一、环境介绍
本次实验环境为一台H3C S5130交换机,两台TP-LINK TL-SG1008D八口千兆傻瓜交换机,一台TP-LINK TL-SG1005D五口千兆傻瓜交换机。
二、实验目的
在各种条件下,测试交换机防环功能和状态,H3C交换机默认STP协议为MSTP协议。
三、实验步骤
1、普通环路实验
拓扑图
关闭STP协议
[H3C]un stp global en
[H3C]%Jan 1 02:19:16:001 2013 H3C STP/6/STP_DISABLE: STP is now disabled on the device.将交换机1口2口通过网线连接,查看接口状态
[H3C]dis int br
Interface Link Speed Duplex Type PVID Description
GE1/0/1 UP 1G(a) F(a) A 1
GE1/0/2 UP 1G(a) F(a) A 1查看CPU使用率
[H3C]dis cpu
Slot 1 CPU 0 CPU usage:
3% in last 5 seconds
4% in last 1 minute
3% in last 5 minutes
在网络静默状态下,无广播包,CPU使用率不会飙升
将电脑接入交换机,交换机ping电脑,仅一台电脑的网络下,因为环路,CPU使用率即出现飙升,交换机指示灯狂闪,且通讯中断。
[H3C]dis cpu
Slot 1 CPU 0 CPU usage:
30% in last 5 seconds
31% in last 1 minute
3% in last 5 minutes
在交换机开启STP协议
[H3C]stp global en
%Jan 1 02:25:56:729 2013 H3C STP/6/STP_ENABLE: STP is now enabled on the device.
%Jan 1 02:25:56:775 2013 H3C STP/6/STP_DETECTED_TC: Instance 0's port GigabitEthernet1/0/1 detected a topology change.查看CPU使用率恢复正常
[H3C]dis cpu
Slot 1 CPU 0 CPU usage:
2% in last 5 seconds
30% in last 1 minute
3% in last 5 minutes
查看接口状态,1 2口仍为UP状态
Interface Link Speed Duplex Type PVID Description
GE1/0/1 UP 1G(a) F(a) A 1
GE1/0/2 UP 1G(a) F(a) A 1查看STP接口状态,2号口为DISCARDING阻塞状态,防环功能正常启动。
[H3C]dis stp brief
MST ID Port Role STP State Protection
0 GigabitEthernet1/0/1 DESI FORWARDING NONE
0 GigabitEthernet1/0/2 BACK DISCARDING NONE
0 GigabitEthernet1/0/15 DESI FORWARDING NONE
2、接入傻瓜交换机形成大环路
网络拓扑
通过傻瓜交换机串联形成环路,STP工作正常,环路被屏蔽
[H3C]dis stp brief
MST ID Port Role STP State Protection
0 GigabitEthernet1/0/1 DESI FORWARDING NONE
0 GigabitEthernet1/0/2 BACK DISCARDING NONE
3、接入傻瓜交换机形成小环路
网络拓扑
通过傻瓜交换机串联形成小环路,STP工作正常,环路在网管交换机处被屏蔽,但傻瓜交换机等狂闪,仍为环路状态。
[H3C]dis stp brief
MST ID Port Role STP State Protection
0 GigabitEthernet1/0/1 DESI DISCARDING NONE
一段时间后,STP进入转发状态,网络瘫痪,即STP可以无法运行在傻瓜交换机上
[H3C]dis stp brief
MST ID Port Role STP State Protection
0 GigabitEthernet1/0/1 DESI FORWARDING NONE
4、普通环路检测
拓扑图
开启基于VLAN的全局环路检测,配置环路检测处理模式为关闭接口,配置检测间隔为35秒
[H3C]loopback-detection global enable vlan all
[H3C]loopback-detection global action shutdown
[H3C]loopback-detection interval-time 35使用网线连接1 2口,查看STP状态
[H3C]dis stp brief
MST ID Port Role STP State Protection
0 GigabitEthernet1/0/1 DESI FORWARDING NONE
0 GigabitEthernet1/0/2 BACK DISCARDING NONE
查看接口状态,当STP正常工作时,环路检测不会检测出环路
Interface Link Speed Duplex Type PVID Description
GE1/0/1 UP 1G(a) F(a) A 1
GE1/0/2 UP 1G(a) F(a) A 1
关闭STP
[H3C]un stp global en查看接口状态
[H3C]%Jan 1 03:02:05:069 2013 H3C LPDT/4/LPDT_LOOPED: A loop was detected on GigabitEthernet1/0/1.
