[All About Switches] An Access Switch Cannot Ping the Gateway When the Uplink and Downlink Interfaces of the Aggregation Switch Are Bound to Eth-Trunk

Latest reply: Mar 12, 2018 15:51:53 1023 1 0 0

Involved Products and Versions

Modular switches running V200R007 and later versions

Networking

As shown in Figure 1-1, ME60 is the gateway of SwitchB, and SwitchA is configured to transparently transmit Layer 2 packets. SwitchA is connected to ME60 through Eth-Trunk52 in the uplink direction and connected to SwitchB through Eth-Trunk24 in the downlink direction.

Figure 1-1 Networking diagram for the fault that an access switch cannot ping the gateway when the uplink of downlink interfaces of the aggregation switch are bound to Eth-Trunks respectively

20180312145207538001.png

 

Fault Symptom

SwitchB cannot ping ME60.

Cause Analysis

When unknown unicast packets are broadcast to the same card and other cards, the VLAN ID is used as the factor of hash algorithm in route selection. The VLAN ID in the original packets is used on the same card, and the translated VLAN ID is used on different cards. In this case, the calculated HASH-KEY values are different resulting in excessive packets or lost packets on the Eth-Trunk interface.

Troubleshooting Procedure

                          Step 1     Collect statistics about ARP packets on SwitchA. The following packet statistics show that ARP broadcast request packets of SwitchB are not forwarded to ME60.

[SwitchA] display traffic policy statistics interface Eth-Trunk 24 inbound verbose rule-base  
 Interface: Eth-Trunk24
 Traffic policy inbound: Qos-ZhuanXian
 Rule number: 1
 Current status: success
 Statistics interval: 300
---------------------------------------------------------------------
 Classifier: arp operator and
 Behavior: arp
 if-match l2-protocol arp
 if-match source-mac 4846-fbeb-f3ba
 if-match destination-mac ffff-ffff-ffff 
 Board : 2
---------------------------------------------------------------------
 Passed          |      Packets:                         127
                |      Bytes:                           8,636
                  |      Rate(pps):                           0
                  |      Rate(bps):                           0
---------------------------------------------------------------------
 Dropped          |      Packets:                             0
                  |      Bytes:                               0
                  |      Rate(pps):                           0
                  |      Rate(bps):                           0
---------------------------------------------------------------------
 Board : 3
---------------------------------------------------------------------
 Passed           |      Packets:                             0
                  |      Bytes:                               0
                  |      Rate(pps):                           0
                  |      Rate(bps):                           0
---------------------------------------------------------------------
 Dropped          |      Packets:                             0
                  |      Bytes:                               0
                  |      Rate(pps):                           0
                  |      Rate(bps):                           0
---------------------------------------------------------------------
 Board : 4
---------------------------------------------------------------------
 Passed           |      Packets:                             1
                  |      Bytes:                              68
                  |      Rate(pps):                           0
                  |      Rate(bps):                           0
---------------------------------------------------------------------
 Dropped          |      Packets:                             0
                  |      Bytes:                               0
                  |      Rate(pps):                           0
                  |      Rate(bps):                           0

[SwitchA] display traffic policy statistics interface Eth-Trunk 52 outbound verbose rule-base  
 
