أستكشاف أخطاء تدفق حركة مرور شرق-غرب إعادة توجيه SDA وإصلاحها
المحتويات
المقدمة
يوضح هذا المستند كيفية التحقق من تدفق حركة المرور من الشرق إلى الغرب كجزء من الوصول المعرف بواسطة البرنامج (SDA).
المتطلبات الأساسية
المتطلبات
توصي Cisco بأن تكون لديك معرفة بالمواضيع التالية:
- إعادة توجيه بروتوكول الإنترنت (IP)
- بروتوكول فصل المعرف/محدد الموقع (LISP)
المكونات المستخدمة
تستند المعلومات الواردة في هذا المستند إلى إصدارات البرامج والمكونات المادية التالية:
- C9000v على Cisco IOS® XE 17.10.1
- SDA 1.0 (ليس LISP PubSub)
تم إنشاء المعلومات الواردة في هذا المستند من الأجهزة الموجودة في بيئة معملية خاصة. بدأت جميع الأجهزة المُستخدمة في هذا المستند بتكوين ممسوح (افتراضي). إذا كانت شبكتك قيد التشغيل، فتأكد من فهمك للتأثير المحتمل لأي أمر.
المنتجات ذات الصلة
هذا وثيقة يستطيع أيضا كنت استعملت مع هذا جهاز وبرمجية صيغة:
- C9200
- C9300
- C9400
- C9500
- C9600
- Cisco IOS® XE 16.12 والإصدارات الأحدث
معلومات أساسية
يشير تدفق حركة مرور SDA من الشرق إلى الغرب إلى المفهوم حيث تريد نقطة نهاية ضمن بنية SDA الاتصال بنقطة نهاية أخرى داخل نفس البنية. هناك بعض المحاذير فيما يتعلق بما يعتبر ولا يعتبر تدفقا من الشرق إلى الغرب. ويمكن أن يكون تدفق حركة المرور من الشرق إلى الغرب على النحو التالي:
- نقاط النهاية الموجودة في الشبكة الفرعية نفسها (172.17.10.2 مع الاتصال ب 172.19.10.3) ويعتبر هذا امتدادا L2LISP
- نقاط النهاية التي تكون في ال نفسه VRF (VN) (172.19.10.2 تتحدث إلى 172.19.11.2 وكلا في VRF مجمع) هذا يعتبر L3 LISP
- نقطة النهاية الموجودة ضمن النسيج تتحدث إلى مضيف متصل بحدود L2 المنقولة، تماما مثل L2LISP
لا تشير تدفقات حركة المرور من الشرق إلى الغرب إلى هذه الأمثلة:
- نشأت حركة المرور من نسيج SDA إلى خارج النسيج، أي من الشمال إلى الجنوب
- لا يعتبر التوجيه بين شبكات VRF أيضا من الشرق إلى الغرب (نقطة نهاية في مجمع VRF، عنوان IP 172.19.10.2 يتحدث إلى نقطة نهاية في ضيف VRF، عنوان IP 172.19.11.2)
- مجالات SD-WAN المدمجة
- ترانزيت SDA
- صلة الحدود
- إكسترانت
المخطط
لأغراض هذا المثال، تعمل المحولات C9000v كحواف البنية والحدود المجمعة. تكون جميع نقاط النهاية ضمن نفس الشبكة الظاهرية (VN)، red_vn. توجد نقاط النهاية في 10.47.4.2 و 10.47.4.2 في الشبكة الفرعية نفسها، وتكون نقطة النهاية عند 10.47.10.2 في شبكة فرعية مختلفة ولكنها نفس شبكة VN.
التكوين
من المفترض أن يستخدم مركز بنية الشبكة الرقمية (DNA) من CiSco لتزويد بنية بنية بنية المحول الرقمي SDA بالإعدادات الافتراضية:
- تم تمكين امتداد الطبقة 2 (وهذا يفرض إعادة توجيه حركة المرور استنادا إلى عمليات بحث عنوان MAC بدلا من عمليات بحث عنوان IP).
- تم تعطيل تفيض الطبقة 2 (يؤدي هذا إلى تمكين ضغط ARP على الأجهزة الطرفية وتعلم ARP بواسطة LISP).
بعد إجراء ضم المضيف بشكل صحيح، يحتوي تكوين الواجهة على عدة أقسام:
تكوين واجهة حافة البنية (10.47.1.12):
interface GigabitEthernet1/0/3 switchport access vlan 1026 switchport mode access device-tracking attach-policy IPDT_POLICY spanning-tree portfast spanning-tree bpduguard enable end interface Vlan1026 description Configured from Cisco DNA-Center mac-address 0000.0c9f.f341 vrf forwarding red_vn ip address 10.47.4.1 255.255.255.0 ip helper-address 10.47.9.9 no ip redirects ip route-cache same-interface no lisp mobility liveness test lisp mobility red-IPV4 end
تكوين LISP لحافة البنية (10. 47. 1.12):
router lisp locator-table default locator-set rloc_222e1707-175d-4019-a783-060404f8bc2f IPv4-interface Loopback0 priority 10 weight 10 exit-locator-set
!
instance-id 4099 remote-rloc-probe on-route-change dynamic-eid red-IPV4 database-mapping 10.47.4.0/24 locator-set rloc_222e1707-175d-4019-a783-060404f8bc2f exit-dynamic-eid ! dynamic-eid red-helpdesk-IPV4 database-mapping 10.47.10.0/24 locator-set rloc_222e1707-175d-4019-a783-060404f8bc2f exit-dynamic-eid ! service ipv4 eid-table vrf red_vn map-cache 0.0.0.0/0 map-request sgt distribution sgt exit-service-ipv4 ! exit-instance-id
!
! instance-id 8190 remote-rloc-probe on-route-change service ethernet eid-table vlan 1026 database-mapping mac locator-set rloc_222e1707-175d-4019-a783-060404f8bc2f dynamic-eid detection multiple-addr bridged-vm exit-service-ethernet ! exit-instance-id ! instance-id 8192 remote-rloc-probe on-route-change service ethernet eid-table vlan 1028 database-mapping mac locator-set rloc_222e1707-175d-4019-a783-060404f8bc2f dynamic-eid detection multiple-addr bridged-vm exit-service-ethernet ! exit-instance-id
تكوين واجهة حافة البنية (10.47.1.13):
interface GigabitEthernet1/0/3 switchport access vlan 1026 switchport mode access device-tracking attach-policy IPDT_POLICY spanning-tree portfast spanning-tree bpduguard enable end ! interface GigabitEthernet1/0/5 switchport access vlan 1028 switchport mode access device-tracking attach-policy IPDT_POLICY spanning-tree portfast spanning-tree bpduguard enable end ! interface Vlan1026 description Configured from Cisco DNA-Center mac-address 0000.0c9f.f341 vrf forwarding red_vn ip address 10.47.4.1 255.255.255.0 ip helper-address 10.47.9.9 no ip redirects ip route-cache same-interface no lisp mobility liveness test lisp mobility red-IPV4 end ! interface Vlan1028 description Configured from Cisco DNA-Center mac-address 0000.0c9f.f800 vrf forwarding red_vn ip address 10.47.10.1 255.255.255.0 ip helper-address 10.47.9.9 no ip redirects ip route-cache same-interface no lisp mobility liveness test lisp mobility red-helpdesk-IPV4 end
تكوين LISP لحافة البنية (10.47.1.13)
router lisp locator-table default locator-set rloc_691b1fe4-5264-44c2-bb1b-0903b3eb2c51 IPv4-interface Loopback0 priority 10 weight 10 exit-locator-set ! instance-id 4099 remote-rloc-probe on-route-change dynamic-eid red-IPV4 database-mapping 10.47.4.0/24 locator-set rloc_691b1fe4-5264-44c2-bb1b-0903b3eb2c51 exit-dynamic-eid ! dynamic-eid red-helpdesk-IPV4 database-mapping 10.47.10.0/24 locator-set rloc_691b1fe4-5264-44c2-bb1b-0903b3eb2c51 exit-dynamic-eid ! service ipv4 eid-table vrf red_vn map-cache 0.0.0.0/0 map-request sgt distribution sgt exit-service-ipv4 ! exit-instance-id ! instance-id 8190 remote-rloc-probe on-route-change service ethernet eid-table vlan 1026 database-mapping mac locator-set rloc_691b1fe4-5264-44c2-bb1b-0903b3eb2c51 dynamic-eid detection multiple-addr bridged-vm exit-service-ethernet ! exit-instance-id ! instance-id 8192 remote-rloc-probe on-route-change service ethernet eid-table vlan 1028 database-mapping mac locator-set rloc_691b1fe4-5264-44c2-bb1b-0903b3eb2c51 dynamic-eid detection multiple-addr bridged-vm exit-service-ethernet ! exit-instance-id
التحقق من انضمام المضيف
وكجزء من عملية إستيعاب المضيف، تم إنشاء العديد من الهياكل:
إدخال تعقب جهاز IPDT / IP
بعد ضم المضيف بنجاح، يوجد إدخال صالح في جدول تعقب جهاز IP (IPDT) ويتم تمييز المضيف النهائي على أنه قابل للوصول:
Edge-1#show device-tracking database interface g1/0/3
portDB has 2 entries for interface Gi1/0/3, 2 dynamic
Codes: L - Local, S - Static, ND - Neighbor Discovery, ARP - Address Resolution Protocol, DH4 - IPv4 DHCP, DH6 - IPv6 DHCP, PKT - Other Packet, API - API created
Preflevel flags (prlvl):
0001:MAC and LLA match 0002:Orig trunk 0004:Orig access
0008:Orig trusted trunk 0010:Orig trusted access 0020:DHCP assigned
0040:Cga authenticated 0080:Cert authenticated 0100:Statically assigned
Network Layer Address Link Layer Address Interface vlan prlvl age state Time left
DH4 10.47.4.2 5254.0019.93e9 Gi1/0/3 1026 0024 3mn REACHABLE 28 s try 0(15198 s)
إدخال MAC / ARP
عند تسجيل المضيف النهائي بنجاح، يمكنه إختبار اتصال البوابة الافتراضية (أو يمكن سحبه من البوابة الافتراضية إذا لم يتم تثبيت أي جدار حماية على نقطة النهاية التي تمنع هذا الاتصال):
Edge-1#ping vrf red_vn 10.47.4.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.47.4.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 142/150/161 ms
على عقدة الحافة، هناك عنوان MAC، بالإضافة إلى إدخال ARP المتوافق في الجدول (في VRF):
Edge-1#show mac address-table interface g1/0/3
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1026 5254.0019.93e9 DYNAMIC Gi1/0/3
Total Mac Addresses for this criterion: 1
Edge-1#show ip arp vrf red_vn
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.47.4.1 - 0000.0c9f.f341 ARPA Vlan1026
Internet 10.47.4.2 1 5254.0019.93e9 ARPA Vlan1026
Internet 10.47.10.1 - 0000.0c9f.f800 ARPA Vlan1028
برنامج FED لبرمجة عناوين MAC**
للتحقق من عنوان MAC في FED أستخدم الأمر show platform software fed switch active matm macTable vlan <vlan id> mac <mac address>
Edge-1#show platform software fed switch active matm macTable vlan 1026 mac 5254.0019.93e9 VLAN MAC Type Seq# EC_Bi Flags machandle siHandle riHandle diHandle *a_time *e_time ports Con ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ 1026 5254.0019.93e9 0x1 9 0 0 0x7f65ec7bda68 0x7f65ec7c21f8 0x0 0x7f65ec6e1368 300 7 GigabitEthernet1/0/3 Yes ======platform hardware details ====== Asic: 0 htm-handle = 0x7f65ec95dc68 MVID = 7 gpn = 1 SI = 0xc3 RI = 0x25 DI = 0x526e DI = 0x526e pmap = 0x00000000 0x00000004 pmap_intf : [GigabitEthernet1/0/3] Asic: 1 SI = 0xc3 RI = 0x25 DI = 0x526e DI = 0x526e pmap = 0x00000000 0x00000000
**برمجة Mac Address**
قم بأخذ قيمة MacHandle من الأمر السابق (0x7f65ec7bda68) واستخدم في show platform hardware fed switch active fwd-asic tracaction print-resource-handle <macHandle> 1
Edge-1#show platform hardware fed switch active fwd-asic abstraction print-resource-handle 0x7f65ec7bda68 1
Handle:0x7f65ec7bda68 Res-Type:ASIC_RSC_HASH_TCAM Res-Switch-Num:0 Asic-Num:255 Feature-ID:AL_FID_L2 Lkp-ftr-id:LKP_FEAT_L2_SRC_MAC_VLAN ref_count:1
priv_ri/priv_si Handle: (nil)Hardware Indices/Handles: handle [ASIC: 0]: 0x7f65ec95dc68
Features sharing this resource:Cookie length: 12
19 00 54 52 e9 93 07 80 07 00 00 00
Detailed Resource Information (ASIC_INSTANCE# 0)
----------------------------------------
Number of HTM Entries: 1
Entry 0: (handle 0x7f65ec95dc68)
Absolute Index: 6778
Time Stamp: 4
KEY - vlan:7 mac:0x5254001993e9 l3_if:0 gpn:3 epoch:0 static:0 flood_en:0 vlan_lead_wless_flood_en: 0 client_home_asic: 0 learning_peerid 0, learning_peerid_valid 0 lvx:1
MASK - vlan:0 mac:0x0 l3_if:0 gpn:0 epoch:0 static:0 flood_en:0 vlan_lead_wless_flood_en: 0 client_home_asic: 0 learning_peerid 0, learning_peerid_valid 0 lvx:0
SRC_AD - need_to_learn:0 lrn_v:0 catchall:0 static_mac:0 chain_ptr_v:0 chain_ptr: 0 static_entry_v:0 auth_state:0 auth_mode:0 auth_behavior_tag:0 traf_m:0 is_src_ce:0
DST_AD - si:0xb7 bridge:0 replicate:0 blk_fwd_o:0 v4_rmac:0 v6_rmac:0 catchall:0 ign_src_lrn:0 port_mask_o:0 afd_cli_f:0 afd_lbl:0 prio:3 dest_mod_idx:0 destined_to_us:0 pv_trunk:0 smr:0
==============================================================
**التحقق من MVID**
الرقم 7 في الإخراج السابق هو معرف VLAN المعين (MVID) في الأجهزة. للتحقق من مطابقتها لشبكة VLAN "الحقيقية"، أستخدم show platform software fed switch active vlan <vlan number>
Edge-1#show platform software fed switch active vlan 1026 VLAN Fed Information Vlan Id IF Id LE Handle STP Handle L3 IF Handle SVI IF ID MVID ----------------------------------------------------------------------------------------------------------------------- 1026 0x0000000000420011 0x00007f65ec6a08b8 0x00007f65ec6a1138 0x00007f65ec77e838 0x000000000000001d 7
**التحقق من رقم المنفذ العالمي (GPN)**
لربط GPN بواجهة "حقيقية"، أستخدم الأمر show platform software fed switch active ifm mapping gpn
Edge-1#show platform software fed switch active ifm mappings gpn
Mappings Table
GPN Interface IF_ID IF_TYPE
--------------------------------------------------------------------------------------------------
1 GigabitEthernet1/0/1 0x0000001a ETHER
2 GigabitEthernet1/0/2 0x0000001b ETHER
3 GigabitEthernet1/0/3 0x0000000b ETHER <-- GPN 3 lines up with the expected Egress interface
**برمجة عنوان MAC**
الحصول على قيمة siHandle من الأمر السابق (0x7f65ec7c21f8) واستخدامها في show platform يتم تغذية جهاز المحول بمحول نشط من FWD-ASIC مجردة مطبوعة-resource-handle <si_handle> 1
Edge-1#show platform hardware fed switch active fwd-asic abstraction print-resource-handle 0x7f65ec7c21f8 1
Handle:0x7f65ec7c21f8 Res-Type:ASIC_RSC_SI Res-Switch-Num:255 Asic-Num:255 Feature-ID:AL_FID_L3_UNICAST_IPV4 Lkp-ftr-id:LKP_FEAT_INVALID ref_count:2
priv_ri/priv_si Handle: 0x7f65ec7c2498Hardware Indices/Handles: index0:0xc3 mtu_index/l3u_ri_index0:0x0 index1:0xc3 mtu_index/l3u_ri_index1:0x0
Features sharing this resource:66 (1)]
57 (1)]
Cookie length: 56
00 00 00 00 00 00 00 00 02 04 00 00 00 00 00 00 00 00 00 00 07 00 52 54 00 19 93 e9 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Detailed Resource Information (ASIC_INSTANCE# 0)
----------------------------------------
Station Index (SI) [0xc3] <-- Station Index is comprised of the Rewrite Index (RI) and Destination Index (DI) RI = 0x25 <-- Rewrite Index contains the forwarding information DI = 0x526e <-- Destination Index contains information related to the outgoing interface
stationTableGenericLabel = 0
stationFdConstructionLabel = 0x7
lookupSkipIdIndex = 0
