Beruflich Dokumente
Kultur Dokumente
Maintenance Experience
Bimonthly for Data Products
No.17 Issue 219, June 2010
Maintenance Experience
Editorial Committee
Director: Qiu Weizhao
Deputy Director: Chen Jianzhou
Editors:
Fang Xi, Wang Zhaozheng, Xu Xinyong,
Xiao Shuqing, Zhang Jian, Zhang Jiebin,
Zhou Guifeng, Zhao Cen, Zhao Haitao, Jiang
Haijun, Xu Zhijun, Huang Ying, Ge Jun, Dong
Yemin, Dong Wenbin
Technical Senior Editors:
Hu Jia, Tao Minjuan, Zhang Jianping
Executive Editor:
Zhang Fan
Maintenance Experience
Newsroom
Address: ZTE Plaza, No.55, Hi-tech Road
Contents
June 2010
Issue 219
LACP Principle
IEEE 802.3ad-based Link Aggregation
Control Protocol (LACP) is a protocol for
dynamic aggregation of links. LACP uses
Link Aggregation Control Protocol Data
Units (LACPDUs) to interact with peer
devices.
When LACP is enabled on an
interface, the interface will send
Configuration Description
A ZXR10 8902 switch interconnects with its
peer device through the optical interface gei_1/23.
Th i s o p ti c a l i n te r fa c e i s i n V L A N 2 0 0 a n d
SmartGroup 1.
The LACP mode is in Active mode (it is
peer).
Maintenance Experience
Configuration Procedure
1. C r e a t e S m a r t G r o u p 1 a n d e n t e r
SmartGroup 1 configuration mode.
www.zte.com.cn
ZXR10-8902(config)#interface smartgroup1
ZXR10-8902(config-smartgroup1)#
4. Enter interface gei_1/23 and set the mode of this interface to Trunk.
ZXR10-8902(config)#interface gei_1/23
5. Add the interface gei_1/23 to SmartGroup 1, and set the working mode to Active (it is
necessary to negotiate this parameter with the peer).
ZXR10-8902(config-gei_1/23)#smartgroup 1 mode active
After the configuration, users can view the interface state and LACP
state.
interface gei_1/23
out_index 25
hybrid-attribute fiber
negotiation auto
end
Agg
State
Pri priority
Port
Inter
Port
Pri
Oper
Key
Port
State
RX
Machine
Mux
Machine
------------------------------------------------------------------gei_1/23
active
30
32768
0x111
0x3d
current
distributing
Data Products
June 2010
Issue 219
Malfunction Situation
The network topology of CNC in a city
Malfunction Analysis
1. Engineers checked the system configuration
and running state of UAS 10600. They found
no exceptions except that there were a lot of
broadcast packets received on the Layer 2 user
port connecting to 8512 per second.
2. To make sure that the large amount of
broadcast packets were not caused by network
factors such as virus, and to improve network
security, engineers configured an ACL on the 8512
Figure 1. Network Topology
Maintenance Experience
www.zte.com.cn
online.
segment 192.168.211.1/24.
Solution
Engineers informed the operation
192.168.210.1/23.
more.
Detination/Mask
Protocol
Pre
Cost
Nexthop
Interface
192.168.210.0/23
OSPF
10
11
10.10.239.146
Vlan-interface 4071
192.168.211.0/24
O_ASE
150
1001
10.10.239.137
Vlan-interface4096
Data Products
June 2010
Issue 219
Malfunction Situation
On a network, a ZTE GER router
pos3_2/1 is up,
shown in Figure 1.
Malfunction Analysis
Figure 1. Network Topology
192.168.10.30
255.255.255.252
Maintenance Experience
www.zte.com.cn
GER is 32.
flag C2 <number>
take effect.
Hex Value
flag J0 <number>
J0 belongs to the SOH byte. It is used
00
Unequipped.
01
Equipped-non-specific payload.
02
supported).
04
12
03
13
14
15
16
cell mapping.
CF
E1-FC
FE
FF
G.707).
Alarm Indication Signal (AIS).
