4500#sh ip cef summary
IPv4 CEF is enabled for distributed and running
VRF Default:
396 prefixes (396/0 fwd/non-fwd)
Default network 0.0.0.0/0
Table id 0
Database epoch: 1 (396 entries at this epoch)
4500#sh int vlan 81
Vlan81 is up, line protocol is up
Hardware is Ethernet SVI, address is 000c.850e.a6ff (bia 000c.850e.a6ff)
Description: BIM_SISTEM
Internet address is 10.0.81.1/24
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not supported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 220000 bits/sec, 266 packets/sec
5 minute output rate 4011000 bits/sec, 483 packets/sec
L3 in Switched: ucast: 1593180169 pkt, 631725824269 bytes - mcast: 53834
pkt, 26011383 bytes
L3 out Switched: ucast: 2195413899 pkt, 1547653673786 bytes - mcast:
2848101 pkt, 1632839119 bytes
1594462128 packets input, 631938096235 bytes, 0 no buffer
Received 1281959 broadcasts (78524 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
2200900034 packets output, 1549473413768 bytes, 0 underruns
0 output errors, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
2009/5/12 Sinan Ilkiz <sinan.ilkiz_at_gmail.com>
> Bence 4500'ler tek bir flow icin paketleri sira ile butun uplinklere
> yolluyorsa burada bir sorun var demektir. Aslinda cihazlar load-balancing
> isini paket bazli degil de flow bazli yapmali. Dolayisiyla bir bilgisayarin
> banka baglantisi (kac tane link olursa olsun) hep ayni uplink uzerinden
> gitmeli.
>
> "show ip cef summary" gonderebilir misin 4500'lerden?
>
> Bir de trace cektigin VLAN'in L3 interface'i icin "show ip interface XXX"
> ciktisini.
>
> Selamlar
>
> - Sinan
>
> 12 Mayıs 2009 Salı 18:07 tarihinde Mesut CAP <mesutcap_at_gmail.com> yazdı:
>
> >
> >
> > Merhaba;
> >
> > Asagidaki durumda problem cikiyor yani bankalar baglantiyi birden
> > sonlandiriyor.
> >
> > 4500#
> > O*IA 0.0.0.0/0 [110/2] via 10.0.1.25, 00:00:04, Port-channel2 --->
> 6500-2
> > [110/2] via 10.0.1.21, 00:00:04, Port-channel1 -----> 6500-1
> >
> > 6500#
> > S* 0.0.0.0/0 [1/0] via 10.0.3.250 -->FW-2
> > [1/0] via 10.0.2.250 ---> FW-1
> >
> > 4500'te, 6500 lerden birine statik route yazdigimda sorun yok. Su anki
> > yapida 2 firewall kullanilmis cikislari ayri. Yapiyi degistirmek su an
> icin
> > pek mumkun degil.
> > Serhat, 4500'e bagli bir PC den firewall'a veya internette bi yere trace
> > yaptigimda hep ayni yol kullaniliyor.
> >
> > 4500#traceroute
> > 74.125.79.99
> >
> > Type escape sequence to abort.
> > Tracing the route to 74.125.79.99
> >
> > 1 10.0.1.25 0 msec -->Port-channel2
> > 10.0.1.21 0 msec -->Port-channel1 --> Burda normal olmayan bisey
> > varmis gibi???
> > 10.0.1.25 0 msec -->Port-channel2
> > 2 10.0.3.250 12 msec 8 msec 12 msec -->FW2
> > 3 * * *
> > 4 * *
> >
> > Source adres olarak 4500 deki bir Vlan verdigimde;
> >
> > 4500#traceroute
> > Protocol [ip]:
> > Target IP address: 74.125.79.99
> > Source address: 10.0.81.1
> > Numeric display [n]:
> > Timeout in seconds [3]:
> > Probe count [3]:
> > Minimum Time to Live [1]:
> > Maximum Time to Live [30]:
> > Port Number [33434]:
> > Loose, Strict, Record, Timestamp, Verbose[none]:
> > Type escape sequence to abort.
> > Tracing the route to 74.125.79.99
> >
> > 1 10.0.1.21 0 msec
> > 10.0.1.25 4 msec
> > 10.0.1.21 0 msec
> > 2 10.0.3.250 4 msec
> > 10.0.2.250 0 msec
> > 10.0.3.250 4 msec
> > 3 * * *
> > 4 * * *
> > 5 *
> >
> > Firewall'a trace yaptigimda;
> >
> > 4500#traceroute
> > Protocol [ip]:
> > Target IP address: 10.0.2.250
> > Source address: 10.0.81.1
> > Numeric display [n]:
> > Timeout in seconds [3]:
> > Probe count [3]:
> > Minimum Time to Live [1]:
> > Maximum Time to Live [30]:
> > Port Number [33434]:
> > Loose, Strict, Record, Timestamp, Verbose[none]:
> > Type escape sequence to abort.
> > Tracing the route to 10.0.2.250
> >
> > 1 10.0.1.25 0 msec
> > 10.0.1.21 0 msec
> > 10.0.1.25 4 msec
> > 2 * * *
> > 3 * * *
> > 4 * * *
> > 5 * *
> >
> > Sinan, tesekkur ederim, loglama sansi olabilir de, loglamaya gerek
> kalmadan
> > 4500 te route tablosuna esit metrikli 2 yol soktugumda zaten bankalara
> > giremiyoruz. Diger sitelere giriliyor oysaki. 6500 lerde de 2 yol var ama
> > 4500 lerde 2 yol oldugunda problem cikiyor. Sonuc boyle olunca sorunu
> 4500
> > lerde ariyorum umarim dogru yerdir.
> >
> >
> > [Non-text portions of this message have been removed]
> >
> >
> >
>
>
> [Non-text portions of this message have been removed]
>
>
>
> ------------------------------------
>
> --
> Cisco Teknik Tartisma Listesi (Cisco-ttl)
>
> Bu listede onerilen degisikliklerin uygulanmasindaki tum sorumluluk
> kullaniciya aittir. Liste yoneticileri, oneride bulunan liste uyeleri ya da
> bu uyelerin calistigi kuruluslar herhangi bir sekilde sorumlu
> tutulamazlar.Yahoo! Groups Links
>
>
>
>
[Non-text portions of this message have been removed]
--
Cisco Teknik Tartisma Listesi (Cisco-ttl)
Bu listede onerilen degisikliklerin uygulanmasindaki tum sorumluluk
kullaniciya aittir. Liste yoneticileri, oneride bulunan liste uyeleri ya da
bu uyelerin calistigi kuruluslar herhangi bir sekilde sorumlu tutulamazlar.Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/cisco-ttl/
<*> Your email settings:
Individual Email | Traditional
<*> To change settings online go to:
http://groups.yahoo.com/group/cisco-ttl/join
(Yahoo! ID required)
<*> To change settings via email:
mailto:cisco-ttl-digest_at_yahoogroups.com
mailto:cisco-ttl-fullfeatured_at_yahoogroups.com
<*> To unsubscribe from this group, send an email to:
cisco-ttl-unsubscribe_at_yahoogroups.com
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
Received on Wed May 13 2009 - 10:07:33 CEST