Users Cannot Access Gateway Problems

Hello everyone,

Today I will share with you how to deal with users cannot access gateway.

Physical Network Topology

Fault Description

As shown in the figure, two CE12800s are connected to each other. Each device is configured with a VLAN 100, and then VLANIF 100 is configured on VLAN 100. The IP addresses 100.1.1.1/16 and 100.1.1.2/16 are configured. The CE12800 is learned. After learning 64K ARP entries, some users cannot ping the gateway.

The server failed to ping the gateway IP address 100.1.1.1.

Configuration Files

CE12800

vlan batch 100

interface Vlanif100

 ip address 100.1.1.1 255.255.0.0

#

interface 10GE1/0/1

 port default vlan 100

arp static 100.1.1.3 0efc-0505-86e3 vlan 100 interface 10GE 1/0/2

arp static 100.1.1.4 0efc-0505-86e4 vlan 100 interface 10GE 1/0/2

arp static 100.1.1.5 0efc-0505-86e5 vlan 100 interface 10GE 1/0/2

arp static 100.1.1.6 0efc-0505-86e6 vlan 100 interface 10GE 1/0/2

arp static 100.1.1.7 0efc-0505-86e7 vlan 100 interface 10GE 1/0/2

arp static 100.1.1.8 0efc-0505-86e8 vlan 100 interface 10GE 1/0/2

arp static 100.1.1.9 0efc-0505-86e9 vlan 100 interface 10GE 1/0/2

Troubleshooting Location

Troubleshooting Procedure

Step 1 Check the alarm information on the device and find that the device has insufficient encapsulation table resources. The details are as follows:

[~HUAWEI] display alarm active verbose

Sequence: 329      

AlarmId: 0x95E2029             AlarmName : hwBoardResWarningThresholdExceed                               

AlarmType: quality_of_service    Severity: Warning          State: active

RootKindFlag: Independent          

StartTime   : 2018-02-03 11:56-08:00              

Description : The number of forwarding resources reaches the alarm threshold. (Slot = 1, Threshold = 100, Reason = 174, Description : The number of ARP exceeded the warning threshold.)

The information entry is on the device and the ARP resource forwarding table has been exhausted. As a result, the ARP cannot apply for the ARP forwarding resource entry.

Solution: When the number of users connected to the device is greater than 20000, and the user's MAC address is continuous (for example, when the device is connected to a virtual machine, the MAC address of the virtual machine is continuous), the ARP resource mode is modified from the global mode to the extended mode. The user reuses an IP address, restarts the device, and solves the problem.

Modify the ARP resource mode to extended mode.

<HUAWEI> system-view

[~HUAWEI] arpresource-mode extend

After the mode is modified, restart the device to ping the gateway device. The information is as follows:

Pinging 100.1.1.1 with 32 bytes of data:

Response from 100.1.1.1: Bytes = 32 Time = 1ms TTL = 254

Response from 100.1.1.1: Bytes = 32 Time = 1ms TTL = 254

Response from 100.1.1.1: Bytes = 32 Time = 1ms TTL = 254

Response from 100.1.1.1: Bytes = 32 Time = 1ms TTL = 254

Ping statistics for 100.1.1.1:

     Packet: Sent = 4, Received = 4, Lost = 0 (0% lost),

Estimated round trip time in milliseconds:

     Shortest = 48ms, longest = 49ms, average = 48ms

Root Cause

When there are excessive ARP entries on the device, the insufficient resources used by ARP will fail to apply, causing customers to access the gateway normally.

That is all I want to share with you! Thank you!