rcpServiceId = 0
dejaVuPreCheckEn = 0x1
Replication Bitmap: LD <-- Local Data (LD) indicates that the destination is on this ASIC
Detailed Resource Information (ASIC_INSTANCE# 1)
----------------------------------------
Station Index (SI) [0xc3] <-- Station Index is comprised of the Rewrite Index (RI) and Destination Index (DI) RI = 0x25 <-- Rewrite Index contains the forwarding information DI = 0x526e <-- Destination Index contains information related to the outgoing interface
stationTableGenericLabel = 0
stationFdConstructionLabel = 0x7
lookupSkipIdIndex = 0
rcpServiceId = 0
dejaVuPreCheckEn = 0x1
Replication Bitmap: CD <-- Core Data (CD) indicates that the destination is on the same ASIC, different core ==============================================================
**التحقق من صحة فهرس إعادة كتابة عنوان MAC**
خذ قيمة RI من الأمر السابق (0x25) واستخدم في show platform hardware fed مفتاح نشط مورد ASIC كل rewrite-index مدى <RI> <RI>
Edge-1#show platform hardware fed switch active fwd-asic resource asic all rewrite-index range 0x25 0x25
ASIC#:0 RI:37 Rewrite_type:AL_RRM_REWRITE_L3_UNICAST_IPV4_SHARED(1) Mapped_rii:L3_UNICAST_IPV4(9)
MAC Addr: MAC Addr: 52:54:00:19:93:e9,
L3IF LE Index 41
ASIC#:0 RI:38 Rewrite_type:AL_RRM_REWRITE_L3_UNICAST_IPV4_SHARED(1) Mapped_rii:L3_UNICAST_IPV4(9)
MAC Addr: MAC Addr: 01:00:5e:00:00:00,
L3IF LE Index 40
ASIC#:0 RI:39 Rewrite_type:AL_RRM_REWRITE_L3_UNICAST_IPV4_SHARED(1) Mapped_rii:L3_UNICAST_IPV4(9)
MAC Addr: MAC Addr: 52:54:00:00:50:17,
L3IF LE Index 40
ASIC#:1 RI:37 Rewrite_type:AL_RRM_REWRITE_L3_UNICAST_IPV4_SHARED(1) Mapped_rii:L3_UNICAST_IPV4(9)
MAC Addr: MAC Addr: 52:54:00:19:93:e9,
L3IF LE Index 41
ASIC#:1 RI:38 Rewrite_type:AL_RRM_REWRITE_L3_UNICAST_IPV4_SHARED(1) Mapped_rii:L3_UNICAST_IPV4(9)
MAC Addr: MAC Addr: 01:00:5e:00:00:00,
L3IF LE Index 40
ASIC#:1 RI:39 Rewrite_type:AL_RRM_REWRITE_L3_UNICAST_IPV4_SHARED(1) Mapped_rii:L3_UNICAST_IPV4(9)
MAC Addr: MAC Addr: 52:54:00:00:50:17,
L3IF LE Index 40
**التحقق من صحة فهرس وجهة عنوان MAC**
خذ قيمة DI من الأمر السابق (0x526e) واستخدم في show platform جهاز fed مفتاح نشط مورد asic كل غاية-index مدى <di> <di>
Edge-1#show platform hardware fed switch active fwd-asic resource asic all destination-index range 0x526e 0x526e
ASIC#0:
Destination index = 0x526e
pmap = 0x00000000 0x00000004 <-- Convert decimal 4 to binary, which is 0100. Count this binary right to left, zero-based, so Port 2. pmap_intf : [GigabitEthernet1/0/3]
cmi = 0x0
rcp_pmap = 0x0
al_rsc_cmi
CPU Map Index (CMI) [0]
ctiLo0 = 0
ctiLo1 = 0
ctiLo2 = 0
cpuQNum0 = 0
cpuQNum1 = 0
cpuQNum2 = 0
npuIndex = 0
stripSeg = 0
copySeg = 0
ASIC#1:
Destination index = 0x526e
pmap = 0x00000000 0x00000000
cmi = 0x0
rcp_pmap = 0x0
al_rsc_cmi
CPU Map Index (CMI) [0]
ctiLo0 = 0
ctiLo1 = 0
ctiLo2 = 0
cpuQNum0 = 0
cpuQNum1 = 0
cpuQNum2 = 0
npuIndex = 0
stripSeg = 0
copySeg = 0
**التحقق من المنفذ**
لربط المنفذ الذي تم الاطلاع عليه مسبقا، أستخدم تعيينات IFM النشطة للمحول الأساسي commandShow platform software وانظر إلى عمود المنفذ.
Edge-1#show platform software fed switch active ifm mappings ------------------ show platform software fed switch active ifm mappings ------------------ Interface IF_ID Inst Asic Core Port SubPort Mac Cntx LPN GPN Type Active GigabitEthernet1/0/1 0x1a 0 0 0 0 0 1 0 1 1 NIF Y GigabitEthernet1/0/2 0x1b 0 0 0 1 0 2 1 2 2 NIF Y GigabitEthernet1/0/3 0xb 0 0 0 2 0 3 2 3 3 NIF Y <-- Matches port 2 from previous output
**التحقق من عنوان MAC الخاص بالأجهزة التي تم تغذيتها**
يتطابق هذا الإخراج في سيناريو عمل/مثالي مع ما يوفره فك MacHandle.
Edge-1#show platform hardware fed switch active matm macTable vlan 1026 mac 5254.0019.93e9 HEAD: MAC address 5254.0019.93e9 in VLAN 1026 KEY: vlan 7, mac 0x5254001993e9, l3_if 0, gpn 3, epoch 0, static 0, flood_en 0, vlan_lead_wless_flood_en 0, client_home_asic 0, learning_peerid 0, learning_peerid_valid 0 MASK: vlan 0, mac 0x0, l3_if 0, gpn 0, epoch 0, static 0, flood_en 0, vlan_lead_wless_flood_en 0, client_home_asic 0 learning_peerid 0, learning_peerid_valid 0 SRC_AD: need_to_learn 0, lrn_v 0, catchall 0, static_mac 0, chain_ptr_v 0, chain_ptr 0, static_entry_v 0, auth_state 0, auth_mode 0, traf_mode 0, is_src_ce 0 DST_AD: si 0xb7, bridge 0, replicate 0, blk_fwd_o 0, v4_mac 0, v6_mac 0, catchall 0, ign_src_lrn 0, port_mask_o 0, afd_cli_f 0, afd_lbl 0, priority 3, dest_mod_idx 0, destined_to_us 0, pv_trunk 0 Total Mac number of addresses:: 1
- معرف شبكة VLAN في الأجهزة (MVID) هو 7
- عنوان MAC: 5254.0019.93e9
- شبكة GPN: 3
إدخال LISP
بعد إنشاء إدخالات LISP الخاصة بضم المضيف الناجح إلى المضيف النهائي محليا على عقدة Edge، بالإضافة إلى تسجيلها على عقد التحكم (LISP MSMR. - خادم خريطة LISP / محلل الخريطة). يجب إجراء جميع فحوصات LISP فيما يتعلق بنطاق معرف مثيل محدد يمكن فحصه بالنسبة إلى L2 و L3:
Edge-1#show vlan id 1026 VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1026 red active L2LI0:8190, Gi1/0/3 <-- L2 LISP Instance ID tied to VLAN 1026
**التحقق من قاعدة بيانات LISP من المستوى الثاني**
للتحقق من قاعدة بيانات L2 LISP، أستخدم الأمر show lisp instance-id <L2 LISP IID> قاعدة بيانات إيثرنت <mac address>
Edge-1#show lisp instance-id 8190 ethernet database 5254.0019.93e9 LISP ETR MAC Mapping Database for LISP 0 EID-table Vlan 1026 (IID 8190), LSBs: 0x1 Entries total 1, no-route 0, inactive 0, do-not-register 2 5254.0019.93e9/48, dynamic-eid Auto-L2-group-8190, inherited from default locator-set rloc_222e1707-175d-4019-a783-060404f8bc2f -----> Endpoint MAC Uptime: 2d17h, Last-change: 2d17h Domain-ID: local Service-Insertion: N/A Locator Pri/Wgt Source State 10.47.1.12 10/10 cfg-intf site-self, reachable -----> Our own RLOC Map-server Uptime ACK Domain-ID 10.47.1.10 1d11h Yes 0 -----> RLOC of upstream collocated border 10.47.1.11 2d17h Yes 0 -----> RLOC of upstream collocated border
**التحقق من قاعدة بيانات تحليل العنوان (AR) في المستوى الثاني من LISP**
للتحقق من قاعدة بيانات LISP L2 AR، أستخدم الأمر show lisp instance-id <LISP L2 IID> عنوان قاعدة بيانات الإيثرنت - دقة عنوان <mac address>
Edge-1#show lisp instance-id 8190 ethernet database address-resolution 5254.0019.93e9 LISP ETR Address Resolution for LISP 0 EID-table Vlan 1026 (IID 8190) (*) -> entry being deleted Hardware Address L3 InstID Host Address 5254.0019.93e9 4099 10.47.4.2/32 <-- Endpoint MAC Address, LISP L3 Instance ID, Endpoint IPv4 Address, respectively
**ترميز قاعدة بيانات LISP L3**
للتحقق من قاعدة بيانات LISP L3، أستخدم الأمر show lisp instance-id <LISP L3 IID> IPv4 قاعدة بيانات <ip address/subnet mask>
Edge-1#show lisp instance-id 4099 ipv4 database 10.47.4.2/32 LISP ETR IPv4 Mapping Database for LISP 0 EID-table vrf red_vn (IID 4099), LSBs: 0x1 Entries total 1, no-route 0, inactive 0, do-not-register 1 10.47.4.2/32, dynamic-eid red-IPV4, inherited from default locator-set rloc_222e1707-175d-4019-a783-060404f8bc2f -----> Endpoint IPv4 Address Uptime: 2d18h, Last-change: 2d18h Domain-ID: local Service-Insertion: N/A Locator Pri/Wgt Source State 10.47.1.12 10/10 cfg-intf site-self, reachable -----> Our own RLOC Map-server Uptime ACK Domain-ID 10.47.1.10 1d11h Yes 0 -----> RLOC of upstream collocated border 10.47.1.11 2d17h Yes 0 -----> RLOC of upstream collocated border
**التحقق من CEF**
للتحقق من CEF، أستخدم الأمر show ip cef vrf <vrf name> <ip address> داخلي
Edge-1#show ip cef vrf red_vn 10.47.4.2 internal
10.47.4.2/32, epoch 1, flags [att, sc], RIB[D], refcnt 6, per-destination sharing
sources: RIB, Adj, IPL
feature space:
IPRM: 0x00058000
Broker: linked, distributed at 3rd priority
subblocks:
SC owned,sourced: LISP local EID -
SC inherited: LISP remote EID - locator status bits 0x00000000
SC inherited: LISP cfg dyn-EID - LISP configured dynamic-EID
LISP EID attributes: localEID Yes, c-dynEID Yes, d-dynEID Yes, a-dynEID No
SC owned,sourced: LISP generalised SMR - [disabled, not inheriting, 0x7F06D0A67E40 locks: 1]
Adj source: IP adj out of Vlan1026, addr 10.47.4.2 7F06D300B738
Dependent covered prefix type adjfib, cover 10.47.4.0/24
2 IPL sources [no flags]
ifnums:
Vlan1026(29): 10.47.4.2
path list 7F06CEE8D720, 3 locks, per-destination, flags 0x49 [shble, rif, hwcn]
path 7F06D0A900C8, share 1/1, type attached nexthop, for IPv4
nexthop 10.47.4.2 Vlan1026, IP adj out of Vlan1026, addr 10.47.4.2 7F06D300B738
output chain:
IP adj out of Vlan1026, addr 10.47.4.2 7F06D300B738
بالإضافة إلى إدخالات LISP المحلية على عقدة حافة SDA، تحتوي عقد التحكم في SDA (LISP MS/MR) أيضا على معلومات إضافية حول نقاط النهاية:
التحقق من خادم L2 LISP الحدودي المجمع:
للتحقق من خادم L2 LISP، أستخدم الأمر show lisp instance-id <L2 LISP IID> خادم الإيثرنت <MAC Address>
Border-1#show lisp instance-id 8190 ethernet server 5254.0019.93e9
LISP Site Registration Information
Site name: site_uci
Description: map-server configured from Cisco DNA-Center
Allowed configured locators: any
Requested EID-prefix:
EID-prefix: 5254.0019.93e9/48 instance-id 8190 <-- Endpoint MAC Address
First registered: 2w5d
Last registered: 3d16h
Routing table tag: 0
Origin: Dynamic, more specific of any-mac
Merge active: No
Proxy reply: Yes
Skip Publication: No
Force Withdraw: No
TTL: 1d00h
State: complete
Extranet IID: Unspecified
Registration errors:
Authentication failures: 0
Allowed locators mismatch: 0
ETR 10.47.1.12:21038, last registered 3d16h, proxy-reply, map-notify <-- Egress Tunnel Router (Fabric Edge IP address)
TTL 1d00h, no merge, hash-function sha1
state complete, no security-capability
nonce 0xB60C4314-0x97BB332D
xTR-ID 0xAB3179F6-0xC774F22C-0x00F2C82E-0x3A66738D
site-ID unspecified
Domain-ID local
Multihoming-ID unspecified
sourced by reliable transport
Locator Local State Pri/Wgt Scope
10.47.1.12 yes up 10/10 IPv4 none <--(Fabric Edge IP address)
التحقق من خادم دقة عنوان LISP (AR) الحد المضمن:
للتحقق من خادم L2 LISP AR أستخدم الأمر show lisp instance-id <LISP L2 IID> دقة عنوان خادم الإيثرنت <IP address>
للتحقق من محفوظات التسجيل، أستخدم الأمر show lisp instance-id <LISP L2 IID> عنوان خادم الإيثرنت - دقة وضوح <IP Address> التسجيل-history
Border-1#show lisp instance-id 8190 ethernet server address-resolution 10.47.4.2 Address-resolution data for router lisp 0 instance-id 8190 Site name: site_uci Host Address: 10.47.4.2/32 Hardware Address: 5254.0019.93e9 First registered: 2w5d Last registered: 3d16h Registration errors: Authentication failures: 0 ETR 10.47.1.12:21038 Last registered: 3d16h TTL: 1d00h xTR-ID: 0xAB3179F6-0xC774F22C-0x00F2C82E-0x3A66738D Site-ID: unspecified Registered addr: 5254.0019.93e9 L3 Instance ID: 4099
Border-1#show lisp instance-id 8190 ethernet server address-resolution 10.47.4.2 registration-history Map-Server registration history Roam = Did host move to a new location? WLC = Did registration come from a Wireless Controller? Prefix qualifier: + = Register Event, - = Deregister Event, * = AR register event Timestamp (UTC) Instance Proto Roam WLC Source EID prefix / Locator *Sep 29 16:50:27.762 8190 TCP No No 10.47.1.12 +*10.47.4.2/32 / 5254.0019.93e9 *Oct 1 21:05:11.086 8190 TCP No No 10.47.1.12 +*10.47.4.2/32 / 5254.0019.93e9 *Oct 2 06:51:11.882 8190 TCP No No 10.47.1.12 +*10.47.4.2/32 / 5254.0019.93e9 *Oct 3 00:56:33.642 8190 TCP No No 10.47.1.12 +*10.47.4.2/32 / 5254.0019.93e9 *Oct 3 01:53:45.934 8190 TCP No No 10.47.1.12 +*10.47.4.2/32 / 5254.0019.93e9 *Oct 6 04:36:08.685 8190 TCP No No 10.47.1.12 +*10.47.4.2/32 / 5254.0019.93e9
التحقق من خادم L3 LISP الحدودي المجمع
للتحقق من خادم L3 LISP، أستخدم الأمر show lisp instance-id <LISP L3 IID> IPv4 server <IP address>
للتحقق من محفوظات تسجيل خادم L3 LISP، أستخدم الأمر show lisp instance-id <LISP L3 IID> IPv4 server <IP Address> register-history
Border-1#show lisp instance-id 4099 ipv4 server 10.47.4.2
LISP Site Registration Information
Site name: site_uci
Description: map-server configured from Cisco DNA-Center
Allowed configured locators: any
Requested EID-prefix:
EID-prefix: 10.47.4.2/32 instance-id 4099
First registered: 2w5d
Last registered: 02:39:39
Routing table tag: 0
Origin: Dynamic, more specific of 10.47.4.0/24
Merge active: No
Proxy reply: Yes
Skip Publication: No
Force Withdraw: No
TTL: 1d00h
State: complete
Extranet IID: Unspecified
Registration errors:
Authentication failures: 0
Allowed locators mismatch: 0
ETR 10.47.1.12:21038, last registered 02:39:39, proxy-reply, map-notify
TTL 1d00h, no merge, hash-function sha1
state complete, no security-capability
nonce 0x128CB668-0xF7B85F77
xTR-ID 0xAB3179F6-0xC774F22C-0x00F2C82E-0x3A66738D
site-ID unspecified
Domain-ID local
Multihoming-ID unspecified
sourced by reliable transport
Locator Local State Pri/Wgt Scope
10.47.1.12 yes up 10/10 IPv4 none
Border-1#show lisp instance-id 4099 ipv4 server 10.47.4.2/32 registration-history
Map-Server registration history
Roam = Did host move to a new location?
