交换机防火墙互联丢包
给客户做个方案首要拓扑如下,在核心交换3600上为每个vlan做网关,另在3600上建立vlan2900接口地址172.16.0.2/30用于和防火墙内网口互联,防火墙内网口地址为172.16.0.1/30,从交换机ping172.16.0.1丢包很严重,从交换机telnet防火墙ping172.16.0.2不丢包。交换机侧端口为10/100/1000设为自适应防火墙侧为10/100设为自适应。两头都强制成100全双工,仍是老样子,不过交换机提示端口也许损坏,不断的发送错误包。查看防火墙的连接数,流量,CPU均不高,交换机负载也不高。烦恼好久,还望高手点拨。(To make a plan for the customer, the first topology is as follows. The core switch 3600 is used as a gateway for each vlan, and the vlan2900 interface address 172.16.0.2/30 is established on the 3600 for interconnection with the internal network port of the firewall. The internal network port address of the firewall is 172.16 .0.1/30, ping172.16.0.1 from the switch has serious packet loss, but ping172.16.0.2 from the switch telnet firewall does not lose packets. The port on the switch side is 10/100/1000 and it is set to be adaptive, and the firewall side is 10/100 and it is set to be adaptive. Both ends are forced to 100 full duplex, which is still the same, but the switch prompts that the port may be damaged and keeps sending wrong packets. Check that the number of connections, traffic, and CPU of the firewall are not high, and the load on the switch is not high. I have been troubled for a long time, and I hope that the experts will help.)
页:
[1]