Intricate network topology often uses lldb to view neighbor switches to quickly locate the position of the network device in the entire topology map. We're not limited to switch-to-switch.
Let's share a pit that I encountered and a solution! There is such a case.
A terminal cannot obtain an address, but there is already temporary communication on the network segment of 169.254, indicating that the physical layer is normal, because often the terminal is set to DCHP to obtain IP, but the terminal cannot find the DHCP server in the network, and often gives Such addresses are used for temporary communications.
When we encounter such a problem, we must first check whether the MAC address has been learned. We check whether the MAC address has been learned through command screening on the core switch.
[TEST]dis arp | in 8bca //筛选arp表中含有MAC地址是,8bca的地址
我们做此项的目的,如果可以学到MAC,那么很有可能是地址池的问题;
如果不能学到,说明低层至上的网络层可能不通。可能是vlan的原因,也可能是其他的原因。Found, and no results. At this time, we need to query the black hole MAC table again to see if the MAC is blocked.
[TEST]dis mac-address blackhole //查询黑洞MAC表
我们做此操作的目的是,是否MAC被拉黑,以至于无法通信Still, if there is no query, then we have to suspect the following data link layer, whether there is an error in the VLAN configuration. If we know the switch and interface where the terminal is located, we can directly check whether the port configuration is different from others.
However, our network cable management is too messy and not neat, so we did not find this port.
[TEST]dis cu in g 0/0/1 //查询G0/0/1端口的配置
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 10
stp edged-port enable
#
return
[TEST]If there is no query, we can use a switch to insert the network cable that cannot obtain the IP into a switch, and then use LLDB to quickly find neighbors, where the terminal was originally connected to the switch.
TIP: Haha, it’s me. The line finder was looking for the line. The small cabinet on the first floor was buzzing, which misled me. Finally, I tried to use the terminal to connect to the switch. The LLDB method was used to query the peer switch. It turned out that it was on the fourth floor. Find the switch where the terminal is located in the cabinet. I still don't understand why the network cable on the first floor will ring. Might be the reason for walking the bridge together?
[TEST]dis ll n brief
Local Intf Neighbor Dev Neighbor Intf Exptime
GE0/0/1 OA-OFFICE GE0/0/1 114
[TEST]
我们发现,本地的G0/0/1端口,接了名字为OA-OFFICE的交换机的G1/0/1口
华三的交换机我们可以使用命令,
dis lldp neighbor interface g0/0/1 ver 查看到对端交换机的管理地址,然后可以telnetThen we logged in, the switch, and found that the vlan configuration was incorrect, and the IP could be obtained normally after modification.
Note: Our terminal interface is configured with edge port protection, that is, stp edge-port, so we must pay special attention when configuring. The port connected to the test switch must close the STP service, otherwise the port sends BPDU messages to the opposite end, which will make the The peer ACCESS port loses the edge attribute and is DOWN. At this time, I want to cry but have no tears. I can't see the neighbor~
In this example, we can use the network cable connected to the terminal to connect to the switch, so as to quickly find the access switch and solve the problem.