WLC = Did registration come from a Wireless Controller?
Prefix qualifier: + = Register Event, - = Deregister Event, * = AR register event
Timestamp (UTC) Instance Proto Roam WLC Source
EID prefix / Locator
*Oct 6 04:36:01.548 4099 UDP No No 10.47.1.12
+ 10.47.4.2/32
*Oct 6 04:36:08.686 4099 TCP No No 10.47.1.12
+ 10.47.4.2/32
*Oct 9 18:35:48.058 4099 TCP No No 10.47.1.12
+ 10.47.4.2/32
دقة ARP في SDA
يفترض أن Cisco Catalyst Center استعملت أن يزود SDA بناء مع عملية إعداد افتراضي. هذا يعني أنه تم تمكين ملحق الطبقة 2 وأن كل حركة المرور داخل البنية (في شبكة VLAN / VN نفسها) تتم إعادة توجيهها بناء على عمليات بحث عناوين MAC / مثيل إيثرنت ل LISP، بدلا من عمليات بحث عناوين IP / مثيل LISP IP.
من منظور أستكشاف الأخطاء وإصلاحها، قد يكون من المفيد تكوين إدخالات ARP الثابتة على كلا المضيفين للتحقق بسرعة مما إذا كانت المشكلة متعلقة بالاتصال العام في البنية (في هذه الحالة لا يعمل إختبار الاتصال بين الأجهزة المضيفة) أو فقط بدقة ARP.
تستفيد عملية ARP في بنية SDA من LISP لحل تحديد الأجهزة المضيفة وموقعها، كما تختلف عن سلوك ARP في بيئات التوجيه/التحويل التقليدية.
الخطوة 1: ترسل نقطة نهاية البنية طلب ARP لتحديد ربط MAC/IP لنقطة نهاية البنية الأخرى
يمكن تكوين التقاط الحزمة على واجهة الدخول لتأكيد تلقي حزمة ARP من المضيف:
Edge-1#monitor capture 1 interface g1/0/3 in match any
Edge-1#mon cap 1 start
Started capture point : 1
Edge-1#mon cap 1 stop
Capture statistics collected at software:
Capture duration - 22 seconds
Packets received - 13
Packets dropped - 0
Packets oversized - 0
Number of Bytes dropped at asic not collected
Capture buffer will exists till exported or cleared
Stopped capture point : 1
Edge-1#show monitor capture 1 buffer brief
Starting the packet display ........ Press Ctrl + Shift + 6 to exit
1 0.000000 52:54:00:19:93:e9 -> ff:ff:ff:ff:ff:ff ARP 60 Who has 10.47.4.3? Tell 10.47.4.2
2 1.028893 52:54:00:19:93:e9 -> ff:ff:ff:ff:ff:ff ARP 60 Who has 10.47.4.3? Tell 10.47.4.2
3 2.058244 52:54:00:19:93:e9 -> ff:ff:ff:ff:ff:ff ARP 60 Who has 10.47.4.3? Tell 10.47.4.2
Edge-1#show monitor capture 1 buffer display-filter arp detailed
Starting the packet display ........ Press Ctrl + Shift + 6 to exit
Frame 1: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface /tmp/epc_ws/wif_to_ts_pipe, id 0
Interface id: 0 (/tmp/epc_ws/wif_to_ts_pipe)
Interface name: /tmp/epc_ws/wif_to_ts_pipe
Encapsulation type: Ethernet (1)
Arrival Time: Oct 10, 2023 14:52:03.659290000 UTC
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1696949523.659290000 seconds
[Time delta from previous captured frame: 0.000000000 seconds]
[Time delta from previous displayed frame: 0.000000000 seconds]
[Time since reference or first frame: 0.000000000 seconds]
Frame Number: 1
Frame Length: 60 bytes (480 bits)
Capture Length: 60 bytes (480 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:arp]
Ethernet II, Src: 52:54:00:19:93:e9 (52:54:00:19:93:e9), Dst: ff:ff:ff:ff:ff:ff (ff:ff:ff:ff:ff:ff) <-- SMAC/DMAC respectively
Destination: ff:ff:ff:ff:ff:ff (ff:ff:ff:ff:ff:ff)
Address: ff:ff:ff:ff:ff:ff (ff:ff:ff:ff:ff:ff)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast)
Source: 52:54:00:19:93:e9 (52:54:00:19:93:e9)
Address: 52:54:00:19:93:e9 (52:54:00:19:93:e9)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: ARP (0x0806)
Padding: 000000000000000000000000000000000000
Address Resolution Protocol (request)
Hardware type: Ethernet (1)
Protocol type: IPv4 (0x0800)
Hardware size: 6
Protocol size: 4
Opcode: request (1)
Sender MAC address: 52:54:00:19:93:e9 (52:54:00:19:93:e9)
Sender IP address: 10.47.4.2
Target MAC address: 00:00:00:00:00:00 (00:00:00:00:00:00)
Target IP address: 10.47.4.3
الخطوة 2. تستهلك عقدة Edge حزمة ARP وتقوم بإنشاء طلب LISP لتحديد عنوان MAC الخاص ب Host-02.
يرسل Edge-1 طلب خريطة LISP لحل عنوان MAC الخاص ب 10.47.4.3 إلى مستويات التحكم في LISP (الحدود المجمعة):
Edge-1#debug lisp control-plane all
Edge-1#debug l2lisp all
LISP[REMT ]-0: Map Request: Delay is over for IID 8190 EID 10.47.4.3/32, requester 'AR'. LISP[REMT ]-0 IID 8190: Schedule processing of Map-Requests from 'remote EID prefix' in IPv4. LISP[REMT ]-0: Map Request: Sending request for IID 8190 EID 10.47.4.3/32, requester 'AR'.
الخطوة 3. تتلقى Control Node طلب LISP لتعيين IP/MAC وترسل إستجابة مرة أخرى إلى عقدة SDA Edge
يتم تلقي طلب خريطة LISP من Fabric Edge والاستجابة باستخدام رد على خريطة LISP باستخدام عنوان MAC الذي يرتبط ب 10.47.4.3
Border-1#debug lisp control-plane all
Border-1#debug l2lisp all
LISP[TRNSP]-0: Processing received Map-Request(1) message on GigabitEthernet1/0/3 from 10.47.4.3:4342 to 10.47.4.3:4342. LISP[MR ]-0: Received Map-Request with 1 records, first EID IID 8190 10.47.4.3/32, source EID UNSPEC, nonce 0x73F75F36-0x061CAF58. LISP[MR ]-0 IID 8190 Eth-ARP: MS EID 10.47.4.3/32: Sending proxy reply to 10.47.1.12.
تستجيب لوحة التحكم في LISP باستخدام "رد وكيل" استنادا إلى إدخال دقة العنوان المخزن في قاعدة البيانات المحلية الخاصة بها
Border-1#show lisp instance-id 8190 ethernet server address-resolution 10.47.4.3 Address-resolution data for router lisp 0 instance-id 8190 Site name: site_uci Host Address: 10.47.4.3/32 Hardware Address: 5254.001e.ad00 First registered: 21:11:17 Last registered: 21:11:17 Registration errors: Authentication failures: 0 ETR 10.47.1.13:16056 Last registered: 21:11:17 TTL: 1d00h xTR-ID: 0x8CEE6478-0x9358E248-0xE935FF07-0x8C3C5450 Site-ID: unspecified Registered addr: 5254.001e.ad00 L3 Instance ID: 4099
الخطوة 4. تستلم عقدة Edge رد LISP بعنوان MAC 10.47.4.3
يتم تلقي رد وكيل LISP بواسطة عقدة Fabric Edge:
LISP[REMT ]-0: Processing Map-Reply mapping record for IID 8190 MAC 5254.001e.ad00/48 LCAF 2, ttl 1440, action none, not authoritative, 1 locator. LISP[REMT ]-0: Processing mapping information for EID prefix IID 8190 5254.001e.ad00/48.
الخطوة 5. ترسل عقدة Edge حزمة طلب خريطة LISP لتحديد موقع RLOC لعنوان MAC
بعد الإكمال الناجح للخطوات الثلاث الأولى، تعرف Edge Node عنوان MAC على 10.47.4.3 الذي تم إنشاء ARP له في البداية. مع تمكين امتداد الطبقة 2، لا ترد عقدة Edge بهذه المعلومات مرة أخرى على 10.47.4.2، بل تستخدمها بدلا من ذلك لتحديد موقع RLOC لحافة عقدة الخروج، حتى يمكنها إعادة توجيه ARP نحو 10.47.4.3 كما في شبكة الطبقة 2 التقليدية.
ولهذا السبب، تقوم Edge Node بإنشاء حزمة طلب خريطة LISP أخرى في مثيل الإيثرنت، وفي هذه المرة تطلب معلومات RLOC لعنوان MAC الخاص ب 10.47.4.2:
Edge-1#debug lisp control-plane all
Edge-1#debug l2lisp all
*Oct 10 17:01:41.430: LISP[REMT ]-0 IID 8190: Schedule processing of Map-Requests from 'remote EID prefix' in IPv4. *Oct 10 17:01:41.430: LISP[REMT ]-0: Map Request: Sending request for IID 8190 EID 5254.001e.ad00/48, requester 'remote EID prefix'
الخطوة 6: يتم تلقي حزمة طلب خريطة LISP بواسطة عقدة التحكم لتحديد موقع RLOC لعنوان MAC
تتلقى Control Node حزمة LISP وترد عليها استنادا إلى حالة قاعدة البيانات المحلية الخاصة بها
Border-1#debug lisp control-plane all Border-1#debug l2lisp all *Oct 10 16:04:42.055: LISP[MR ]-0 IID 8190 Eth-ARP: MS EID 10.47.4.3/32: Sending proxy reply to 10.47.1.12. *Oct 10 16:04:42.407: LISP[MR ]-0: Received Map-Request with 1 records, first EID IID 8190 5254.001e.ad00/48, source EID 0000.0c9f.f341, nonce 0x75E13E8C-0x40DE7912. *Oct 10 16:04:42.408: LISP[MR ]-0 IID 8190 MAC: MS EID 5254.001e.ad00/48: Sending proxy reply to 10.47.1.12.
الخطوة 7: يتم تلقي رد خريطة LISP بواسطة Edge Node
يتم تلقي رد خريطة LISP الذي تم إنشاؤه بواسطة Control Node بواسطة Edge Node:
Edge-1#debug lisp control-plane all
Edge-1#debug l2lisp all
*Oct 10 17:44:00.181: LISP[TRNSP]-0: Processing received Map-Reply(2) message on GigabitEthernet1/0/2 from 10.47.1.13:4342 to 10.47.1.12:4342. *Oct 10 17:44:00.181: LISP[REMT ]-0: Received Map-Reply with nonce 0xF954EC80-0x039D7E4A, 1 records. *Oct 10 17:44:00.181: LISP[REMT ]-0: Map-Reply nonce matches pending request for IID 8190 EID 5254.001e.ad00/48, requester 'remote EID RLOC'. *Oct 10 17:44:00.181: LISP[REMT ]-0: Processing Map-Reply mapping record for IID 8190 MAC 5254.001e.ad00/48 LCAF 2, ttl 1440, action none, authoritative, 1 locator. *Oct 10 17:44:00.181: LISP[REMT ]-0: Map Request: Received reply with rtt 560ms. *Oct 10 17:44:00.181: LISP[REMT ]-0: Processing mapping information for EID prefix IID 8190 5254.001e.ad00/48.
وهذا يؤدي أخيرا إلى إنشاء إدخال في ذاكرة التخزين المؤقت لخريطة مثيل إيثرنت ل LISP ويسمح بإعادة توجيه حزمة ARP تجاه Edge-2 حيث يكون 10.47.4.3 متصلا ب
Edge-1#show lisp instance-id 8190 ethernet map-cache 5254.001e.ad00
LISP MAC Mapping Cache for LISP 0 EID-table Vlan 1026 (IID 8190), 1 entries
5254.001e.ad00/48, uptime: 00:04:11, expires: 23:55:48, via map-reply, complete
Sources: map-reply
State: complete, last modified: 00:04:11, map-source: 10.47.1.13
Active, Packets out: 8(0 bytes), counters are not accurate (~ 00:00:04 ago)
Encapsulating dynamic-EID traffic
Locator Uptime State Pri/Wgt Encap-IID
10.47.1.13 00:04:11 up 10/10 -
Last up-down state change: 00:04:11, state change count: 1
Last route reachability change: 00:04:11, state change count: 1
Last priority / weight change: never/never
RLOC-probing loc-status algorithm:
Last RLOC-probe sent: 00:04:11 (rtt 560ms)
الخطوة 8. يتم تضمين ARP في شبكة VXLAN ويرسل نحو HOST-02
كانت جميع الخطوات المتعلقة ب LISP مطلوبة لتحديد موقع 10.47.4.3، حتى يمكن أن ترسل عقدة Edge حزمة ARP (البث) الأصلية كبث أحادي نحو عقدة الحافة المناسبة. يتم تخزين طلب ARP الأصلي مؤقتا (لا يتم إسقاطه) بواسطة وحدة المعالجة المركزية لعقدة Edge حتى يتم إكمال جميع الخطوات مما يسمح بدقة ARP المناسبة حتى عند إرسال حزمة ARP واحدة من 10.47.4.2.
يتم تضمين حزمة ARP في شبكة VXLAN، كما هو موضح في المثال:
Edge-2#show monitor capture 1 buffer display-filter arp brief Starting the packet display ........ Press Ctrl + Shift + 6 to exit
67 15.149181 52:54:00:19:93:e9 -> 52:54:00:1e:ad:00 ARP 110 Who has 10.47.4.3? Tell 10.47.4.2 68 15.155511 52:54:00:19:93:e9 -> 52:54:00:1e:ad:00 ARP 110 Who has 10.47.4.3? Tell 10.47.4.2
تم تضمين طلب ARP في شبكة VXLAN كما تم تحويله أيضا من طلب ARP للبث إلى طلب ARP للبث الأحادي.
