in
ip access-group SAFEACL-OUT out
random-detect
arp timeout 60
!
interface Vlan13
description
ip address 192.168.3.17 255.255.255.252
ip access-group SAFEACL-IN in
ip access-group SAFEACL-OUT out
random-detect
arp timeout 60
!
interface Vlan14
description
ip address 192.168.3.21 255.255.255.252
random-detect
arp timeout 60
!
interface Vlan128
description
ip address 192.168.3.25 255.255.255.252
ip access-group SAFEACL-IN in
ip access-group SAFEACL-OUT out
random-detect
arp timeout 60
!
interface Vlan129
description
ip address 192.168.3.29 255.255.255.252
ip access-group SAFEACL-IN in
ip access-group SAFEACL-OUT out
random-detect
arp timeout 60
!
interface Vlan130
description cdt1
ip address 192.168.3.65 255.255.255.240
ip access-group SAFEACL-IN in
ip access-group SAFEACL-OUT out
random-detect
arp timeout 60
!
interface Vlan132
description
ip address 192.168.3.41 255.255.255.252
ip access-group SAFEACL-IN in
ip access-group SAFEACL-OUT out
random-detect
arp timeout 60
!
interface Vlan133
description
ip address 192.168.3.97 255.255.255.224
ip access-group SAFEACL-IN in
ip access-group SAFEACL-OUT out
random-detect
arp timeout 60
!
ip default-gateway ...
ip classless
ip route 0.0.0.0 0.0.0.0 ... на 3550 12Т
ip route ... 255.255.255.224 ...
ip route ... 255.255.255.255 ...
ip route ... 255.255.255.255 ...
ip route ... 255.255.255.252 ...
ip route 172.19.88.0 255.255.248.0 ...
no ip http server
!
!
logging facility local3
logging .................
!
arp access-list Krisa
arp 10.254.254.251 0004.23d6.a869 ARPA
arp 10.254.254.254 0016.e641.32da ARPA
arp 10.254.254.253 0013.d483.7608 ARPA
snmp-server community public RO 50
snmp-server community private RW 50
!
control-plane
!
!
line con 0
login local
line vty 0 4
access-class 50 in
login local
line vty 5 15
access-class 50 in
login local
!
ntp clock-period 17180150
ntp server ...........
end
вылетает вот в такой ошибкой
System returned to ROM by error - Unassigned Exception (0xCCC0043)!, PC 0x2A99F0