[Troubleshooting Series] Case 35 Users Cannot Access Gateway Problems

539 0 0 0


Physical Network Topology

171350ki49d4ioiic4s4sd.png

 

Fault Description

As shown in the figure, two CE12800s are connected to each other. Each device is configured with a VLAN 100, and then VLANIF 100 is configured on VLAN 100. The IP addresses 100.1.1.1/16 and 100.1.1.2/16 are configured. The CE12800 is learned. After learning 64K ARP entries, some users cannot ping the gateway.

The server failed to ping the gateway IP address 100.1.1.1.

Configuration Files

l   CE12800

vlan batch 100
#
interface Vlanif100
 ip address 100.1.1.1 255.255.0.0
#
interface 10GE1/0/1
 port default vlan 100
arp static 100.1.1.3 0efc-0505-86e3 vlan 100 interface 10GE 1/0/2 
arp static 100.1.1.4 0efc-0505-86e4 vlan 100 interface 10GE 1/0/2 
arp static 100.1.1.5 0efc-0505-86e5 vlan 100 interface 10GE 1/0/2 
arp static 100.1.1.6 0efc-0505-86e6 vlan 100 interface 10GE 1/0/2 
arp static 100.1.1.7 0efc-0505-86e7 vlan 100 interface 10GE 1/0/2 
arp static 100.1.1.8 0efc-0505-86e8 vlan 100 interface 10GE 1/0/2 
arp static 100.1.1.9 0efc-0505-86e9 vlan 100 interface 10GE 1/0/2

1.1.2 Troubleshooting Location

Troubleshooting Procedure

                               Step 1      Check the alarm information on the device and find that the device has insufficient encapsulation table resources. The details are as follows:

[~HUAWEI] display alarm active verbose
Sequence    : 329       
AlarmId     : 0x95E2029             AlarmName : hwBoardResWarningThresholdExceed                                
AlarmType   : quality_of_service    Severity  : Warning          State : active 
RootKindFlag: Independent           
StartTime   : 2018-02-04 03:56-08:00               
Description : The number of forwarding resources reaches the alarm threshold. (Slot = 1, Threshold = 100, Reason = 174, Description : The number of ARP exceeded the warning threshold.)

The information entry is on the device and the ARP resource forwarding table has been exhausted. As a result, the ARP cannot apply for the ARP forwarding resource entry.

Solution: When the number of users connected to the device is greater than 20000, and the user's MAC address is continuous (for example, when the device is connected to a virtual machine, the MAC address of the virtual machine is continuous), the ARP resource mode is modified from the global mode to the extended mode. The user reuses an IP address, restarts the device, and solves the problem.

Modify the ARP resource mode to extended mode.

<HUAWEI> system-view
[~HUAWEI] arpresource-mode extend

After the mode is modified, restart the device to ping the gateway device. The information is as follows:

Pinging 100.1.1.1 with 32 bytes of data:
Response from 100.1.1.1: Bytes = 32 Time = 1ms TTL = 254
Response from 100.1.1.1: Bytes = 32 Time = 1ms TTL = 254
Response from 100.1.1.1: Bytes = 32 Time = 1ms TTL = 254
Response from 100.1.1.1: Bytes = 32 Time = 1ms TTL = 254
Ping statistics for 100.1.1.1:
     Packet: Sent = 4, Received = 4, Lost = 0 (0% lost),
Estimated round trip time in milliseconds:
     Shortest = 48ms, longest = 49ms, average = 48ms

Root Cause

When there are excessive ARP entries on the device, the insufficient resources used by ARP will fail to apply, causing customers to access the gateway normally.

 


  • x
  • convention:

Reply

Reply
You need to log in to reply to the post Login | Register

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!

Login and enjoy all the member benefits

Login
Fast reply Scroll to top