Frame 68: 110 bytes on wire (880 bits), 110 bytes captured (880 bits) on interface /tmp/epc_ws/wif_to_ts_pipe, id 0
Interface id: 0 (/tmp/epc_ws/wif_to_ts_pipe)
Interface name: /tmp/epc_ws/wif_to_ts_pipe
Encapsulation type: Ethernet (1)
Arrival Time: Oct 10, 2023 17:56:43.256570000 UTC
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1696960603.256570000 seconds
[Time delta from previous captured frame: 0.006330000 seconds]
[Time delta from previous displayed frame: 0.006330000 seconds]
[Time since reference or first frame: 15.155511000 seconds]
Frame Number: 68
Frame Length: 110 bytes (880 bits)
Capture Length: 110 bytes (880 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ip:udp:vxlan:eth:ethertype:arp]
Ethernet II, Src: 52:54:00:0a:42:11 (52:54:00:0a:42:11), Dst: 52:54:00:17:fe:65 (52:54:00:17:fe:65)
Destination: 52:54:00:17:fe:65 (52:54:00:17:fe:65)
Address: 52:54:00:17:fe:65 (52:54:00:17:fe:65)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: 52:54:00:0a:42:11 (52:54:00:0a:42:11)
Address: 52:54:00:0a:42:11 (52:54:00:0a:42:11)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 10.47.1.12, Dst: 10.47.1.13 <-- 10.47.1.12 is Edge-1 RLOC, 10.47.1.13 is Edge-2 RLOC
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
Total Length: 96
Identification: 0x1781 (6017)
Flags: 0x4000, Don't fragment
0... .... .... .... = Reserved bit: Not set
.1.. .... .... .... = Don't fragment: Set
..0. .... .... .... = More fragments: Not set
Fragment offset: 0
Time to live: 253
Protocol: UDP (17)
Header checksum: 0x4f95 [validation disabled]
[Header checksum status: Unverified]
Source: 10.47.1.12
Destination: 10.47.1.13
User Datagram Protocol, Src Port: 65354, Dst Port: 4789
Source Port: 65354
Destination Port: 4789
Length: 76
[Checksum: [missing]]
[Checksum Status: Not present]
[Stream index: 0]
[Timestamps]
[Time since first frame: 15.155511000 seconds]
[Time since previous frame: 0.006330000 seconds]
Virtual eXtensible Local Area Network
Flags: 0x8800, GBP Extension, VXLAN Network ID (VNI)
1... .... .... .... = GBP Extension: Defined
.... .... .0.. .... = Don't Learn: False
.... 1... .... .... = VXLAN Network ID (VNI): True
.... .... .... 0... = Policy Applied: False
.000 .000 0.00 .000 = Reserved(R): 0x0000
Group Policy ID: 0
VXLAN Network Identifier (VNI): 8190 <-- L2 LISP IID
Reserved: 0
Ethernet II, Src: 52:54:00:19:93:e9 (52:54:00:19:93:e9), Dst: 52:54:00:1e:ad:00 (52:54:00:1e:ad:00) <--Unicast ARP Request
Destination: 52:54:00:1e:ad:00 (52:54:00:1e:ad:00)
Address: 52:54:00:1e:ad:00 (52:54:00:1e:ad:00)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: 52:54:00:19:93:e9 (52:54:00:19:93:e9)
Address: 52:54:00:19:93:e9 (52:54:00:19:93:e9)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: ARP (0x0806)
Trailer: 000000000000000000000000000000000000
Address Resolution Protocol (request)
Hardware type: Ethernet (1)
Protocol type: IPv4 (0x0800)
Hardware size: 6
Protocol size: 4
Opcode: request (1)
Sender MAC address: 52:54:00:19:93:e9 (52:54:00:19:93:e9)
Sender IP address: 10.47.4.2
Target MAC address: 00:00:00:00:00:00 (00:00:00:00:00:00)
Target IP address: 10.47.4.3
الخطوة 9. تم إنشاء رد ARP بواسطة 10.47.4.3 وتم إرساله نحو 10.47.4.2
Edge-2#show monitor capture 1 buffer display-filter arp brief
Starting the packet display ........ Press Ctrl + Shift + 6 to exit
1 0.000000 52:54:00:1e:ad:00 -> 52:54:00:19:93:e9 ARP 60 10.47.4.3 is at 52:54:00:1e:ad:00
2 0.069429 52:54:00:1e:ad:00 -> 52:54:00:19:93:e9 ARP 60 10.47.4.3 is at 52:54:00:1e:ad:00
11 5.960508 52:54:00:1e:ad:00 -> 52:54:00:19:93:e9 ARP 60 Who has 10.47.4.2? Tell 10.47.4.3
في هذا الوقت، لا يتم توجيه الحزمة إلى عنوان البث (كطلب ARP الأصلي) ولكن إلى عنوان MAC الخاص ب 10.47.4.2، عندما تصل إلى عقدة حافة المدخل (Edge-2)، يتم تشغيل عملية LISP العادية. في البداية، يكون عنوان MAC الخاص ب 10.47.4.2 مفقودا في مثيل إيثرنت LISP لعقدة Edge، ويتم توجيه الحزمة إلى وحدة المعالجة المركزية لإنشاء طلب خريطة LISP لتحديد RLOC ل Host-01. هذا السلوك هو نفسه تماما كما هو موضح في الأقسام الأخرى في هذا المستند ويسمح بإنشاء إدخال ذاكرة تخزين مؤقت لخريطة LISP ل 10.47.4.2 على Edge-2:
Edge-2#show lisp instance-id 8190 ethernet map-cache 5254.0019.93e9
LISP MAC Mapping Cache for LISP 0 EID-table Vlan 1026 (IID 8190), 1 entries
5254.0019.93e9/48, uptime: 03:18:28, expires: 20:41:32, via map-reply, complete
Sources: map-reply
State: complete, last modified: 03:18:28, map-source: 10.47.1.12
Active, Packets out: 386(0 bytes), counters are not accurate (~ 00:00:12 ago)
Encapsulating dynamic-EID traffic
Locator Uptime State Pri/Wgt Encap-IID
10.47.1.12 03:18:28 up 10/10 -
Last up-down state change: 03:18:28, state change count: 1
Last route reachability change: 03:18:28, state change count: 1
Last priority / weight change: never/never
RLOC-probing loc-status algorithm:
Last RLOC-probe sent: 03:18:28 (rtt 710ms)
يسمح الإدخال بإرسال الرد على ARP بنجاح نحو الحافة-1 في تضمين VXLAN وإعادة توجيهه إلى عملية تحليل ARP الكاملة المنافسة.
إمكانية الوصول إلى المضيف الأساسية في بنية SDA (نفس شبكة VLAN / نفس شبكة VN)
يفترض أن حل ARP قد اكتمل بنجاح وأن كلا المضيفين 10.47.4.2 و 10.47.4.3 لديهما إدخالات ARP مناسبة لبعضهما البعض.
من منظور أستكشاف الأخطاء وإصلاحها، من المفيد جدا تكوين إدخالات ARP الثابتة على كلا المضيفين للتحقق بسرعة مما إذا كانت المشكلة متعلقة بالاتصال العام في البنية (في هذه الحالة لا يعمل إختبار الاتصال بين الأجهزة المضيفة) أو فقط بعملية ARP.
10.47.4.2 يولد طلبا من ICMP في إتجاه 10.47.4.3:
Edge-1#show monitor capture 1 buffer brief
Starting the packet display ........ Press Ctrl + Shift + 6 to exit
1 0.000000 10.47.4.2 -> 10.47.4.3 ICMP 98 Echo (ping) request id=0x0040, seq=3/768, ttl=64
Edge-1#show monitor capture 1 buffer detail
Starting the packet display ........ Press Ctrl + Shift + 6 to exit
Frame 1: 98 bytes on wire (784 bits), 98 bytes captured (784 bits) on interface /tmp/epc_ws/wif_to_ts_pipe, id 0
Interface id: 0 (/tmp/epc_ws/wif_to_ts_pipe)
Interface name: /tmp/epc_ws/wif_to_ts_pipe
Encapsulation type: Ethernet (1)
Arrival Time: Oct 10, 2023 18:21:21.484694000 UTC
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1696962081.484694000 seconds
[Time delta from previous captured frame: 0.000000000 seconds]
[Time delta from previous displayed frame: 0.000000000 seconds]
[Time since reference or first frame: 0.000000000 seconds]
Frame Number: 1
Frame Length: 98 bytes (784 bits)
Capture Length: 98 bytes (784 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ip:icmp:data]
Ethernet II, Src: 52:54:00:19:93:e9 (52:54:00:19:93:e9), Dst: 52:54:00:1e:ad:00 (52:54:00:1e:ad:00) <-- Endpoint MAC, Anycast GW MAC respectively
Destination: 52:54:00:1e:ad:00 (52:54:00:1e:ad:00)
Address: 52:54:00:1e:ad:00 (52:54:00:1e:ad:00)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: 52:54:00:19:93:e9 (52:54:00:19:93:e9)
Address: 52:54:00:19:93:e9 (52:54:00:19:93:e9)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 10.47.4.2, Dst: 10.47.4.3
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
Total Length: 84
Identification: 0x7321 (29473)
Flags: 0x4000, Don't fragment
0... .... .... .... = Reserved bit: Not set
.1.. .... .... .... = Don't fragment: Set
..0. .... .... .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: ICMP (1)
Header checksum: 0xab25 [validation disabled]
[Header checksum status: Unverified]
Source: 10.47.4.2
Destination: 10.47.4.3
Internet Control Message Protocol
Type: 8 (Echo (ping) request)
Code: 0
Checksum: 0x02ea [correct]
[Checksum Status: Good]
Identifier (BE): 64 (0x0040)
Identifier (LE): 16384 (0x4000)
Sequence number (BE): 3 (0x0003)
Sequence number (LE): 768 (0x0300)
Data (56 bytes)
0000 68 95 8c 3d 00 00 00 00 00 00 00 00 00 00 00 00 h..=............
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030 00 00 00 00 00 00 00 00 ........
Data: 68958c3d0000000000000000000000000000000000000000b^@&
[Length: 56]
يتم إرسال حزمة ICMP نحو 10.47.4.3 إلى عقدة Edge المحددة في حقل محدد الموقع: 10.47.1.13 (Edge-2) ويمكن التقاط الحزمة عبر التقاط الحزمة المضمنة.
مع إستقبال الحزمة في شبكة VLAN حيث يتم تمكين الامتداد L2، يتم البحث في مثيل إيثرنت LISP:
Edge-1#show lisp instance-id 8190 ethernet map-cache 5254.001e.ad00
LISP MAC Mapping Cache for LISP 0 EID-table Vlan 1026 (IID 8190), 1 entries
5254.001e.ad00/48, uptime: 00:22:29, expires: 23:37:32, via map-reply, complete
Sources: map-reply
State: complete, last modified: 00:22:29, map-source: 10.47.1.13
Active, Packets out: 42(0 bytes), counters are not accurate (~ 00:00:58 ago)
Encapsulating dynamic-EID traffic
Locator Uptime State Pri/Wgt Encap-IID
10.47.1.13 00:22:29 up 10/10 -
Last up-down state change: 00:22:29, state change count: 1
Last route reachability change: 00:22:29, state change count: 1
Last priority / weight change: never/never
RLOC-probing loc-status algorithm:
Last RLOC-probe sent: 00:22:28 (rtt 1609ms)
تحقق من عنوان MAC لنقطة النهاية البعيدة، فإنه يشير إلى L2LI0، وهو متوقع
Edge-1#show mac add add 5254.001e.ad00
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1026 5254.001e.ad00 CP_LEARN L2LI0
Total Mac Addresses installed by LISP: REMOTE: 1
افحص عنوان MAC في FED، يمكن الحصول على معلومات إضافية
Edge-1#show platform software fed sw active matm macTable vlan 1026 mac 5254.001e.ad00 VLAN MAC Type Seq# EC_Bi Flags machandle siHandle riHandle diHandle *a_time *e_time ports Con ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ 1026 5254.001e.ad00 0x1000001 0 0 64 0x7f65ecfdd3a8 0x7f65ecfdd1f8 0x7f65ecfdd048 0x0 0 2 RLOC 10.47.1.13 adj_id 97 No ======platform hardware details ====== Asic: 0 htm-handle = 0x7f65ecc4d188 MVID = 7 gpn = 1 SI = 0xc7 RI = 0x12 DI = 0x5012 Asic: 1 SI = 0xc7 RI = 0x12 DI = 0x5013
فك معالج عنوان MAC
قم بأخذ MacHandle (0x7f65ecfdd3a8) من الأمر السابق واستخدامه في الأمر show platform hardware fed switch active fwd-asic tracaction print-resource-handle <macHandle> 1
Edge-1#show platform hardware fed switch active fwd-asic abstraction print-resource-handle 0x7f65ecfdd3a8 1 Handle:0x7f65ecfdd3a8 Res-Type:ASIC_RSC_HASH_TCAM Res-Switch-Num:0 Asic-Num:255 Feature-ID:AL_FID_L2_WIRELESS Lkp-ftr-id:LKP_FEAT_L2_SRC_MAC_VLAN ref_count:1 priv_ri/priv_si Handle: (nil)Hardware Indices/Handles: handle [ASIC: 0]: 0x7f65ecc4d188 Features sharing this resource:Cookie length: 12 1e 00 54 52 00 ad 07 80 07 00 00 00 Detailed Resource Information (ASIC_INSTANCE# 0) ---------------------------------------- Number of HTM Entries: 1 Entry 0: (handle 0x7f65ecc4d188) Absolute Index: 4706 Time Stamp: 14 KEY - vlan:7 mac:0x5254001ead00 l3_if:0 gpn:3401 epoch:0 static:0 flood_en:0 vlan_lead_wless_flood_en: 0 client_home_asic: 0 learning_peerid 0, learning_peerid_valid 0 lvx:1 MASK - vlan:0 mac:0x0 l3_if:0 gpn:0 epoch:0 static:0 flood_en:0 vlan_lead_wless_flood_en: 0 client_home_asic: 0 learning_peerid 0, learning_peerid_valid 0 lvx:0 SRC_AD - need_to_learn:0 lrn_v:0 catchall:0 static_mac:0 chain_ptr_v:0 chain_ptr: 0 static_entry_v:0 auth_state:0 auth_mode:0 auth_behavior_tag:0 traf_m:0 is_src_ce:0 DST_AD - si:0xc7 bridge:0 replicate:0 blk_fwd_o:0 v4_rmac:0 v6_rmac:0 catchall:0 ign_src_lrn:0 port_mask_o:0 afd_cli_f:0 afd_lbl:0 prio:3 dest_mod_idx:0 destined_to_us:0 pv_trunk:0 smr:1 ==============================================================
فك تشفير عنوان MAC
قم بأخذ الأمر siHandle (0x7f65ecfdd1f8) من الأمر السابق واستخدامه في الأمر show platform hardware fed switch active fwd-asic tracaction print-resource-handle <siHandle> 1
Edge-1#show platform hardware fed switch active fwd-asic abstraction print-resource-handle 0x7f65ecfdd1f8 1 Handle:0x7f65ecfdd1f8 Res-Type:ASIC_RSC_SI Res-Switch-Num:255 Asic-Num:255 Feature-ID:AL_FID_L2_WIRELESS Lkp-ftr-id:LKP_FEAT_INVALID ref_count:1 priv_ri/priv_si Handle: 0x7f65ecfdd048Hardware Indices/Handles: index0:0xc7 mtu_index/l3u_ri_index0:0x0 index1:0xc7 mtu_index/l3u_ri_index1:0x0 Features sharing this resource:58 (1)] Cookie length: 56 00 00 00 00 00 00 00 00 02 04 00 00 00 00 00 00 00 00 00 00 07 00 61 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Detailed Resource Information (ASIC_INSTANCE# 0) ---------------------------------------- Station Index (SI) [0xc7] <-- Contains the Rewrite Index (RI) and Outgoing Interface Information (DI) RI = 0x12 <-- Rewrite Index = Contains information for forwarding DI = 0x5012 <-- Destination Index = Outgoing Interface stationTableGenericLabel = 0 stationFdConstructionLabel = 0x7 lookupSkipIdIndex = 0 rcpServiceId = 0 dejaVuPreCheckEn = 0 Replication Bitmap: LD Detailed Resource Information (ASIC_INSTANCE# 1) ---------------------------------------- Station Index (SI) [0xc7] <-- Contains the Rewrite Index (RI) and Outgoing Interface Information (DI)
