园区锐捷设备网络丢包点界定指导书

SE_You 2024-11-14 交换机 6 阅读

1.梳理流量路径

从源到目的经过哪些设备转发,可根据现场网络拓扑判断,无现场网络拓扑的情况下可通过以下命令梳理 show arp de show mac show ip route show lldp neighbor

2.定界丢包点

在所有经过的设备上配置acl计数明确丢包点,如下 注意:以下ip地址仅为举例,以现场实际ip地址为准
第一步:创建ACL
ip access-list extended test-down-in
10 permit icmp host 10.10.12.55 host 10.110.0.19
20 permit icmp host 10.110.0.19 host 10.10.12.55
100 permit ip any any
!
ip access-list extended test-down-out
10 permit icmp host 10.10.12.55 host 10.110.0.19
20 permit icmp host 10.110.0.19 host 10.10.12.55
100 permit ip any any
!
ip access-list extended test-up-in
10 permit icmp host 10.10.12.55 host 10.110.0.19
20 permit icmp host 10.110.0.19 host 10.10.12.55
100 permit ip any any
!
ip access-list extended test-up-out
10 permit icmp host 10.10.12.55 host 10.110.0.19
20 permit icmp host 10.110.0.19 host 10.10.12.55
100 permit ip any any
第二步:开启ACL计数
!
ip access-list counter test-up-in
!
ip access-list counter test-up-out
!
ip access-list counter test-down-out
!
ip access-list counter test-down-in
第三步:
上下联口调用ACL:
上联口(连接路由器的接口)
比如连接的是g0/1(以具体连接的接口为准)
int g0/1
ip access-group test-up-in in
ip access-group test-up-out out
下连口(连接电脑的接口)
ip access-group test-down-in in
ip access-group test-down-out out
第四步:
查看计数:show access-lists
清除计数:clear counters
注意:若clear counters无法清除计数统计,则clear counters access-list xx(xx代表acl的名字)来清除

 

版权声明:
作者:SE_You
链接:https://www.cnesa.cn/2572.html
来源:CNESA
文章版权归作者所有,未经允许请勿转载。

THE END
分享
二维码
打赏
海报
园区锐捷设备网络丢包点界定指导书
1.梳理流量路径 从源到目的经过哪些设备转发,可根据现场网络拓扑判断,无现场网络拓扑的情况下可通过以下命令梳理 show arp de show mac show ip route show lldp neighbor 2.定界丢包点 在所有经过的设备上配置acl计数明确丢包点,如下 注意:以下ip地址仅为举例,以现场实际ip地址为准 第一步:创建ACL ip access-list extended test-down-in 10 permit icmp host 10.10.12.55 host 10.110.0.19 20 permit icmp host 10.110.0.19 host 10.10.12.55 100 permit ip any any ! ip access-list extended test-down-out 10 permit icmp host 10.10.12.55 host 10.110.0.19 20 permit icmp host 10.110.0.19 host 10.10.12.55 100 permit ip any any ! ip access-list extended test-up-in 10 permit icmp host 10.10.12.55 host 10.110.0.19 20 permit icmp host 10.110.0.19 host 10.10.12.55 100 permit ip any any ! ip access-list extended test-up-out 10 permit icmp host 10.10.12.55 host 10.110.0.19 20 permit icmp host 10.110.0.19 host 10.10.12.55 100 permit ip any any ! 第二步:开启ACL计数 ! ip access-list counter test-up-in ! ip access-list counter test-up-out ! ip access-list counter test-down-out ! ip access-list counter test-down-in 第三步: 上下联口调用ACL: 上联口(连接路由器的接口) 比如连接的是g0/1(以具体连接的接口为准) int g0/1 ip access-group test-up-in in ip access-group test-up-out out 下连口(连接电脑的接口) ip access-group test-down-in in ip access-group test-down-out out 第四步: 查看计数:show access-lists 清除计数:clear counters 注意:若clear counters无法清除计数统计,则clear counters access-list xx(xx代表acl的……
<<上一篇
下一篇>>