清除交换机配置、配置镜像端口以及Wireshark抓包(以Huawei S5720为例)

背景:

办公室有一台拆下后闲置的Huawei S5720-28P-PWR-LI-AC二层交换机。昨天听闻同学说ping交换机管理地址时,长ping大包会有丢包现象(字节为8000时,每10个包左右丢包一个,字节为6000时,每15个包左右丢包一个,字节为5000时没有丢包现象)。

尝试复原该现象并通过抓包分析相应原因。

本篇文章仅笔者做记录参考,学术用意不大~

清除设备现有配置:

<Quidway-HW5720>reset saved-configuration  //清除现有配置
--------
Warning: The action will delete the saved configuration in the device.
The configuration will be erased to reconfigure. Continue? [Y/N]:y

Warning: Now clearing the configuration in the device.

Apr  2 2000 00:11:51 Quidway-HW5720 %%01CFM/4/RST_CFG(s)[2]:The user chose Y when deciding whether to reset the saved configuration.

Info: Succeeded in clearing the configuration in the device.
--------
<Quidway-HW5720>reboot //重启设备
--------
Info: The system is now comparing the configuration, please wait.

Warning: The configuration has been modified, and it will be saved to the next startup saved-configuration file . Continue? [Y/N]:n

Info: If want to reboot with saving diagnostic information, input 'N' and then execute 'reboot save diagnostic-information'.

System will reboot! Continue?[Y/N]:y
--------
//以下为重启信息(该交换机没有设置时间)
Apr  2 2000 00:12:48 Quidway-HW5720 %%01CMD/4/REBOOT(s)[3]:The user chose N when deciding whether to reboot the system. (Task=co0, Ip=**, VpnName=, User=**)

Comparing the firmware versions
The latest firmware version is in use.
Info: System is rebooting, please wait...
Apr  2 2000 00:13:11 Quidway-HW5720 %%01SRM/4/MSTRSCURST(l)[4]:Master SCU is reset.
Apr  2 2000 00:13:11 Quidway-HW5720 %%01SRM/4/RESETREASON(l)[5]:Board reset by VRP command or net manager.
INIT: Sending processes the TERM signal

Broadcast message from root@localhost (console) (Tue Aug 23 03:17:57 2016):
The system is going down for reboot NOW!
INIT: Monitor receive signal 1, and exited
Sending all processes the TERM signal...
Monitor receive signal 15, and exited
BIOS loading ...
DDR3 Training Sequence - Ver TIP-42.H-1.0.0
DDR3 Training Sequence - Switching XBAR Window to FastPath Window 
DDR3 Training Sequence - Ended Successfully
BootROM: Image checksum verification PASSED


U-Boot (Jan 05 2017 - 10:08:40)


The press of Ctrl+T before TEST is room test
Press Ctrl+T to Start Memory Test:  0
Board: ES5D2V28S006
NAND:  512 MB
Using default environment

FPU initialized to Run Fast Mode.
USB2.0 0: Host Mode
Net:   egiga0 [PRIME], egiga1

Boot from main : boot num[1]

Starting kernel ...Get log address 0xe0a00028


INIT: version 2.88 booting
Starting udev
Starting Bootlog daemon: bootlogd.
Populating dev cache
INIT: Entering runlevel: 3ge = 5
Stopping Bootlog daemon: bootlogd.

Wind River Linux 6.0.0.30 localhost console

localhost login: root (automatic login)
login[1919]: root login on 'console'

Jan 23 2017, 19:21:20
mknod: /dev/mvPP: File exists
BootLoad version : 020a.0001
Backup U-Boot ............................................................. done

Press Ctrl+B or Ctrl+E to enter BootLoad menu:  0 
Now, the current startup file is flash:/s5720li-v200r010c00spc600.cc

Info: Check signature, please wait.................


System total memory is 0x15200000

Start to initialize the LSW ...
Initializing the LSW ...................................................... done
Initializing netlink ...................................................... done
Initializing fast netlink ................................................. done
Backup BootLoad ........................................................... done
Backup Kernel ............................................................. done
Backup RamDisk ............................................................ done

Stack status : enable
ECM Stack status : run

Initializing FSP task begin ...