RI = 0x12 <-- Rewrite Index = Contains information for forwarding
DI = 0x5013 <-- Destination Index = Outgoing Interface stationTableGenericLabel = 0 stationFdConstructionLabel = 0x7 lookupSkipIdIndex = 0 rcpServiceId = 0 dejaVuPreCheckEn = 0 Replication Bitmap: LD ==============================================================
إعادة كتابة فك تشفير الفهرس
خذ ال RI (0x12) واستعمل في الأمر show platform hardware fed مفتاح نشط مورد asic كل rewrite-index مدى <RI> <RI>
Edge-1#show platform hardware fed switch active fwd-asic resource asic all rewrite-index range 0x12 0x12 ASIC#:0 RI:18 Rewrite_type:AL_RRM_REWRITE_L2_PAYLOAD_L2LISP_ENCAP(115) Mapped_rii:LVX_L2_ENCAP_L2_PAYLOAD_ROUTED(133) Src IP: 10.47.1.12 <-- Local RLOC Dst IP: 10.47.1.13 <-- Remote RLOC iVxlan dstMac: 0x5254:0x01c:0x7de0 iVxlan srcMac: 0x00:0x00:0x00 IPv4 TTL: 0 iid present: 1 lisp iid: 0 lisp flags: 0 dst Port: 4789 update only l3if: 0 is Sgt: 1 is TTL Prop: 0 L3if LE: 0 (0) Port LE: 0 (0) Vlan LE: 7 (0) ASIC#:1 RI:18 Rewrite_type:AL_RRM_REWRITE_L2_PAYLOAD_L2LISP_ENCAP(115) Mapped_rii:LVX_L2_ENCAP_L2_PAYLOAD_ROUTED(133) Src IP: 10.47.1.12 <-- Local RLOC Dst IP: 10.47.1.13 <-- Remote RLOC iVxlan dstMac: 0x5254:0x01c:0x7de0 iVxlan srcMac: 0x00:0x00:0x00 IPv4 TTL: 0 iid present: 1 lisp iid: 0 lisp flags: 0 dst Port: 4789 update only l3if: 0 is Sgt: 1 is TTL Prop: 0 L3if LE: 0 (0) Port LE: 0 (0) Vlan LE: 7 (0)
فك ترميز فهرس الوجهة
خذ ال DI (0x5012) واستعمل في الأمر show platform hardware fed مفتاح نشط fwd-asic مورد كل غاية-index مدى <di> <di>
Edge-1#show platform hardware fed switch active fwd-asic resource asic all destination-index range 0x5012 0x5012 ASIC#0: Destination index = 0x5012 DI_RCP_PORT1 <-- Recirculation port for VXLAN imposition pmap = 0x00000000 0x00000000 cmi = 0x0 rcp_pmap = 0x1 al_rsc_cmi CPU Map Index (CMI) [0] ctiLo0 = 0 ctiLo1 = 0 ctiLo2 = 0 cpuQNum0 = 0 cpuQNum1 = 0 cpuQNum2 = 0 npuIndex = 0 stripSeg = 0 copySeg = 0 ASIC#1: Destination index = 0x5012 DI_RCP_PORT1 <-- Recirculation port for VXLAN imposition pmap = 0x00000000 0x00000000 cmi = 0x0 rcp_pmap = 0x0 al_rsc_cmi CPU Map Index (CMI) [0] ctiLo0 = 0 ctiLo1 = 0 ctiLo2 = 0 cpuQNum0 = 0 cpuQNum1 = 0 cpuQNum2 = 0 npuIndex = 0 stripSeg = 0 copySeg = 0
فك تشفير siHandle
قم بأخذ siHandle (0x7f65ecfdd048) واستخدامها في الأمر show platform hardware fed switch active fwd-asic abstraction print-resource-handle <siHandle> 1
Edge-1#show platform hardware fed switch active fwd-asic abstraction print-resource-handle 0x7f65ecfdd048 1 Handle:0x7f65ecfdd048 Res-Type:ASIC_RSC_RI Res-Switch-Num:255 Asic-Num:255 Feature-ID:AL_FID_L2_WIRELESS Lkp-ftr-id:LKP_FEAT_INVALID ref_count:1 priv_ri/priv_si Handle: 0x7f65ecfdcd78Hardware Indices/Handles: index0:0x12 mtu_index/l3u_ri_index0:0x0 index1:0x12 mtu_index/l3u_ri_index1:0x0 Features sharing this resource:58 (1)] Cookie length: 56 00 00 00 00 00 00 00 00 02 04 00 00 00 00 00 00 00 00 00 00 07 00 61 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Detailed Resource Information (ASIC_INSTANCE# 0) ---------------------------------------- ASIC#:0 RI:18 Rewrite_type:AL_RRM_REWRITE_L2_PAYLOAD_L2LISP_ENCAP(115) Mapped_rii:LVX_L2_ENCAP_L2_PAYLOAD_ROUTED(133) Src IP: 10.47.1.12 <-- Local RLOC Dst IP: 10.47.1.13 <-- Remote RLOC iVxlan dstMac: 0x610:0x00:0x00 iVxlan srcMac: 0x00:0x00:0x00 IPv4 TTL: 0 iid present: 1 lisp iid: 0 lisp flags: 0 dst Port: 4789 update only l3if: 0 is Sgt: 1 is TTL Prop: 0 L3if LE: 0 (0) Port LE: 279 (0) Vlan LE: 7 (0) Detailed Resource Information (ASIC_INSTANCE# 1) ---------------------------------------- ASIC#:1 RI:18 Rewrite_type:AL_RRM_REWRITE_L2_PAYLOAD_L2LISP_ENCAP(115) Mapped_rii:LVX_L2_ENCAP_L2_PAYLOAD_ROUTED(133)
Src IP: 10.47.1.12 <-- Local RLOC
Dst IP: 10.47.1.13 <-- Remote RLOC iVxlan dstMac: 0x610:0x00:0x00 iVxlan srcMac: 0x00:0x00:0x00 IPv4 TTL: 0 iid present: 1 lisp iid: 0 lisp flags: 0 dst Port: 4789 update only l3if: 0 is Sgt: 1 is TTL Prop: 0 L3if LE: 0 (0) Port LE: 279 (0) Vlan LE: 7 (0) ==============================================================
التحقق من المسار السفلي
يتم تضمين حركة المرور في شبكة VXLAN مع IID 8190 باستخدام 10.47.1.12 ولها القدرة على أن تكون متوازنة الأحمال خارج Gig1/0/1 و G1/0/2
Edge-1#show ip route 10.47.1.13
Routing entry for 10.47.1.13/32
Known via "isis", distance 115, metric 30, type level-2
Redistributing via isis
Last update from 10.47.1.4 on GigabitEthernet1/0/2, 2d22h ago
Routing Descriptor Blocks:
10.47.1.4, from 10.47.1.13, 2d22h ago, via GigabitEthernet1/0/2
Route metric is 30, traffic share count is 1
* 10.47.1.0, from 10.47.1.13, 2d22h ago, via GigabitEthernet1/0/1
Route metric is 30, traffic share count is 1
Edge-1#show ip cef 10.47.1.13
10.47.1.13/32
nexthop 10.47.1.0 GigabitEthernet1/0/1
nexthop 10.47.1.4 GigabitEthernet1/0/2
للحصول على معلومات si_hdl، ri_hdl، أستخدم الأمر show platform software fed switch active ip adj
Edge-1#show platform software fed switch active ip adj IPV4 Adj entries dest if_name dst_mac si_hdl ri_hdl pd_flags adj_id Last-modified ---- ------- ------- ------ ------ -------- ------ ------------- 225.0.0.0 GigabitEthernet1/0/1 0100.5e00.0000 0x7f65ec958128 0x7f65ec957e18 0x0 0xf80001a1 2023/09/19 17:57:41.399 10.47.1.10 LISP0.4100 4500.0000.0000 0x7f65ec895ed8 0x7f65ec895a68 0x60 0x5c 2023/09/19 17:58:16.545 225.0.0.0 GigabitEthernet1/0/2 0100.5e00.0000 0x7f65ec958f68 0x7f65ec95b2b8 0x0 0xf80001b1 2023/09/19 17:57:41.938 10.47.1.4 GigabitEthernet1/0/2 5254.001c.7de0 0x7f65ec8a5458 0x7f65ec8a4eb8 0x0 0x4c 2023/09/19 17:58:02.150 225.0.0.0 Null0 f800.0011.0000 0x7f65ec3740c8 0x0 0x0 0xf8000011 2023/09/19 17:57:29.404 10.47.1.0 GigabitEthernet1/0/1 5254.000a.42f3 0x7f65ec8b8468 0x7f65ec8b8158 0x0 0x55 2023/09/19 17:58:08.864
فك ترميز الخطوة التالية SI_HDL
للتحقق من إستخدام si_hdl (0x7f65ec8a5458) في الأمر show platform hardware fed switch active fwd-asic abstraction print-resource-handle <si_hdl> 1
Edge-1#show platform hardware fed switch active fwd-asic abstraction print-resource-handle 0x7f65ec8a5458 1 Handle:0x7f65ec8a5458 Res-Type:ASIC_RSC_SI Res-Switch-Num:255 Asic-Num:255 Feature-ID:AL_FID_L3_UNICAST_IPV4 Lkp-ftr-id:LKP_FEAT_INVALID ref_count:1 priv_ri/priv_si Handle: 0x7f65ec8a4eb8Hardware Indices/Handles: index0:0xbc mtu_index/l3u_ri_index0:0x0 index1:0xbc mtu_index/l3u_ri_index1:0x0 Features sharing this resource:66 (1)] Cookie length: 56 00 00 00 00 00 00 00 00 26 00 00 00 00 00 00 00 00 00 00 00 08 00 52 54 00 1c 7d e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Detailed Resource Information (ASIC_INSTANCE# 0) ---------------------------------------- Station Index (SI) [0xbc] -----> Contains RI and DI information RI = 0x1a -----> Rewrite Index = MAC address rewrite information for L3 forwarding to the next-hop adjacency DI = 0x526d -----> Destination Index = Outgoing Interface stationTableGenericLabel = 0 stationFdConstructionLabel = 0x7 lookupSkipIdIndex = 0 rcpServiceId = 0 dejaVuPreCheckEn = 0 Replication Bitmap: LD -----> Local Data, indicating that this ASIC is directly connected to the adjacency interface Detailed Resource Information (ASIC_INSTANCE# 1) ---------------------------------------- Station Index (SI) [0xbc] -----> Contains RI and DI information RI = 0x1a -----> Rewrite Index = MAC address rewrite information for L3 forwarding to the next-hop adjacency DI = 0x526d -----> Destination Index = Outgoing Interface stationTableGenericLabel = 0 stationFdConstructionLabel = 0x7 lookupSkipIdIndex = 0 rcpServiceId = 0 dejaVuPreCheckEn = 0 Replication Bitmap: CD -----> Core Data, indicating that this instance of the ASIC is on the same ASIC, but different core. ==============================================================
فك تشفير فهرس إعادة الكتابة للخطوة التالية تحت
لفك ترميز RI (0x1a) إستخدام في الأمر show platform hardware fed مفتاح نشط fwd-asic مورد جميع rewrite-index مدى <RI> <RI>
Edge-1#show platform hardware fed switch active fwd-asic resource asic all rewrite-index range 0x1a 0x1a ASIC#:0 RI:26 Rewrite_type:AL_RRM_REWRITE_L3_UNICAST_IPV4_SHARED(1) Mapped_rii:L3_UNICAST_IPV4(9) -----> Decimal 26 is hex 0x1a MAC Addr: MAC Addr: 52:54:00:1c:7d:e0, -----> MAC address 5254.001c.7de0 for the next-hop adjacency L3IF LE Index 38 ASIC#:1 RI:26 Rewrite_type:AL_RRM_REWRITE_L3_UNICAST_IPV4_SHARED(1) Mapped_rii:L3_UNICAST_IPV4(9) MAC Addr: MAC Addr: 52:54:00:1c:7d:e0, -----> MAC address 5254.001c.7de0 for the next-hop adjacency L3IF LE Index 38
فك تشفير فهرس وجهة الخطوة التالية تحت
لفك ترميز DI (0x526d) إستخدام في show platform جهاز تغذية مفتاح نشط نشط لمصدر FWD-asic كل غاية-index مدى <di> <di>
Edge-1#show platform hardware fed switch active fwd-asic resource asic all destination-index range 0x526d 0x526d ASIC#0: Destination index = 0x526d pmap = 0x00000000 0x00000002 <-- Convert decimal 2 to binary, which is 0010. Count this binary right to left, zero-based, so Port 1. pmap_intf : [GigabitEthernet1/0/2] cmi = 0x0 rcp_pmap = 0x0 al_rsc_cmi CPU Map Index (CMI) [0] ctiLo0 = 0 ctiLo1 = 0 ctiLo2 = 0 cpuQNum0 = 0 cpuQNum1 = 0 cpuQNum2 = 0 npuIndex = 0 stripSeg = 0 copySeg = 0 ASIC#1: Destination index = 0x526d pmap = 0x00000000 0x00000000 cmi = 0x0 rcp_pmap = 0x0 al_rsc_cmi CPU Map Index (CMI) [0] ctiLo0 = 0 ctiLo1 = 0 ctiLo2 = 0 cpuQNum0 = 0 cpuQNum1 = 0 cpuQNum2 = 0 npuIndex = 0 stripSeg = 0 copySeg = 0
Edge-1#show platform software fed switch active ifm mappings Interface IF_ID Inst Asic Core Port SubPort Mac Cntx LPN GPN Type Active GigabitEthernet1/0/1 0x1a 0 0 0 0 0 1 0 1 1 NIF Y GigabitEthernet1/0/2 0x1b 0 0 0 1 0 2 1 2 2 NIF Y <-- Port 1 lines up to G1/0/2 GigabitEthernet1/0/3 0xb 0 0 0 2 0 3 2 3 3 NIF Y GigabitEthernet1/0/4 0xc 0 0 0 3 0 4 3 4 4 NIF Y GigabitEthernet1/0/5 0xd 0 0 0 4 0 5 4 5 5 NIF Y GigabitEthernet1/0/6 0xe 0 0 0 5 0 6 5 6 6 NIF Y GigabitEthernet1/0/7 0xf 0 0 0 6 0 7 6 7 7 NIF Y GigabitEthernet1/0/8 0x10 0 0 0 7 0 8 7 8 8 NIF Y
فك ترميز الخطوة التالية ri_hdl
لفك ترميز إستخدام RI_HDL (0x7f65ec8a4eb8) في عرض جهاز النظام الأساسي الذي تم تغذيته بمحول نشط نشط يعمل على تجريد FWD-ASIC طباعة-مورد-معالجة (ri_hdl) 1
Edge-1#show platform hardware fed switch active fwd-asic abstraction print-resource-handle 0x7f65ec8a4eb8 1 Handle:0x7f65ec8a4eb8 Res-Type:ASIC_RSC_RI Res-Switch-Num:255 Asic-Num:255 Feature-ID:AL_FID_L3_UNICAST_IPV4 Lkp-ftr-id:LKP_FEAT_INVALID ref_count:1 priv_ri/priv_si Handle: 0x7f65ec903b28Hardware Indices/Handles: index0:0x1a mtu_index/l3u_ri_index0:0x0 index1:0x1a mtu_index/l3u_ri_index1:0x0 Features sharing this resource:66 (1)] Cookie length: 56 00 00 00 00 00 00 00 00 26 00 00 00 00 00 00 00 00 00 00 00 08 00 52 54 00 1c 7d e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Detailed Resource Information (ASIC_INSTANCE# 0) ---------------------------------------- ASIC#:0 RI:26 Rewrite_type:AL_RRM_REWRITE_L3_UNICAST_IPV4_SHARED(1) Mapped_rii:L3_UNICAST_IPV4(9) <-- Decimal 26 is 0x1a in hex MAC Addr: MAC Addr: 52:54:00:1c:7d:e0, <-- MAC address 5254.001c.7de0 for the next-hop adjacency L3IF LE Index 38 Detailed Resource Information (ASIC_INSTANCE# 1) ---------------------------------------- ASIC#:1 RI:26 Rewrite_type:AL_RRM_REWRITE_L3_UNICAST_IPV4_SHARED(1) Mapped_rii:L3_UNICAST_IPV4(9)<-- Decimal 26 is 0x1a in hex MAC Addr: MAC Addr: 52:54:00:1c:7d:e0, MAC Addr: MAC Addr: 52:54:00:1c:7d:e0,<-- MAC address 5254.001c.7de0 for the next-hop adjacency
L3IF LE Index 38 ==============================================================
إمكانية الوصول إلى المضيف الأساسية في بنية SDA (شبكات VLAN المختلفة / شبكة VN نفسها)
وفي هذا القسم، يجري فحص الاتصال بين 10.47.4.2 و 10.47.10.2. بما أن هذا مضيف ينتسب إلى VLANs مختلف، كلا يحتاج أن يتلقى تقصير-gateway يشكل أن يشير إلى تقصير مدخل. ل 10.47.4.2 هو 10.47.4.1 و 10.47.10.2 هو 10.47.10.1.