 Interface: Eth-Trunk52
 Traffic policy outbound: arp
 Rule number: 1
 Current status: success
 Statistics interval: 300
---------------------------------------------------------------------
 Classifier: arp operator and
 Behavior: arp1
 if-match l2-protocol arp
 if-match source-mac 4846-fbeb-f3ba
 if-match destination-mac ffff-ffff-ffff 
 Board : 2
---------------------------------------------------------------------
 Passed         |      Packets:                         0
                |      Bytes:                           0
                  |      Rate(pps):                           0
                  |      Rate(bps):                           0
---------------------------------------------------------------------
 Dropped          |      Packets:                             0
                  |      Bytes:                               0
                  |      Rate(pps):                           0
                  |      Rate(bps):                           0
---------------------------------------------------------------------
 Board : 4
---------------------------------------------------------------------
 Passed           |      Packets:                             0
                  |      Bytes:                               0
                  |      Rate(pps):                           0
                  |      Rate(bps):                           0
---------------------------------------------------------------------
 Dropped          |      Packets:                             0
                  |      Bytes:                               0
                  |      Rate(pps):                           0
                  |      Rate(bps):                           0
---------------------------------------------------------------------
 Board : 5
---------------------------------------------------------------------
 Passed           |      Packets:                             0
                  |      Bytes:                              0
                  |      Rate(pps):                           0
                  |      Rate(bps):                           0
---------------------------------------------------------------------
 Dropped          |      Packets:                             0
                  |      Bytes:                               0
                  |      Rate(pps):                           0
                  |      Rate(bps):                           0
---------------------------------------------------------------------
 Board : 6
---------------------------------------------------------------------
 Passed           |      Packets:                             0
                  |      Bytes:                               0
                  |      Rate(pps):                           0
                  |      Rate(bps):                           0
---------------------------------------------------------------------
 Dropped          |      Packets:                             0
                  |      Bytes:                               0
                  |      Rate(pps):                           0
                  |      Rate(bps):                           0
---------------------------------------------------------------------

                          Step 2     Check configurations of the downlink Eth-Trunk24 and uplink Eth-Trunk52.

Configurations of Eth-Trunk24 are as follows:

#
interface Eth-Trunk24
 undo port hybrid vlan 1
 port hybrid tagged vlan 80 300 500 534 to 535 900 932 to 933 1957 to 1958 1999 2843 2923 to 2926
 port hybrid tagged vlan 2931 to 2934 2950 2973 to 2974 3018 3041 to 3042 3090 3101 3194 3204 to 3206 3265
 port hybrid tagged vlan 3355 3465 to 3469 3651 3683 3725 3729 3786 3828 3838 3848 to 3849
 port hybrid tagged vlan 4017
 port hybrid untagged vlan 150
 port vlan-stacking vlan 151 stack-vlan 150
 port vlan-stacking vlan 152 stack-vlan 150
 port vlan-stacking vlan 189 stack-vlan 150
 port vlan-stacking vlan 279 stack-vlan 150
 traffic-policy Qos-ZhuanXian inbound
 traffic-policy 3333 outbound
 urpf loose
#

[SwitchA] display eth-trunk 24
Eth-Trunk24's state information is:
WorkingMode: NORMAL         Hash arithmetic: According to SIP-XOR-DIP          
Least Active-linknumber: 1  Max Bandwidth-affected-linknumber: 8              
Operate status: up          Number Of Up Port In Trunk: 3                     
--------------------------------------------------------------------------------
PortName                      Status      Weight 
GigabitEthernet2/0/5          Up          1      
GigabitEthernet4/0/17         Up          1      
GigabitEthernet3/1/17         Up          1   

Configurations of Eth-Trunk52 are as follows:

#
interface Eth-Trunk52
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 150 2001 to 2002 2146 2187 3355 4001
 traffic-policy arp outbound
 mode lacp
#

[SwitchA] display eth-trunk 52
Eth-Trunk52's state information is:
Local:
LAG ID: 52                  WorkingMode: LACP                                 
Preempt Delay: Disabled     Hash arithmetic: According to SIP-XOR-DIP         
System Priority: 32768      System ID: 68a8-284d-59d0                         
Least Active-linknumber: 1  Max Active-linknumber: 8                          
Operate status: up          Number Of Up Port In Trunk: 8                     
--------------------------------------------------------------------------------
ActorPortName          Status   PortType PortPri PortNo PortKey PortState Weight
GigabitEthernet4/0/20  Selected 1GE      32768   57     13361   10111100  1     
GigabitEthernet2/0/20  Selected 1GE      32768   58     13361   10111100  1     
GigabitEthernet5/0/4   Selected 1GE      32768   59     13361   10111100  1     
GigabitEthernet6/0/4   Selected 1GE      32768   60     13361   10111100  1     
GigabitEthernet5/0/5   Selected 1GE      32768   61     13361   10111100  1     
GigabitEthernet5/0/6   Selected 1GE      32768   62     13361   10111100  1     
GigabitEthernet6/0/5   Selected 1GE      32768   63     13361   10111100  1     
GigabitEthernet6/0/6   Selected 1GE      32768   64     13361   10111100  1     
 