Data Products
June 2010
Issue 219
The link layer protocol was up, and the two devices
Summary
Solution
ZTE
Maintenance Experience
Huawei
CISCO
mtu
1500
1500
4096
CRC
32
32
16
Scrambling
scrambling
scrambling
No scrambling
C2
0x16
0x16
0xCF
S1S0
J0
0xCC
Clock source
Internal
Framing
Sonet
Encapsulation
2
0xCC
Line
SDH
HDLC
www.zte.com.cn
Malfunction Description
VRRP ran between the routers and between
the firewalls. The devices interacted with VRRP
protocol packets through the specific heart
beaten line interfaces and were not affected by
the different segments on the heart beaten line
interfaces. When the optical fibers between the
Juniper firewalls and the T64E routers were
single-pass, as shown in Figure 1, the service
communication between the client connecting to
the firewalls and the server was interrupted.
Interface
12
10.134.64.155
gei_1/3.3
N
gei_1/4.13
Y
13
gei_1/4.11
Y
gei_1/3.2
Y
gei_1/3.1
Y
130 14.492
130 14.492
130 14.492
Master 172.16.1.161
172.16.1.163
N
11
Master 10.7.29.153
10.7.29.155
N
130 8.492
Master 192.168.1.153
192.168.1.155
N
130 14.492
Master 192.168.1.161
192.168.1.163
N
130 14.492
Master 10.134.64.153
Master 10.7.29.161
10.7.29.163
Malfunction Analysis
1. Engineers logged into R1 to check the VRRP
state, as shown below:
R1#show vrrp brief
Master total: 9
Data Products
June 2010
Issue 219
line protocol is
Description is TO_XHP-JUNIPER1_gei_1/1
Solution
Summary
For VRRP routers, only the Master
router is responsible for forwarding the
implemented.
3. Another method is to add a switch. Figure
2 shows a typical network architecture. It is
recommended to use this method.
10
Maintenance Experience
www.zte.com.cn
Network Topology
The broadband access network of a service
provider used ZTE GER/UAS10600/T40G/
FASP9800 network structure. The network topology
Data Products
11
June 2010
Issue 219
management:
interface vbui11
H o w e v e r, i t w a s o n l y p o s s i b l e
shown below:
Maintenance Experience
12
/*ping
192.168.10.2,timeout is 2 seconds.
!!!!!
/*
192.168.11.2,timeout is 2 seconds.
!!!!!
www.zte.com.cn
was no alarm.
management interface.
Malfunction Situation
Summary
On UAS 10600 or UAS 10800E,
IP address.
normal.
Solution
Data Products
13
June 2010
Issue 219
Malfunction Situation
Malfunction Analysis
200 ms.
200 ms.
Engineers executed show process command to
ZXR103952#show process
M: Master processor
S: Slave processor
34.662%
Panel
1
22%
14
Maintenance Experience
22%
Peak CPU
33%
PhyMem
256
Buffer
0%
www.zte.com.cn
ZXR103952#show ip traffic
IP statistics:
checksum errors
unknown protocol
0
Frags:reassembled
0
timeouts
couldn't reassemble
switch.
05:17:27
IP
ICMP:sent
type
time
exceeded,
code
0,
src
05:17:28
IP
ICMP:sent
type
time
exceeded,
code
0,
src
05:17:29
IP
ICMP:sent
type
time
exceeded,
code
0,
src
05:17:30
IP
ICMP:sent
type
time
exceeded,
code
0,
src
05:17:40
IP
ICMP:sent
type
time
exceeded,
code
0,
src
172.16.237.118,dst 123.55.214.19
172.16.237.118,dst 192.168.33.54
172.16.237.118,dst 192.168.33.54
172.16.237.118,dst 123.55.214.19
172.16.237.118,dst 58.215.81.76
as shown below:
Data Products
15
June 2010
Issue 219
10.10.74.9(vlan2)
below:
1 172.16.237.117
260 ms
220 ms
2 172.16.237.118
240 ms
240 ms
on the router*/
Summary
switch
source address.