الخطوة 1. تأكيد أن الاتصال بين نقطة النهاية والبوابة الافتراضية يعمل:
Edge-1#ping vrf red_vn 10.47.4.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.47.4.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 155/164/181 ms
Edge-2#ping vrf red_vn 10.47.10.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.47.10.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 41/46/62 ms
الخطوة 2. تأكد من تلقي الحزمة من 10.47.4.2 بنجاح بواسطة Edge-1:
يمكن التقاط الحزمة على واجهة الدخول التي تواجه 10.47.4.2:
Edge-1#monitor capture 1 interface g1/0/3 in match any Edge-1#mon cap 1 start Started capture point : 1 Edge-1#mon cap 1 stop Capture statistics collected at software: Capture duration - 12 seconds Packets received - 9 Packets dropped - 0 Packets oversized - 0 Number of Bytes dropped at asic not collected Capture buffer will exists till exported or cleared Stopped capture point : 1
Edge-1#show monitor capture 1 buffer brief Starting the packet display ........ Press Ctrl + Shift + 6 to exit 1 0.000000 10.47.4.2 -> 10.47.10.2 ICMP 98 Echo (ping) request id=0x0041, seq=0/0, ttl=64 2 0.023447 10.47.4.2 -> 10.47.10.2 ICMP 98 Echo (ping) request id=0x0041, seq=0/0, ttl=64
Edge-1#show monitor capture 1 buffer detailed Starting the packet display ........ Press Ctrl + Shift + 6 to exit Frame 1: 98 bytes on wire (784 bits), 98 bytes captured (784 bits) on interface /tmp/epc_ws/wif_to_ts_pipe, id 0 Interface id: 0 (/tmp/epc_ws/wif_to_ts_pipe) Interface name: /tmp/epc_ws/wif_to_ts_pipe Encapsulation type: Ethernet (1) Arrival Time: Oct 11, 2023 15:27:46.033825000 UTC [Time shift for this packet: 0.000000000 seconds] Epoch Time: 1697038066.033825000 seconds [Time delta from previous captured frame: 0.000000000 seconds] [Time delta from previous displayed frame: 0.000000000 seconds] [Time since reference or first frame: 0.000000000 seconds] Frame Number: 1 Frame Length: 98 bytes (784 bits) Capture Length: 98 bytes (784 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:icmp:data] Ethernet II, Src: 52:54:00:19:93:e9 (52:54:00:19:93:e9), Dst: 00:00:0c:9f:f3:41 (00:00:0c:9f:f3:41) <-- SMAC and DMAC respectively Destination: 00:00:0c:9f:f3:41 (00:00:0c:9f:f3:41) Address: 00:00:0c:9f:f3:41 (00:00:0c:9f:f3:41) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: 52:54:00:19:93:e9 (52:54:00:19:93:e9) Address: 52:54:00:19:93:e9 (52:54:00:19:93:e9) .... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 10.47.4.2, Dst: 10.47.10.2 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 84 Identification: 0x395e (14686) Flags: 0x4000, Don't fragment 0... .... .... .... = Reserved bit: Not set .1.. .... .... .... = Don't fragment: Set ..0. .... .... .... = More fragments: Not set Fragment offset: 0 Time to live: 64 Protocol: ICMP (1) Header checksum: 0xdee9 [validation disabled] [Header checksum status: Unverified] Source: 10.47.4.2 Destination: 10.47.10.2 Internet Control Message Protocol Type: 8 (Echo (ping) request) Code: 0 Checksum: 0x248a [correct] [Checksum Status: Good] Identifier (BE): 65 (0x0041) Identifier (LE): 16640 (0x4100) Sequence number (BE): 0 (0x0000) Sequence number (LE): 0 (0x0000) Data (56 bytes) 0000 2a 46 a8 ee 00 00 00 00 00 00 00 00 00 00 00 00 *F.............. 0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0030 00 00 00 00 00 00 00 00 ........ Data: 2a46a8ee0000000000000000000000000000000000000000b^@& [Length: 56]
الخطوة 3 - بحث LISP
يجب أن تحدد عقدة حافة المدخل موقع (RLOC) المضيف-03 الذي ترسل إليه الحزم. كما في هذه الحالة، المضيف-03 في شبكة VLAN مختلفة (ولكن ال نفسه VN / VRF: المستخدمون)، يتم إستخدام مثيل IPv4 من LISP حيث أن البحث يستند إلى عنوان IP (عنوان MAC ينتمي إلى عقدة الحافة نفسها).
Edge-1#debug lisp control-plane all
LISP[REMT ]-0: Map Request: Sending request for IID 4099 EID 10.47.10.2/32, requester 'remote EID prefix'. LISP[REMT ]-0: Map-Reply nonce matches pending request for IID 4099 EID 10.47.10.2/32, requester 'remote EID prefix'.
يصل طلب خريطة LISP إلى عقدة التحكم (خادم خريطة LISP) border-1:
Border-1#debug lisp control-plane all
LISP[TRNSP]-0: Processing received Map-Request(1) message on GigabitEthernet1/0/3 from 10.47.10.2:4342 to 10.47.10.2:4342.
LISP[MR ]-0: Received Map-Request with 1 records, first EID IID 4099 10.47.10.2/32, source EID 10.47.4.2, nonce 0x1CFAB931-0x8207CB93. LISP[MR ]-0 IID 4099 IPv4: MS EID 10.47.10.2/32: Sending proxy reply to 10.47.1.12.
يصل رد خريطة LISP إلى عقدة الحافة:
LISP[REMT ]-0: Processing Map-Reply mapping record for IID 4099 IPv4 10.47.10.2/32 LCAF 2, ttl 1440, action none, not authoritative, 1 locator. LISP[REMT ]-0: Processing mapping information for EID prefix IID 4099 10.47.10.2/32.
يستعلم Fabric Edge ل RLOC ل 10.47.10.2 ويعالج الخريطة-الرد
LISP[REMT ]-0: Map Request: Sending request for IID 4099 EID 10.47.10.2/32, requester 'remote EID RLOC'.
LISP[REMT ]-0: Processing Map-Reply mapping record for IID 4099 IPv4 10.47.10.2/32 LCAF 2, ttl 1440, action none, authoritative, 1 locator. LISP[REMT ]-0: Processing mapping information for EID prefix IID 4099 10.47.10.2/32.
في حالة عدم وجود إدخال، يجب تجميع تصحيح الأخطاء من منظور عملية LISP. هناك أيضا أداة، تسمى LIG (LISP Grouper) والتي يمكن إستخدامها لتشغيل عملية LISP يدويا (هذه طريقة فعالة للغاية لاختبار تكوين عقدة التحكم المكررة وتناسق قاعدة البيانات بين كلا عقدتي التحكم):
Edge-1#lig instance-id 4099 10.47.10.2 to 10.47.1.10 Mapping information for EID 10.47.10.2 from 10.47.1.10 with RTT 334 msecs 10.47.10.2/32, uptime: 00:00:00, expires: 23:59:59, via map-reply, complete Locator Uptime State Pri/Wgt Encap-IID 10.47.1.13 00:00:00 up 10/10 -
Edge-1#lig instance-id 4099 10.47.10.2 to 10.47.1.11 Mapping information for EID 10.47.10.2 from 10.47.1.11 with RTT 327 msecs 10.47.10.2/32, uptime: 00:00:06, expires: 23:59:59, via map-reply, complete Locator Uptime State Pri/Wgt Encap-IID 10.47.1.13 00:00:06 up 10/10 -
التحقق من المسار
تستخدم CEF LISP، وتستخدم LISP إدخال ذاكرة التخزين المؤقت للخريطة الذي تلقيته
Edge-1#show ip cef vrf red_vn 10.47.10.2 10.47.10.2/32 nexthop 10.47.1.13 LISP0.4099
Edge-1#show ip route 10.47.1.13 Routing entry for 10.47.1.13/32 Known via "isis", distance 115, metric 30, type level-2 Redistributing via isis Last update from 10.47.1.4 on GigabitEthernet1/0/2, 3d19h ago Routing Descriptor Blocks: 10.47.1.4, from 10.47.1.13, 3d19h ago, via GigabitEthernet1/0/2 Route metric is 30, traffic share count is 1 * 10.47.1.0, from 10.47.1.13, 3d19h ago, via GigabitEthernet1/0/1 Route metric is 30, traffic share count is 1
Edge-1#show lisp instance-id 4099 ipv4 map-cache 10.47.10.2 LISP IPv4 Mapping Cache for LISP 0 EID-table vrf red_vn (IID 4099), 1 entries 10.47.10.2/32, uptime: 00:08:48, expires: 23:51:17, via map-reply, complete Sources: map-reply State: complete, last modified: 00:08:48, map-source: 10.47.1.11 Active, Packets out: 51(29376 bytes), counters are not accurate (~ 00:00:15 ago) Encapsulating dynamic-EID traffic Locator Uptime State Pri/Wgt Encap-IID 10.47.1.13 00:08:48 up 10/10 - Last up-down state change: 00:08:48, state change count: 1 Last route reachability change: 22:07:12, state change count: 1 Last priority / weight change: never/never RLOC-probing loc-status algorithm: Last RLOC-probe sent: 00:08:48 (rtt 931ms)
التحقق من LISP Next-Hop
بما أن هذا ربط VXLAN يغلف، تدقيق من ال LISP بعد خطوة يحتاج أن يقع. أستخدم الأمر show platform software fed switch active ip adj للحصول على معلومات إضافية حول 10.47.1.13، الخطوة التالية ل LISP
Edge-1#show platform software fed switch active ip adj IPV4 Adj entries dest if_name dst_mac si_hdl ri_hdl pd_flags adj_id Last-modified ---- ------- ------- ------ ------ -------- ------ ------------- 10.47.1.10 LISP0.4100 4500.0000.0000 0x7f65ec895ed8 0x7f65ec895a68 0x60 0x5c 2023/09/19 17:58:16.545 10.47.1.4 GigabitEthernet1/0/2 5254.001c.7de0 0x7f65ec8a5458 0x7f65ec8a4eb8 0x0 0x4c 2023/09/19 17:58:02.150 10.47.1.0 GigabitEthernet1/0/1 5254.000a.42f3 0x7f65ec8b8468 0x7f65ec8b8158 0x0 0x55 2023/09/19 17:58:08.864 10.47.4.2 Vlan1026 5254.0019.93e9 0x7f65ec7c21f8 0x7f65ec7c2498 0x0 0x1a 2023/09/19 23:59:34.081 10.47.1.13 LISP0.4099 4500.0000.0000 0x7f65ed00f668 0x7f65ed00fd58 0x60 0x20 2023/10/11 15:36:06.243
فك تشفير LISP Next-Hop si_hdl
يمكنك التعامل مع si_hdl (0x7f65ed00f668) واستخدامها في show platform hardware fed switch active fwd-asic abstraction print-resource-handle <si_hdl> 1
Edge-1#show platform hardware fed switch active fwd-asic abstraction print-resource-handle 0x7f65ed00f668 1 Handle:0x7f65ed00f668 Res-Type:ASIC_RSC_SI Res-Switch-Num:255 Asic-Num:255 Feature-ID:AL_FID_LISP Lkp-ftr-id:LKP_FEAT_INVALID ref_count:1 priv_ri/priv_si Handle: 0x7f65ed00fd58Hardware Indices/Handles: index0:0xc8 mtu_index/l3u_ri_index0:0x0 index1:0xc8 mtu_index/l3u_ri_index1:0x0 Features sharing this resource:109 (1)] Cookie length: 56 00 00 00 00 00 00 00 00 38 5f 84 ec 0a 2f 01 0d ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Detailed Resource Information (ASIC_INSTANCE# 0) ---------------------------------------- Station Index (SI) [0xc8] <-- Contains the RI and DI RI = 0x2c <-- Rewrite Index contains information for L3 Forwarding DI = 0x5012 <-- Destination Index contains information for the destination port stationTableGenericLabel = 0 stationFdConstructionLabel = 0x7 lookupSkipIdIndex = 0xc rcpServiceId = 0 dejaVuPreCheckEn = 0 Replication Bitmap: LD Detailed Resource Information (ASIC_INSTANCE# 1) ----------------------------------------
Station Index (SI) [0xc8] <-- Contains the RI and DI
RI = 0x2c <-- Rewrite Index contains information for L3 Forwarding
DI = 0x5013 <-- Destination Index contains information for the destination port stationTableGenericLabel = 0 stationFdConstructionLabel = 0x7 lookupSkipIdIndex = 0xc rcpServiceId = 0 dejaVuPreCheckEn = 0 Replication Bitmap: LD ==============================================================
فك ترميز LISP Next-Hop RI
أستخدم RI (0x2c) واستعمل في عرض منصة جهاز تغذية مفتاح نشط مورد FWD-ASIC كل rewrite-index مدى <RI> <RI>
Edge-1#show platform hardware fed switch active fwd-asic resource asic all rewrite-index range 0x2c 0x2c ASIC#:0 RI:44 Rewrite_type:AL_RRM_REWRITE_IPV4_VXLAN_INNER_IPV4_ENCAP(110) Mapped_rii:LVX_L3_ENCAP_L2_PAYLOAD(123) Dst Mac: MAC Addr: ba:25:cd:f4:ad:38, Src IP: 10.47.1.12 <-- Local RLOC Dst IP: 10.47.1.13 <-- RLOC of Edge-2 IPv4 TTL: 0 LISP INSTANCEID: 0 L3IF LE Index: 46 ASIC#:1 RI:44 Rewrite_type:AL_RRM_REWRITE_IPV4_VXLAN_INNER_IPV4_ENCAP(110) Mapped_rii:LVX_L3_ENCAP_L2_PAYLOAD(123) Dst Mac: MAC Addr: ba:25:cd:f4:ad:38,
Src IP: 10.47.1.12 <-- Local RLOC
Dst IP: 10.47.1.13 <-- RLOC of Edge-2 IPv4 TTL: 0 LISP INSTANCEID: 0 L3IF LE Index: 46
فك تشفير LISP Next-Hop di
خذ ال DI (0x5012) واستعمل في عرض منصة جهاز تغذية مفتاح نشط مورد FWD-asic كل غاية-فهرسة مدى <DI> <DI>
Edge-1#show platform hardware fed switch active fwd-asic resource asic all destination-index range 0x5012 0x5012 ASIC#0:
Destination index = 0x5012 DI_RCP_PORT1 <-- Expected, this means the packet is recirculated for VXLAN imposition
pmap = 0x00000000 0x00000000
cmi = 0x0
rcp_pmap = 0x1
al_rsc_cmi
CPU Map Index (CMI) [0]
ctiLo0 = 0
ctiLo1 = 0
ctiLo2 = 0
cpuQNum0 = 0
cpuQNum1 = 0
cpuQNum2 = 0
npuIndex = 0
stripSeg = 0
copySeg = 0
ASIC#1:
Destination index = 0x5012 DI_RCP_PORT1 <-- Expected, this means the packet is recirculated for VXLAN imposition
pmap = 0x00000000 0x00000000
cmi = 0x0
rcp_pmap = 0x0
al_rsc_cmi
CPU Map Index (CMI) [0]
ctiLo0 = 0
ctiLo1 = 0
ctiLo2 = 0
cpuQNum0 = 0
cpuQNum1 = 0
cpuQNum2 = 0
npuIndex = 0
stripSeg = 0
copySeg = 0
فك تشفير LISP Next-Hop ri_hdl
أستخدم_hdl (0x7f65ed00fd58) واستعمل في الأمر show platform hardware fed switch active fwd-asic tracaction print-resource-handle <ri_hdl> 1
Edge-1#show platform hardware fed switch active fwd-asic abstraction print-resource-handle 0x7f65ed00fd58 1 Handle:0x7f65ed00fd58 Res-Type:ASIC_RSC_RI Res-Switch-Num:255 Asic-Num:255 Feature-ID:AL_FID_LISP Lkp-ftr-id:LKP_FEAT_INVALID ref_count:1 priv_ri/priv_si Handle: 0x7f65ed00b618Hardware Indices/Handles: index0:0x2c mtu_index/l3u_ri_index0:0x0 index1:0x2c mtu_index/l3u_ri_index1:0x0 Features sharing this resource:109 (1)] Cookie length: 56 00 00 00 00 00 00 00 00 2e 00 00 00 0a 2f 01 0d ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Detailed Resource Information (ASIC_INSTANCE# 0) ---------------------------------------- ASIC#:0 RI:44 Rewrite_type:AL_RRM_REWRITE_IPV4_VXLAN_INNER_IPV4_ENCAP(110) Mapped_rii:LVX_L3_ENCAP_L2_PAYLOAD(123) Dst Mac: MAC Addr: ba:25:cd:f4:ad:38, Src IP: 10.47.1.12 <-- Local RLOC Dst IP: 10.47.1.13 <-- Edge-2 RLOC IPv4 TTL: 0 LISP INSTANCEID: 0 L3IF LE Index: 46 Detailed Resource Information (ASIC_INSTANCE# 1) ---------------------------------------- ASIC#:1 RI:44 Rewrite_type:AL_RRM_REWRITE_IPV4_VXLAN_INNER_IPV4_ENCAP(110) Mapped_rii:LVX_L3_ENCAP_L2_PAYLOAD(123) Dst Mac: MAC Addr: ba:25:cd:f4:ad:38,
Src IP: 10.47.1.12 <-- Local RLOC
Dst IP: 10.47.1.13 <-- Edge-2 RLOC IPv4 TTL: 0 LISP INSTANCEID: 0 L3IF LE Index: 46 ==============================================================
تضمين التحقق من الخطوة التالية
للوصول إلى LISP Next-hop، هناك مسارين محتملين في الجزء السفلي، يحدث التحقق لواحد، نفس المنطق يطبق في التحقق من الثاني قارن الخطوة التالية.
