Hello everyone,
Today I will share with you how to deal with users cannot access gateway.
Physical Network Topology
Fault Description
As shown in the figure, two CE12800s are connected to each other. Each device is configured with a VLAN 100, and then VLANIF 100 is configured on VLAN 100. The IP addresses 100.1.1.1/16 and 100.1.1.2/16 are configured. The CE12800 is learned. After learning 64K ARP entries, some users cannot ping the gateway.
The server failed to ping the gateway IP address 100.1.1.1.
Configuration Files
CE12800
vlan batch 100
interface Vlanif100
ip address 100.1.1.1 255.255.0.0
#
interface 10GE1/0/1
port default vlan 100
arp static 100.1.1.3 0efc-0505-86e3 vlan 100 interface 10GE 1/0/2
arp static 100.1.1.4 0efc-0505-86e4 vlan 100 interface 10GE 1/0/2
arp static 100.1.1.5 0efc-0505-86e5 vlan 100 interface 10GE 1/0/2
arp static 100.1.1.6 0efc-0505-86e6 vlan 100 interface 10GE 1/0/2
arp static 100.1.1.7 0efc-0505-86e7 vlan 100 interface 10GE 1/0/2
arp static 100.1.1.8 0efc-0505-86e8 vlan 100 interface 10GE 1/0/2
arp static 100.1.1.9 0efc-0505-86e9 vlan 100 interface 10GE 1/0/2
Troubleshooting Location
Troubleshooting Procedure
Step 1 Check the alarm information on the device and find that the device has insufficient encapsulation table resources. The details are as follows:
[~HUAWEI] display alarm active verbose
Sequence: 329
AlarmId: 0x95E2029 AlarmName : hwBoardResWarningThresholdExceed
AlarmType: quality_of_service Severity: Warning State: active
RootKindFlag: Independent
StartTime : 2018-02-03 11:56-08:00
Description : The number of forwarding resources reaches the alarm threshold. (Slot = 1, Threshold = 100, Reason = 174, Description : The number of ARP exceeded the warning threshold.)
The information entry is on the device and the ARP resource forwarding table has been exhausted. As a result, the ARP cannot apply for the ARP forwarding resource entry.
Solution: When the number of users connected to the device is greater than 20000, and the user's MAC address is continuous (for example, when the device is connected to a virtual machine, the MAC address of the virtual machine is continuous), the ARP resource mode is modified from the global mode to the extended mode. The user reuses an IP address, restarts the device, and solves the problem.
Modify the ARP resource mode to extended mode.
<HUAWEI> system-view
[~HUAWEI] arpresource-mode extend
After the mode is modified, restart the device to ping the gateway device. The information is as follows:
Pinging 100.1.1.1 with 32 bytes of data:
Response from 100.1.1.1: Bytes = 32 Time = 1ms TTL = 254
Response from 100.1.1.1: Bytes = 32 Time = 1ms TTL = 254
Response from 100.1.1.1: Bytes = 32 Time = 1ms TTL = 254
Response from 100.1.1.1: Bytes = 32 Time = 1ms TTL = 254
Ping statistics for 100.1.1.1:
Packet: Sent = 4, Received = 4, Lost = 0 (0% lost),
Estimated round trip time in milliseconds:
Shortest = 48ms, longest = 49ms, average = 48ms
Root Cause
When there are excessive ARP entries on the device, the insufficient resources used by ARP will fail to apply, causing customers to access the gateway normally.
That is all I want to share with you! Thank you!