Maintenance Experience
240 ms
Solutions
16
220 ms
www.zte.com.cn
Malfunction Situation
The network topology is shown in Figure 1. As
Malfunction Analysis
The two CISCO 6513 in machine room 1
enabled HSRP protocol to work as the gateway
of the base stations. T64G only executed Layer 2
transparent transmission. Services run properly
before the capability extension.
After the capability extension, the group of
the devices in machine room 2 also used HSRP
protocol to work as the gateway. Some sites
Data Products
17
June 2010
Issue 219
10
key-string HSRP
###connected
T64G_2_GEI_1/18###
ip
address
255.255.255.0
to
10.10.25.252
standby version 2
CISCO6513.
At the base station side, CISCO6513
connected to the base stations through
direct-connected segments. They could
ping each other successfully. Engineers
checked the ARP entries. There were ARP
entries to the base stations, but they were
not steady and were learnt repeatedly and
discontinuously. Therefore, there were
some problems.
3. Engineers checked ZXR10 T64G
switches. They found that there were a lot
of alarms indicating MAC address drifting.
The MAC address was the virtual MAC of
the HSRP gateway on the base stations.
4. Engineers checked the HSRP
configuration of Layer 3 VLAN on
CISCO6513.
The related configuration on
CISCO6513 in machine room 1 is shown
below:
10
key-string HSRP
Solution
Engineers modified the related configuration
of the HSRP group number on the same Layer
3 interfaces. The services were recovered. The
coupling from some 2G and 3G base stations to
interface Vlan25
description ###connected to
ip
T64G_1_GEI_1/18 ###
address
255.255.255.0
10.9.25.252
standby version 2
Maintenance Experience
intermittent.
18
www.zte.com.cn
Malfunction Situation
At present, for the VPN configuration on ZXR10
T128/T64E of Version 2.6.02 or previous versions,
usually ACL is configured to control the generation
of labels, as shown below:
mpls ip
distribute labels.
The new label is ready, but restarting
the MPLS process will interrupt the
services.
Therefore, it is necessary to configure
mpls ldp access-fec host-routeonly command during the MPLS VPN
configuration.
This command is to generate labels
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
Solution
previous versions,
device.
Data Products
19
June 2010
Issue 219
labels.
versions.
Malfunction Situation
20
Maintenance Experience
www.zte.com.cn
Malfunction Analysis
1. Engineers checked the devices. The fault did
exist.
Data Products
21
June 2010
Issue 219
Maintenance Experience
as described below:
Solution
22
domain?
www.zte.com.cn
Network Topology
As shown in Figure 2, ZXR10 T1200 worked as
a P device. ZXR10 T64E worked as a PE device,
and users connecting to ZXR10 T64E could access
Internet properly. GER worked as a PE device, and
users connecting to GER could only open baidu. They
could not open other portals, such as sina, sohu, and
so on.
echos to 10.6.0.13,timeout is
1 seconds.
...........
Success
percent(0/11).
rate
is
Malfunction Analysis
1.
NE40*/
Data Products
23
June 2010
Issue 219
uplink-valid.
discarded.
Solution
Maintenance Experience
one MPLS label, that is, the VPN label. As a result, the
24
Summary
listed below:
forwarded.
www.zte.com.cn
Network Topology
The network topology is shown in Figure 1.
interface fei_1/1
interface fei_1/2
mpls ip
mpls
ldp
61.139.36.33
target-session
is shown below:
pwtype ethernet-vlan
peer 61.139.36.33
interface loopback 1
255.255.255.255
61.139.36.34
pwtype ethernet-vlan
peer 61.139.36.34
interface loopback 1
ip address 61.139.36.33
255.255.255.255
address
255.255.255.252
59.43.1.2
vcid 200
address
vcid 200
mpls ip
vfi test
ip
vfi test
interface fei_1/1
interface fei_1/2
mpls ip
mpls
ldp
61.139.36.34
target-session
Data Products
25
June 2010
Issue 219
Malfunction Situation
After the configuration, when engineers set the PCs to be in the same segment 1.1.1.0/24, the
PCs could not ping each other successfully.