%Jan 1 03:02:05:076 2013 H3C LLDP/6/LLDP_DELETE_NEIGHBOR: Nearest bridge agent neighbor deleted on port GigabitEthernet1/0/2 (IfIndex 2), neighbor's chassis ID is 6893-20d4-f004, port ID is GigabitEthernet1/0/1.
%Jan 1 03:02:05:212 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface GigabitEthernet1/0/1 changed to down.
%Jan 1 03:02:05:223 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface GigabitEthernet1/0/1 changed to down.
%Jan 1 03:02:05:227 2013 H3C LPDT/4/LPDT_VLAN_LOOPED: A loop was detected on GigabitEthernet1/0/1 in VLAN 1.
环路的两个接口被关闭,环路检测功能正常
Interface Link Speed Duplex Type PVID Description
GE1/0/1 DOWN auto A A 1
GE1/0/2 DOWN auto A A 1
5、接入傻瓜交换机形成大环路进行环路检测
网络拓扑
检测到环路
%Jan 1 03:12:36:560 2013 H3C LPDT/4/LPDT_VLAN_LOOPED: A loop was detected on GigabitEthernet1/0/1 in VLAN 1.
%Jan 1 03:12:36:560 2013 H3C LPDT/5/LPDT_VLAN_RECOVERED: A loop was removed on GigabitEthernet1/0/11 in VLAN 1.
%Jan 1 03:12:36:561 2013 H3C LPDT/5/LPDT_RECOVERED: All loops were removed on GigabitEthernet1/0/11.
%Jan 1 03:12:36:563 2013 H3C LPDT/5/LPDT_VLAN_RECOVERED: A loop was removed on GigabitEthernet1/0/1 in VLAN 1.
%Jan 1 03:12:36:563 2013 H3C LPDT/5/LPDT_RECOVERED: All loops were removed on GigabitEthernet1/0/1.
%Jan 1 03:12:36:571 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface1 changed to down.
%Jan 1 03:12:36:572 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface1 changed to down.
查看接口状态,接口被Loopback关闭,环路检测正常
Type: A - access; T - trunk; H - hybrid
Interface Link Speed Duplex Type PVID Description
GE1/0/1 DOWN auto A A 1
GE1/0/2 DOWN auto A A 1
[H3C]dis interface g1/0/1
GigabitEthernet1/0/1
Current state: DOWN (Loopback detection down)
Line protocol state: DOWN
6、接入傻瓜交换机形成小环路进行环路检测
网络拓扑
环路检测检测到环路,接口被关闭
%Jan 1 03:18:51:179 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface GigabitEthernet1/0/1 changed to down.
%Jan 1 03:18:51:186 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface GigabitEthernet1/0/1 changed to down.
%Jan 1 03:18:51:189 2013 H3C LPDT/4/LPDT_VLAN_LOOPED: A loop was detected on GigabitEthernet1/0/1 in VLAN 1.
%Jan 1 03:18:51:213 2013 H3C LPDT/5/LPDT_VLAN_RECOVERED: A loop was removed on GigabitEthernet1/0/1 in VLAN 1.
%Jan 1 03:18:51:214 2013 H3C LPDT/5/LPDT_RECOVERED: All loops were removed on GigabitEthernet1/0/1.
%Jan 1 03:18:51:231 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface1 changed to down.
Interface Link Speed Duplex Type PVID Description
GE1/0/1 DOWN auto A A 1
GE1/0/2 DOWN auto A A 1但傻瓜交换机的网络仍然为瘫痪状态
四、实验总结
网管交换机不可与傻瓜交换机混用
1、即使STP与环路检测生效,傻瓜交换机仍为环路满载状态。
2、傻瓜交换机无法支持STP与环路检测协议,仍会造成网络故障
另外,配置环路检测后,需要配置日志告警系统,对环路协议报告进行告警。
评论