Edge-1#show ip route 10.47.1.13
Routing entry for 10.47.1.13/32
Known via "isis", distance 115, metric 30, type level-2
Redistributing via isis
Last update from 10.47.1.4 on GigabitEthernet1/0/2, 3d19h ago
Routing Descriptor Blocks:
10.47.1.4, from 10.47.1.13, 3d19h ago, via GigabitEthernet1/0/2
Route metric is 30, traffic share count is 1
* 10.47.1.0, from 10.47.1.13, 3d19h ago, via GigabitEthernet1/0/1
Route metric is 30, traffic share count is 1
للحصول على مزيد من المعلومات حول الخطوات التالية، أستخدم show platform software software software التي تم تغذية المحول ب ip adj نشط
Edge-1#show platform software fed switch active ip adj IPV4 Adj entries dest if_name dst_mac si_hdl ri_hdl pd_flags adj_id Last-modified ---- ------- ------- ------ ------ -------- ------ ------------- 10.47.1.4 GigabitEthernet1/0/2 5254.001c.7de0 0x7f65ec8a5458 0x7f65ec8a4eb8 0x0 0x4c 2023/09/19 17:58:02.150 10.47.1.0 GigabitEthernet1/0/1 5254.000a.42f3 0x7f65ec8b8468 0x7f65ec8b8158 0x0 0x55 2023/09/19 17:58:08.864 <snip>
فك ترميز الخطوة التالية SI_HDL
يمكنك التعامل مع si_hdl (0x7f65ec8a5458) واستخدامها في الأمر show platform hardware fed switch active fwd-asic abstraction print-resource-handle <si_hdl> 1
Edge-1#show platform hardware fed switch active fwd-asic abstraction print-resource-handle 0x7f65ec8a5458 1 Handle:0x7f65ec8a5458 Res-Type:ASIC_RSC_SI Res-Switch-Num:255 Asic-Num:255 Feature-ID:AL_FID_L3_UNICAST_IPV4 Lkp-ftr-id:LKP_FEAT_INVALID ref_count:1 priv_ri/priv_si Handle: 0x7f65ec8a4eb8Hardware Indices/Handles: index0:0xbc mtu_index/l3u_ri_index0:0x0 index1:0xbc mtu_index/l3u_ri_index1:0x0 Features sharing this resource:66 (1)] Cookie length: 56 00 00 00 00 00 00 00 00 26 00 00 00 00 00 00 00 00 00 00 00 08 00 52 54 00 1c 7d e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Detailed Resource Information (ASIC_INSTANCE# 0) ---------------------------------------- Station Index (SI) [0xbc] <-- Contains the RI and DI RI = 0x1a <-- Rewrite index contains information for L3 Forwarding DI = 0x526d <-- Destination index contains information for the destination port stationTableGenericLabel = 0 stationFdConstructionLabel = 0x7 lookupSkipIdIndex = 0 rcpServiceId = 0 dejaVuPreCheckEn = 0 Replication Bitmap: LD Detailed Resource Information (ASIC_INSTANCE# 1) ----------------------------------------
Station Index (SI) [0xbc] <-- Contains the RI and DI
RI = 0x1a <-- Rewrite index contains information for L3 Forwarding
DI = 0x526d <-- Destination index contains information for the destination port stationTableGenericLabel = 0 stationFdConstructionLabel = 0x7 lookupSkipIdIndex = 0 rcpServiceId = 0 dejaVuPreCheckEn = 0 Replication Bitmap: CD ==============================================================
فك تشفير الخطوة التالية ل RI
خذ ال RI (0x1a) واستخدم في الأمر show platform hardware fed مفتاح نشط fwd-asic مورد جميع rewrite-index مدى <RI> <RI>
Edge-1#show platform hardware fed switch active fwd-asic resource asic all rewrite-index range 0x1a 0x1a ASIC#:0 RI:26 Rewrite_type:AL_RRM_REWRITE_L3_UNICAST_IPV4_SHARED(1) Mapped_rii:L3_UNICAST_IPV4(9) <-- Decimal 26 is hex 0x1a MAC Addr: MAC Addr: 52:54:00:1c:7d:e0, <-- MAC Address 5254.001c.7de0 corresponds to the next-hop L3IF LE Index 38 ASIC#:1 RI:26 Rewrite_type:AL_RRM_REWRITE_L3_UNICAST_IPV4_SHARED(1) Mapped_rii:L3_UNICAST_IPV4(9)<-- Decimal 26 is hex 0x1a MAC Addr: MAC Addr: 52:54:00:1c:7d:e0, <-- MAC Address 5254.001c.7de0 corresponds to the next-hop L3IF LE Index 38
فك تشفير الخطوة التالية ل Underlay
خذ ال DI (0x526d) واستعمل في الأمر show platform hardware fed مفتاح نشط fwd-asic مورد كل غاية-index مدى <di> <di>
Edge-1#show platform hardware fed switch active fwd-asic resource asic all destination-index range 0x526d 0x526d ASIC#0: Destination index = 0x526d pmap = 0x00000000 0x00000002 <-- Take decimal 2 and convert to binary, so 0010, and then count this binary right to left zero-based, so Port 1 pmap_intf : [GigabitEthernet1/0/2] cmi = 0x0 rcp_pmap = 0x0 al_rsc_cmi CPU Map Index (CMI) [0] ctiLo0 = 0 ctiLo1 = 0 ctiLo2 = 0 cpuQNum0 = 0 cpuQNum1 = 0 cpuQNum2 = 0 npuIndex = 0 stripSeg = 0 copySeg = 0 ASIC#1: Destination index = 0x526d pmap = 0x00000000 0x00000000 cmi = 0x0 rcp_pmap = 0x0 al_rsc_cmi CPU Map Index (CMI) [0] ctiLo0 = 0 ctiLo1 = 0 ctiLo2 = 0 cpuQNum0 = 0 cpuQNum1 = 0 cpuQNum2 = 0 npuIndex = 0 stripSeg = 0 copySeg = 0
Edge-1#show platform software fed switch active ifm mappings Interface IF_ID Inst Asic Core Port SubPort Mac Cntx LPN GPN Type Active GigabitEthernet1/0/1 0x1a 0 0 0 0 0 1 0 1 1 NIF Y GigabitEthernet1/0/2 0x1b 0 0 0 1 0 2 1 2 2 NIF Y <-- Port 1 maps to Gig1/0/2 GigabitEthernet1/0/3 0xb 0 0 0 2 0 3 2 3 3 NIF Y GigabitEthernet1/0/4 0xc 0 0 0 3 0 4 3 4 4 NIF Y GigabitEthernet1/0/5 0xd 0 0 0 4 0 5 4 5 5 NIF Y GigabitEthernet1/0/6 0xe 0 0 0 5 0 6 5 6 6 NIF Y GigabitEthernet1/0/7 0xf 0 0 0 6 0 7 6 7 7 NIF Y GigabitEthernet1/0/8 0x10 0 0 0 7 0 8 7 8 8 NIF Y
فك ترميز الخطوة التالية ri_hdl
قم بأخذ ال ri_hdl (0x7f65ec8b8158) واستعمل في الأمر show platform hardware fed مفتاح نشط fwd-asic تجريد طباعة-resource-handle <ri_hdl> 1
Edge-1#show platform hardware fed switch active fwd-asic abstraction print-resource-handle 0x7f65ec8b8158 1 Handle:0x7f65ec8b8158 Res-Type:ASIC_RSC_RI Res-Switch-Num:255 Asic-Num:255 Feature-ID:AL_FID_L3_UNICAST_IPV4 Lkp-ftr-id:LKP_FEAT_INVALID ref_count:1 priv_ri/priv_si Handle: 0x7f65ec7a6338Hardware Indices/Handles: index0:0x1b mtu_index/l3u_ri_index0:0x0 index1:0x1b mtu_index/l3u_ri_index1:0x0 Features sharing this resource:66 (1)] Cookie length: 56 00 00 00 00 00 00 00 00 25 00 00 00 00 00 00 00 00 00 00 00 08 00 52 54 00 0a 42 f3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Detailed Resource Information (ASIC_INSTANCE# 0) ---------------------------------------- ASIC#:0 RI:27 Rewrite_type:AL_RRM_REWRITE_L3_UNICAST_IPV4_SHARED(1) Mapped_rii:L3_UNICAST_IPV4(9) MAC Addr: MAC Addr: 52:54:00:0a:42:f3, L3IF LE Index 37 Detailed Resource Information (ASIC_INSTANCE# 1) ---------------------------------------- ASIC#:1 RI:27 Rewrite_type:AL_RRM_REWRITE_L3_UNICAST_IPV4_SHARED(1) Mapped_rii:L3_UNICAST_IPV4(9) MAC Addr: MAC Addr: 52:54:00:0a:42:f3, L3IF LE Index 37 ==============================================================
يتم تضمين الحزم في شبكة VXLAN وإرسالها استنادا إلى قواعد موازنة الأحمال. يمكن إستخدام التقاط الحزمة المضمنة (EPC) لالتقاط حركة مرور البيانات على جميع الواجهات في نفس الوقت. تذكر عند هذه النقطة أن الحزمة هي VXLAN مضمن، ال EPC مرشح ينبغي كنت مقابل RLOC إلى RLOC، لا داخلي IPv4 عنوان.
Edge-1#monitor capture 1 interface range g1/0/1-2 out match ipv4 host 10.47.1.12 host 10.47.1.13 Edge-1#monitor capture 1 start Started capture point : 1 Edge-1# Edge-1#monitor capture 1 stop Capture statistics collected at software: Capture duration - 18 seconds Packets received - 4 Packets dropped - 0 Packets oversized - 0 Number of Bytes dropped at asic not collected Capture buffer will exists till exported or cleared Stopped capture point : 1
Edge-1#show monitor capture 1 buffer brief Starting the packet display ........ Press Ctrl + Shift + 6 to exit 1 0.000000 10.47.4.2 -> 10.47.10.2 ICMP 148 Echo (ping) request id=0x0046, seq=0/0, ttl=63 2 0.980849 10.47.4.2 -> 10.47.10.2 ICMP 148 Echo (ping) request id=0x0046, seq=1/256, ttl=63 3 1.984077 10.47.4.2 -> 10.47.10.2 ICMP 148 Echo (ping) request id=0x0046, seq=2/512, ttl=63 4 2.999989 10.47.4.2 -> 10.47.10.2 ICMP 148 Echo (ping) request id=0x0046, seq=3/768, ttl=63
Edge-1#show monitor capture 1 buffer detailed Starting the packet display ........ Press Ctrl + Shift + 6 to exit Frame 1: 148 bytes on wire (1184 bits), 148 bytes captured (1184 bits) on interface /tmp/epc_ws/wif_to_ts_pipe, id 0 Interface id: 0 (/tmp/epc_ws/wif_to_ts_pipe) Interface name: /tmp/epc_ws/wif_to_ts_pipe Encapsulation type: Ethernet (1) Arrival Time: Oct 11, 2023 16:50:52.262553000 UTC [Time shift for this packet: 0.000000000 seconds] Epoch Time: 1697043052.262553000 seconds [Time delta from previous captured frame: 0.000000000 seconds] [Time delta from previous displayed frame: 0.000000000 seconds] [Time since reference or first frame: 0.000000000 seconds] Frame Number: 1 Frame Length: 148 bytes (1184 bits) Capture Length: 148 bytes (1184 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:udp:vxlan:eth:ethertype:ip:icmp:data] Ethernet II, Src: 00:00:00:00:00:00 (00:00:00:00:00:00), Dst: 00:00:00:00:00:00 (00:00:00:00:00:00) <-- EPC does not capture L3 rewrite on egress properly, this is OK Destination: 00:00:00:00:00:00 (00:00:00:00:00:00) Address: 00:00:00:00:00:00 (00:00:00:00:00:00) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: 00:00:00:00:00:00 (00:00:00:00:00:00) Address: 00:00:00:00:00:00 (00:00:00:00:00:00) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 10.47.1.12, Dst: 10.47.1.13 <-- RLOC to RLOC 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 134 Identification: 0x1d6f (7535) Flags: 0x4000, Don't fragment 0... .... .... .... = Reserved bit: Not set .1.. .... .... .... = Don't fragment: Set ..0. .... .... .... = More fragments: Not set Fragment offset: 0 Time to live: 64 Protocol: UDP (17) Header checksum: 0x0682 [validation disabled] [Header checksum status: Unverified] Source: 10.47.1.12 Destination: 10.47.1.13 User Datagram Protocol, Src Port: 65354, Dst Port: 4789 Source Port: 65354 Destination Port: 4789 Length: 114 [Checksum: [missing]] [Checksum Status: Not present] [Stream index: 0] [Timestamps] [Time since first frame: 0.000000000 seconds] [Time since previous frame: 0.000000000 seconds] Virtual eXtensible Local Area Network Flags: 0x8800, GBP Extension, VXLAN Network ID (VNI) 1... .... .... .... = GBP Extension: Defined .... .... .0.. .... = Don't Learn: False .... 1... .... .... = VXLAN Network ID (VNI): True .... .... .... 0... = Policy Applied: False .000 .000 0.00 .000 = Reserved(R): 0x0000 Group Policy ID: 0 VXLAN Network Identifier (VNI): 4099 <-- LISP L3 IID Reserved: 0 Ethernet II, Src: 00:00:00:00:61:00 (00:00:00:00:61:00), Dst: ba:25:cd:f4:ad:38 (ba:25:cd:f4:ad:38) <-- Dummy Ethernet header for VXLAN Destination: ba:25:cd:f4:ad:38 (ba:25:cd:f4:ad:38) Address: ba:25:cd:f4:ad:38 (ba:25:cd:f4:ad:38) .... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: 00:00:00:00:61:00 (00:00:00:00:61:00) Address: 00:00:00:00:61:00 (00:00:00:00:61:00) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 10.47.4.2, Dst: 10.47.10.2 <-- True IPv4 addresses 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 84 Identification: 0x92f6 (37622) Flags: 0x4000, Don't fragment 0... .... .... .... = Reserved bit: Not set .1.. .... .... .... = Don't fragment: Set ..0. .... .... .... = More fragments: Not set Fragment offset: 0 Time to live: 63 Protocol: ICMP (1) Header checksum: 0x8651 [validation disabled] [Header checksum status: Unverified] Source: 10.47.4.2 Destination: 10.47.10.2 Internet Control Message Protocol Type: 8 (Echo (ping) request) Code: 0 Checksum: 0xa383 [correct] [Checksum Status: Good] Identifier (BE): 70 (0x0046) Identifier (LE): 17920 (0x4600) Sequence number (BE): 0 (0x0000) Sequence number (LE): 0 (0x0000) Data (56 bytes) 0000 78 1e dc 17 00 00 00 00 00 00 00 00 00 00 00 00 x............... 0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0030 00 00 00 00 00 00 00 00 ........ Data: 781edc170000000000000000000000000000000000000000b^@& [Length: 56]
تصل حزمة VXLAN المغلفة إلى edge-2:
Edge-2#monitor capture 1 interface range g1/0/1-2 in match ipv4 host 10.47.1.12 host 10.47.1.13 Edge-2#monitor capture 1 start Started capture point : 1 Edge-2#monitor capture 1 stop Capture statistics collected at software: Capture duration - 7 seconds Packets received - 6 Packets dropped - 0 Packets oversized - 0 Number of Bytes dropped at asic not collected Capture buffer will exists till exported or cleared Stopped capture point : 1