Initializing DEV module ................................................... done

Initializing hardware system .............................................. done
Begin to start the system ...

Registering IPC and VP callback to platform ............................... done

Initializing VFS ..................................... Done
Checking startup system-software .......................................... done
Reading PAF file .......................................................... done
Initializing VOS monitor ............................. Done
CFM initialization advance ........................... done
Initializing PAT ..................................... Done
Initializing HA ...................................... done
VFS registering to HA ................................ Done

VRP root begin ...
VRP root end
CFG initialization begin ............................. done
CFM initialization begin ............................. done
CLI initialization begin ............................. done
Registering VRP all link command begin ............... Done
Creating task begin ...
Creating task end
Task initialization begin ...
Task initialization end

ECMM status : run
Cmd registering begin ...
Cmd registering end

Task awake begin ...
Task awake end

Recover configuration begin ...
Recover configuration end
Press ENTER to get started.
--------

Login authentication


Username:admin
Password:(默认账户及密码为admin以及admin@huawei.com)
Warning: The default password poses security risks. 

The password needs to be changed. Change now? [Y/N]: y
Please enter old password: (即admin@huawei.com)
Please enter new password: 
Please confirm new password: 
The password has been changed successfully.
<HUAWEI>

配置端口镜像:

<HUAWEI>sys
Enter system view, return user view with Ctrl+Z.
[HUAWEI]observe-port 1 interface GigabitEthernet 0/0/1
[HUAWEI]int GigabitEthernet 0/0/2
[HUAWEI-GigabitEthernet0/0/2]port-mirroring to observe-port 1 ?  
--------
  both      Assign Mirror to both inbound and outbound of an interface 
  inbound   Assign Mirror to the inbound of an interface 
  outbound  Assign Mirror to the outbound of an interface 
--------
[HUAWEI-GigabitEthernet0/0/2]port-mirroring to observe-port 1 both
[HUAWEI-GigabitEthernet0/0/2]quit
[HUAWEI]dis port-mirroring //查看镜像端口信息
  ----------------------------------------------------------------------
  Observe-port 1 : GigabitEthernet0/0/1
  ----------------------------------------------------------------------
  Port-mirror:
  ----------------------------------------------------------------------
       Mirror-port               Direction  Observe-port             
  ----------------------------------------------------------------------
  1    GigabitEthernet0/0/2      Inbound    Observe-port 1           
  2    GigabitEthernet0/0/2      Outbound   Observe-port 1           
  ----------------------------------------------------------------------

注意,如上配置为“将Gigabitethernet 0/0/1设置为观察端口”即在该接口下可以抓取到Gigabitethernet 0/0/2端口的出入流量(inbound and outbound)

抓取报文:

交换机按如下描述接线:

Gigabitethernet 0/0/1接笔者的笔记本网卡(用于监控)

Gigabitethernet 0/0/2接台式电脑网卡(旁边同事的)

Gigabitethernet 0/0/3接办公室墙壁网口(用于自动获取地址,华为交换机清除配置后,可以被认为一台非网管/傻瓜交换机)

#
observe-port 1 interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
 port-mirroring to observe-port 1 inbound
 port-mirroring to observe-port 1 outbound
#
interface GigabitEthernet0/0/3            
#

2台设备都已通过DHCP获得地址(DHCP Discover-DHCP Offer-DHCP Request-DHCP Ack)

在同事台式机cmd下ping 172.xx.xx.xx -l 20000 -t,笔者笔记本Wireshark抓包

有正常丢包情况(1/86) ,未能复现同学遇到的情况。

要是在现场说不定还能嗷嗷看下嘛回事儿,上一天班写这么点玩意儿也妹啥用,刷会微博回家追剧,路由交换,啥也不是

参考:

虽然没干啥事,但是参考了前辈们的一些文章,如有朋友带着问题读到这篇文章最后也没解决自己的问题,欢迎参考一下如下博客,希望能帮助到大家。

一个ping大包不通问题的解决过程 - 千里之外外 - 博客园

S5700交换机Ping大包出现丢包- 华为

华为交换机做镜像-抓包_吾小汪的博客-CSDN博客_交换机镜像抓包

PING大包丢包网络故障分析案例、解决方案 - 百度文库


版权声明:本文为m0_51770049原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。