Malfunction Analysis
1. Engineers checked the VC states on the two switches. The VC states were up, as shown
below:
T160G-1#show mpls l2transport vc vpls vfi test
VFIName
Test
LocalCircuit
VFI
DestAddress
61.139.36.33
Test
LocalCircuit
VFI
Status
VC ID
Status
200
VC ID
DestAddress
61.139.36.34
200
up
up
2. Engineers checked the distribution of out-labels on the two switches. The labels were
proper, as shown below:
T160G-1#show mpls forwarding-table
Mpls Ldp Forwarding-table:
InLabel
53
OutLabel
Dest
101712
Pfxlen
61.139.36.33
32
Interface
NextHop
fei_1/2
59.43.1.2
OutLabel
54
Dest
61.139.36.34
Pfxlen
32
Interface
fei_1/2
NextHop
59.43.1.1
3. Engineers checked the distribution of in-labels on the two switches. The labels were proper.
4. Engineers checked the MAC learning on the two switches. They found that the switches
could not learn the MAC addresses of the PCs, as shown below:
T160G-1#show mac vfi test
MAC
peer-address
outIntLab
peer-address
outIntLab
outExtLab
outInterface
type
outExtLab
outInterface
type
5. Engineers thought that this fault was caused by the PCs, network cables or the ports on
the switches. They replaced the PCs, network cables and the ports on the switches. The fault
persisted.
6. Engineers entered diagnosis mode to check the micro code versions of the NP pinch plates
on the two switches. They found that the micro code versions of the NP pinch plates on T160G
switches were the default proper version, as shown below. However, to support VPLS function, G
series devices should use NP pinch plates with micro code of vpn version.
T160G-1 (diag)#npc 1 np chip-info microcode-version
26
Maintenance Experience
www.zte.com.cn
Solution
T160G-2(config)#net-card vpn
T160G-2#reload slot 1
Summary
To support VPLS service, G series
switches need NP pinch plates. There is
T160G-1(config)#net-card vpn
T160G-1#reload slot 1
Malfunction Situation
As shown in Figure 4, 9806E router connected
to the port Ethernet 1/2 of UAS 10800. A
modem connected to the 9806E router. Local
authentication was configured on UAS 10800. The
modem obtained IP address, DNS server address
Malfunction Analysis
The configuration of traffic mirroring on
UAS 10800 is shown below.
Data Products
27
June 2010
Issue 219
context pppoe9806e
domain 9806e.com
forward policy mirror2
/*create a forwarding policy
mirror2*/
mirror destination
mirror_dest2 all
/*mirror all traffic to the
logical target mirror_dest2*/
interface mirrorport
ip address 88.1.1.1/24
!
interface pppoe_9806e
multibind
ip address 10.12.102.1/24
ip pool 10.12.102.0/24
!
subscriber default
ip address pool
dns primary 172.24.242.242
!
subscriber name tw
password tw
port ethernet 1/2
description to_9806e
no shutdown
encapsulation pppoe
bind authentication chap pap
maximum 500
forward policy mirror2 in
/*incoming traffic mirroring*/
forward policy mirror2 out
/*outgoing traffic mirroring*/
port ethernet 1/10
medium speed 100 duplex half
no shutdown
bind interface mirrorport
pppoe9806e
/*bind to an interface*/
forward output mirror_dest2
/*the destination mirroring
port working as the egress of
mirror_dest2*/
[local]Redback(config)#show
detail
ethernet 1/10 state is Up
Description
Line state
Admin state
Link Dampening
disabled
Undampened line state
Dampening Count
Encapsulation
ethernet
MTU size
Bytes
NAS Port Type
Speed
Mbps
Duplex mode
MAC address
00:30:88:01:79:05
Media type
100Base-TX
Loopback
Active Alarms
port 1/10
:
: Up
: Up
: Up
: 0
: 1500
:
: 100
: half
:
:
: off
: NONE
Solution
Engineers modified the configuration, as shown
below:
subscriber default
ip address pool
dns primary 172.24.242.242
forward policy mirror2 in
forward policy mirror2 out
Tr a f f i c m i r r o r i n g s u c c e e d e d a f t e r t h e
configuration was modified. The PC could capture
the PPPoE dialing packets.
The malfunction reason was that PPPoE
policy to subscriber.
Maintenance Experience
28