Edge-2#show monitor capture 1 buffer brief Starting the packet display ........ Press Ctrl + Shift + 6 to exit 1 0.000000 10.47.4.2 -> 10.47.10.2 ICMP 148 Echo (ping) request id=0x0047, seq=0/0, ttl=63 2 0.007826 10.47.4.2 -> 10.47.10.2 ICMP 148 Echo (ping) request id=0x0047, seq=0/0, ttl=63 3 0.086345 10.47.4.2 -> 10.47.10.2 ICMP 148 Echo (ping) request id=0x0047, seq=1/256, ttl=63 4 0.097490 10.47.4.2 -> 10.47.10.2 ICMP 148 Echo (ping) request id=0x0047, seq=1/256, ttl=63 5 1.150969 10.47.4.2 -> 10.47.10.2 ICMP 148 Echo (ping) request id=0x0047, seq=2/512, ttl=63 6 1.163817 10.47.4.2 -> 10.47.10.2 ICMP 148 Echo (ping) request id=0x0047, seq=2/512, ttl=63
Edge-2#show monitor capture 1 buffer detailed Starting the packet display ........ Press Ctrl + Shift + 6 to exit Frame 1: 148 bytes on wire (1184 bits), 148 bytes captured (1184 bits) on interface /tmp/epc_ws/wif_to_ts_pipe, id 0 Interface id: 0 (/tmp/epc_ws/wif_to_ts_pipe) Interface name: /tmp/epc_ws/wif_to_ts_pipe Encapsulation type: Ethernet (1) Arrival Time: Oct 11, 2023 16:58:12.702159000 UTC [Time shift for this packet: 0.000000000 seconds] Epoch Time: 1697043492.702159000 seconds [Time delta from previous captured frame: 0.000000000 seconds] [Time delta from previous displayed frame: 0.000000000 seconds] [Time since reference or first frame: 0.000000000 seconds] Frame Number: 1 Frame Length: 148 bytes (1184 bits) Capture Length: 148 bytes (1184 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:udp:vxlan:eth:ethertype:ip:icmp:data] Ethernet II, Src: 52:54:00:0a:42:11 (52:54:00:0a:42:11), Dst: 52:54:00:17:fe:65 (52:54:00:17:fe:65) <-- True MAC addresses post L3 rewrite Destination: 52:54:00:17:fe:65 (52:54:00:17:fe:65) Address: 52:54:00:17:fe:65 (52:54:00:17:fe:65) .... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: 52:54:00:0a:42:11 (52:54:00:0a:42:11) Address: 52:54:00:0a:42:11 (52:54:00:0a:42:11) .... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 10.47.1.12, Dst: 10.47.1.13 <-- RLOC to RLOC 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 134 Identification: 0x1d7b (7547) Flags: 0x4000, Don't fragment 0... .... .... .... = Reserved bit: Not set .1.. .... .... .... = Don't fragment: Set ..0. .... .... .... = More fragments: Not set Fragment offset: 0 Time to live: 62 Protocol: UDP (17) Header checksum: 0x0876 [validation disabled] [Header checksum status: Unverified] Source: 10.47.1.12 Destination: 10.47.1.13 User Datagram Protocol, Src Port: 65354, Dst Port: 4789 Source Port: 65354 Destination Port: 4789 Length: 114 [Checksum: [missing]] [Checksum Status: Not present] [Stream index: 0] [Timestamps] [Time since first frame: 0.000000000 seconds] [Time since previous frame: 0.000000000 seconds] Virtual eXtensible Local Area Network Flags: 0x8800, GBP Extension, VXLAN Network ID (VNI) 1... .... .... .... = GBP Extension: Defined .... .... .0.. .... = Don't Learn: False .... 1... .... .... = VXLAN Network ID (VNI): True .... .... .... 0... = Policy Applied: False .000 .000 0.00 .000 = Reserved(R): 0x0000 Group Policy ID: 0 VXLAN Network Identifier (VNI): 4099 <-- LISP L3 IID Reserved: 0 Ethernet II, Src: 00:00:00:00:61:00 (00:00:00:00:61:00), Dst: ba:25:cd:f4:ad:38 (ba:25:cd:f4:ad:38) <-- Dummy Ethernet header for VXLAN Destination: ba:25:cd:f4:ad:38 (ba:25:cd:f4:ad:38) Address: ba:25:cd:f4:ad:38 (ba:25:cd:f4:ad:38) .... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: 00:00:00:00:61:00 (00:00:00:00:61:00) Address: 00:00:00:00:61:00 (00:00:00:00:61:00) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 10.47.4.2, Dst: 10.47.10.2 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 84 Identification: 0x1abb (6843) Flags: 0x4000, Don't fragment 0... .... .... .... = Reserved bit: Not set .1.. .... .... .... = Don't fragment: Set ..0. .... .... .... = More fragments: Not set Fragment offset: 0 Time to live: 63 Protocol: ICMP (1) Header checksum: 0xfe8c [validation disabled] [Header checksum status: Unverified] Source: 10.47.4.2 Destination: 10.47.10.2 Internet Control Message Protocol Type: 8 (Echo (ping) request) Code: 0 Checksum: 0x044f [correct] [Checksum Status: Good] Identifier (BE): 71 (0x0047) Identifier (LE): 18176 (0x4700) Sequence number (BE): 0 (0x0000) Sequence number (LE): 0 (0x0000) Data (56 bytes) 0000 e8 37 0b 32 00 00 00 00 00 00 00 00 00 00 00 00 .7.2............ 0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0030 00 00 00 00 00 00 00 00 ........ Data: e8370b320000000000000000000000000000000000000000b^@& [Length: 56]
يزيل Edge-2 رأس شبكة VXLAN ويراجع جدول ARP الخاص به لإعادة توجيه طلب ICMP نحو 10.47.10.2
Edge-2#show ip cef vrf red_vn 10.47.10.2 10.47.10.2/32 nexthop 10.47.10.2 Vlan1028
Edge-2#show platform software fed switch active ip adj IPV4 Adj entries dest if_name dst_mac si_hdl ri_hdl pd_flags adj_id Last-modified ---- ------- ------- ------ ------ -------- ------ ------------- 10.47.10.2 Vlan1028 5254.0002.cbf5 0x7f5744f89988 0x7f5744f8afa8 0x0 0x26 2023/10/09 18:57:59.026
<snip>
فك ترميز نقطة النهاية si_hdl
يمكنك التعامل مع si_hdl (0x7f5744f8988) واستخدامها في show platform hardware fed switch active fwd-asic abstraction print-resource-handle <si_hdl> 1
Edge-2#show platform hardware fed switch active fwd-asic abstraction print-resource-handle 0x7f5744f89988 1 Handle:0x7f5744f89988 Res-Type:ASIC_RSC_SI Res-Switch-Num:255 Asic-Num:255 Feature-ID:AL_FID_L3_UNICAST_IPV4 Lkp-ftr-id:LKP_FEAT_INVALID ref_count:2 priv_ri/priv_si Handle: 0x7f5744f8afa8Hardware Indices/Handles: index0:0xc8 mtu_index/l3u_ri_index0:0x0 index1:0xc8 mtu_index/l3u_ri_index1:0x0 Features sharing this resource:66 (1)] 57 (1)] Cookie length: 56 00 00 00 00 00 00 00 00 04 04 00 00 00 00 00 00 00 00 00 00 07 00 52 54 00 02 cb f5 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Detailed Resource Information (ASIC_INSTANCE# 0) ---------------------------------------- Station Index (SI) [0xc8] <-- Station Index contains RI and DI RI = 0x2c <-- Rewrite Index contains information for L2 Forwarding DI = 0x526e <-- Rewrite Index contains destination port information stationTableGenericLabel = 0 stationFdConstructionLabel = 0x7 lookupSkipIdIndex = 0 rcpServiceId = 0 dejaVuPreCheckEn = 0x1 Replication Bitmap: LD Detailed Resource Information (ASIC_INSTANCE# 1) ----------------------------------------
Station Index (SI) [0xc8] <-- Station Index contains RI and DI
RI = 0x2c <-- Rewrite Index contains information for L2 Forwarding
DI = 0x526e <-- Rewrite Index contains destination port information stationTableGenericLabel = 0 stationFdConstructionLabel = 0x7 lookupSkipIdIndex = 0 rcpServiceId = 0 dejaVuPreCheckEn = 0x1 Replication Bitmap: CD ==============================================================
فك ترميز نقطة النهاية
قم بأخذ RI (0x2c) واستعمل في الأمر show platform hardware fed مفتاح نشط fwd-asic مورد جميع rewrite-index مدى <RI> <RI>
Edge-2#show platform hardware fed switch active fwd-asic resource asic all rewrite-index range 0x2c 0x2c ASIC#:0 RI:44 Rewrite_type:AL_RRM_REWRITE_L3_UNICAST_IPV4_SHARED(1) Mapped_rii:L3_UNICAST_IPV4(9) <-- Decimal 44 is hex 0x2c MAC Addr: MAC Addr: 52:54:00:02:cb:f5, <-- MAC Address 5254.0002.cbf5 is 10.47.10.2 L3IF LE Index 50 ASIC#:1 RI:44 Rewrite_type:AL_RRM_REWRITE_L3_UNICAST_IPV4_SHARED(1) Mapped_rii:L3_UNICAST_IPV4(9) <-- Decimal 44 is hex 0x2c MAC Addr: MAC Addr: 52:54:00:02:cb:f5,<-- MAC Address 5254.0002.cbf5 is 10.47.10.2 L3IF LE Index 50
فك ترميز نقطة النهاية
خذ ال DI (0x526e) واستعمل في عرض منصة جهاز تغذية مفتاح نشط مورد FWD-asic كل غاية-فهرسة مدى <di> <di>
Edge-2#show platform hardware fed switch active fwd-asic resource asic all destination-index range 0x526e 0x526e ASIC#0: Destination index = 0x526e pmap = 0x00000000 0x00000010 <-- Convert 10 into binary, 0001 and 0000, so 00010000, and count from right to left, zero-based, so Port 4 pmap_intf : [GigabitEthernet1/0/5] cmi = 0x0 rcp_pmap = 0x0 al_rsc_cmi CPU Map Index (CMI) [0] ctiLo0 = 0 ctiLo1 = 0 ctiLo2 = 0 cpuQNum0 = 0 cpuQNum1 = 0 cpuQNum2 = 0 npuIndex = 0 stripSeg = 0 copySeg = 0 ASIC#1: Destination index = 0x526e pmap = 0x00000000 0x00000000 cmi = 0x0 rcp_pmap = 0x0 al_rsc_cmi CPU Map Index (CMI) [0] ctiLo0 = 0 ctiLo1 = 0 ctiLo2 = 0 cpuQNum0 = 0 cpuQNum1 = 0 cpuQNum2 = 0 npuIndex = 0 stripSeg = 0 copySeg = 0
Edge-2#show platform software fed switch active ifm mappings Interface IF_ID Inst Asic Core Port SubPort Mac Cntx LPN GPN Type Active GigabitEthernet1/0/1 0x1a 0 0 0 0 0 1 0 1 1 NIF Y GigabitEthernet1/0/2 0x1b 0 0 0 1 0 2 1 2 2 NIF Y GigabitEthernet1/0/3 0xb 0 0 0 2 0 3 2 3 3 NIF Y GigabitEthernet1/0/4 0xc 0 0 0 3 0 4 3 4 4 NIF Y GigabitEthernet1/0/5 0xd 0 0 0 4 0 5 4 5 5 NIF Y <-- Port 4 corresponds to Gig1/0/5 GigabitEthernet1/0/6 0xe 0 0 0 5 0 6 5 6 6 NIF Y GigabitEthernet1/0/7 0xf 0 0 0 6 0 7 6 7 7 NIF Y GigabitEthernet1/0/8 0x10 0 0 0 7 0 8 7 8 8 NIF Y
يزيل Edge-2 الربط ويرسله نحو واجهة المخرج حيث HOST-03 يكون ربطت إلى:
Edge-2#monitor capture 1 interface g1/0/5 out match ipv4 host 10.47.4.2 host 10.47.10.2 Edge-2#monitor capture 1 start Started capture point : 1 Edge-2#monitor capture 1 stop Capture statistics collected at software: Capture duration - 6 seconds Packets received - 3 Packets dropped - 0 Packets oversized - 0 Number of Bytes dropped at asic not collected Capture buffer will exists till exported or cleared Stopped capture point : 1
Edge-2#show monitor capture 1 buffer brief Starting the packet display ........ Press Ctrl + Shift + 6 to exit 1 0.000000 10.47.4.2 -> 10.47.10.2 ICMP 106 Echo (ping) request id=0x0048, seq=0/0, ttl=62 2 0.984985 10.47.4.2 -> 10.47.10.2 ICMP 106 Echo (ping) request id=0x0048, seq=1/256, ttl=62 3 1.985357 10.47.4.2 -> 10.47.10.2 ICMP 106 Echo (ping) request id=0x0048, seq=2/512, ttl=62
Edge-2#show monitor capture 1 buffer detailed Starting the packet display ........ Press Ctrl + Shift + 6 to exit Frame 1: 106 bytes on wire (848 bits), 106 bytes captured (848 bits) on interface /tmp/epc_ws/wif_to_ts_pipe, id 0 Interface id: 0 (/tmp/epc_ws/wif_to_ts_pipe) Interface name: /tmp/epc_ws/wif_to_ts_pipe Encapsulation type: Ethernet (1) Arrival Time: Oct 11, 2023 17:22:20.730331000 UTC [Time shift for this packet: 0.000000000 seconds] Epoch Time: 1697044940.730331000 seconds [Time delta from previous captured frame: 0.000000000 seconds] [Time delta from previous displayed frame: 0.000000000 seconds] [Time since reference or first frame: 0.000000000 seconds] Frame Number: 1 Frame Length: 106 bytes (848 bits) Capture Length: 106 bytes (848 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:cmd:ethertype:ip:icmp:data] Ethernet II, Src: 00:00:00:00:61:00 (00:00:00:00:61:00), Dst: ff:ff:ff:ff:ff:ff (ff:ff:ff:ff:ff:ff) <-- Dummy Ethernet header, EPC does not capture it properly Destination: ff:ff:ff:ff:ff:ff (ff:ff:ff:ff:ff:ff) Address: ff:ff:ff:ff:ff:ff (ff:ff:ff:ff:ff:ff) .... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default) .... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast) Source: 00:00:00:00:61:00 (00:00:00:00:61:00) Address: 00:00:00:00:61:00 (00:00:00:00:61:00) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: CiscoMetaData (0x8909) Cisco MetaData Version: 1 Length: 1 Options: 0x0001 SGT: 0 Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 10.47.4.2, Dst: 10.47.10.2 <-- True IP addresses 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 84 Identification: 0x35e4 (13796) Flags: 0x4000, Don't fragment 0... .... .... .... = Reserved bit: Not set .1.. .... .... .... = Don't fragment: Set ..0. .... .... .... = More fragments: Not set Fragment offset: 0 Time to live: 62 Protocol: ICMP (1) Header checksum: 0xe463 [validation disabled] [Header checksum status: Unverified] Source: 10.47.4.2 Destination: 10.47.10.2 Internet Control Message Protocol Type: 8 (Echo (ping) request) Code: 0 Checksum: 0x2693 [correct] [Checksum Status: Good] Identifier (BE): 72 (0x0048) Identifier (LE): 18432 (0x4800) Sequence number (BE): 0 (0x0000) Sequence number (LE): 0 (0x0000) Data (56 bytes) 0000 69 9c 67 88 00 00 00 00 00 00 00 00 00 00 00 00 i.g............. 0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0030 00 00 00 00 00 00 00 00 ........ Data: 699c67880000000000000000000000000000000000000000b^@& [Length: 56]
محفوظات المراجعة
| المراجعة | تاريخ النشر | التعليقات |
|---|---|---|
1.0 |
12-Oct-2023 |
الإصدار الأولي |
التعليقات