Partner:
--------------------------------------------------------------------------------
ActorPortName          SysPri   SystemID        PortPri PortNo PortKey PortState
GigabitEthernet4/0/20  32768    e435-c888-2e6a  32768   21     817     10111100
GigabitEthernet2/0/20  32768    e435-c888-2e6a  32768   17     817     10111100
GigabitEthernet5/0/4   32768    e435-c888-2e6a  32768   18     817     10111100
GigabitEthernet6/0/4   32768    e435-c888-2e6a  32768   22     817     10111100
GigabitEthernet5/0/5   32768    e435-c888-2e6a  32768   19     817     10111100
GigabitEthernet5/0/6   32768    e435-c888-2e6a  32768   20     817     10111100
GigabitEthernet6/0/5   32768    e435-c888-2e6a  32768   23     817     10111100
GigabitEthernet6/0/6   32768    e435-c888-2e6a  32768   24     817     10111100

                          Step 3     Check the load balancing mode of unknown unicast packets that are forwarding by Eth-Trunks.

[SwitchA] display current-configuration | include load
unknown-unicast load-balance enhanced
load-balance-profile 1
 load-balance enhanced profile 1
 load-balance enhanced profile 1
 load-balance enhanced profile 1
 load-balance enhanced profile 1
[SwitchA] load-balance-profile 1
[SwitchA-load-balance-profile-1] display this
#
load-balance-profile 1
 l2 field smac dmac vlan
#
return

Hash algorithm is performed for broadcast packets on the downstream card. Based on the hash algorithm of each downstream card and the sequence in which member interfaces are added to Eth-trunk52, a unique interface is calculated for packet forwarding. The enhanced unknown unicast mode is configured for ARP broadcast packets, so the enhanced profile is used and the hash factor is SMAC+DMAC+VLAN. Packets are transmitted on the Eth-Trunk24 member interface of LPU 2 with the original VLAN ID of VLAN 189, and the packets match the VLAN stacking configuration of Eth-Trunk24. When the hash algorithm is performed, the HASH-KEY value is calculated based on SMAC+DMAC+VLAN189 on LPU 2 (the value is calculated based on the VLAN ID of the original packets). When the packets are broadcast to other downstream cards, the outer VLAN ID is VLAN 150 due to VLAN stacking on LPU 2, so the original VLAN ID identified by downstream cards is VLAN 150. As a result, the HASH-KEY value is calculated based on SMAC+DMAC+VLAN150 for other cards on Eth-Trunk52.

To conclude, the HASH-KEY values calculated on Eth-Trunk52 member interfaces of LPU 2 and other cards are different resulting in excessive packets or lost packets. In this case, packet loss occurs.

                          Step 4     Run the unknown-unicast load-balance  enhanced  lbid command on SwitchA, and the problem is solved.

In this mode, unknown unicast packets are forwarded to the uplink cards in route selection, so the HASH-KEY values are consistent and excessive packets or packet loss will not occur.

----End

Conclusions and Suggestions

The unknown-unicast load-balance  enhanced  lbid command needs to be configured when the following conditions are met:

1.       VLAN translation is configured on the inbound interface (the original VLAN ID is translated into another VLAN ID by configuring VLAN stacking, VLAN mapping, ACL policy, or dot1q-tunnel).

2.       The enhanced unknown unicast mode is configured globally and the VLAN ID is included in the enhanced profile.

3.       The outbound Eth-Trunk member interface and the inbound interface are on the same card, while other Eth-Trunk member interfaces are on the other cards.

  • x
  • convention:

Created Mar 12, 2018 15:51:53 Helpful(0) Helpful(0)

[All About Switches] An Access Switch Cannot Ping the Gateway When the Uplink and Downlink Interfaces of the Aggregation Switch Are Bound to Eth-Trunk-2632897-1thanks
  • x
  • convention:

Reply

Reply
You need to log in to reply to the post Login | Register

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!

Login and enjoy all the member benefits

Login
Fast reply Scroll to top