路由器以太网端口ip不能从客户端访问
我有一个混合设备的设置来自思科和Ubiquiti边缘路由器和Vyos。我的Cisco Nexus配置了HSRP,所有的SVI在192.168.1.243作为HSRP上的活动,SVI的所有在区域0.0.0.0与SVI接口在192.168.1.242配置为ip ospf 50,因为在192.168.1.243上的默认ip ospf成本是40。我还在192.168.1.243的所有SVI上配置了ip ospf优先级100,为192.168.1.242在所有SVI上配置了ip ospf优先级90。192.168.0.0/24上的所有路由器回送接口和以太网都位于0.0.0.0区域。这个设置是让我在我的核心网络中有冗余。OSPF邻居在所有路由器上看起来都很好。
安装在一个新的边缘路由器中,以192.168.1.241作为路由器ID,与192.168.1.240配置相同,因为我需要替换192.168.1.240,但是我不能从连接到Cisco Nexus SVI's上的子网/vlan的任何客户端访问它。我可以从远程站点甚至是同一区域的路由器访问它。我的广域网站点通过192.168.1.240、192.168.1.254和10.11.1.50连接,来自这一端的客户端可以访问这个新路由器(192.168.1.241)。我注意到OSPF很好地工作,因为它设法从同一子网上的各个邻居获得路由,并且它从远程站点获得路由,以及从我的其他WAN路由器获得路由。通过故障排除,我注意到,如果我以较高的成本在192.168.1.243上配置SVI,我可以访问它,但可以松散地访问同一骨干区域的其他路由器。
我相信我的Nexus配置一定有遗漏。随函附上我的设置,如果需要的话,我可以在我的两个Nexus上发布SVI的配置。希望有人能在这里帮我
谢谢
这是SVI和OSPF的配置
**cisco-nexus01**
interface Vlan2
ip address 192.168.0.20/24
ip ospf priority 100
ip router ospf 100 area 0.0.0.0
hsrp 2
preempt
priority 105
ip 192.168.0.21
no shutdown
interface Vlan3
ip address 192.168.2.4/24
ip ospf priority 100
ip router ospf 100 area 0.0.0.0
hsrp 3
preempt
priority 105
ip 192.168.2.1
no shutdown
interface Vlan4
ip address 192.168.4.4/24
ip ospf priority 100
ip router ospf 100 area 0.0.0.0
hsrp 4
preempt
priority 105
ip 192.168.4.1
no shutdown
interface Vlan5
ip address 192.168.60.11/24
ip ospf priority 100
ip router ospf 100 area 0.0.0.0
hsrp 5
preempt
priority 105
ip 192.168.60.1
no shutdown
interface Vlan6
ip address 192.168.61.7/24
ip ospf priority 100
ip router ospf 100 area 0.0.0.0
hsrp 6
preempt
priority 105
ip 192.168.61.1
no shutdown
interface Vlan8
ip address 192.168.8.4/24
ip ospf priority 100
ip router ospf 100 area 0.0.0.0
hsrp 8
peempt
riority 105
ip 192.168.8.1
no shutdown
interface Vlan10
ip address 192.168.3.38/24
ip ospf priority 100
ip router ospf 100 area 0.0.0.0
hsrp 10
preempt
priority 105
ip 192.168.3.1
no shutdown
interface Vlan52
ip address 192.168.52.4/24
ip ospf priority 100
ip router ospf 100 area 0.0.0.0
hsrp 52
preempt
priority 105
ip 192.168.52.1
no shutdown思科-nexus02 02
interface Vlan2
ip address 192.168.0.19/24
ip ospf cost 50
no ip ospf passive-interface
ip ospf priority 90
ip router ospf 100 area 0.0.0.0
hsrp 2
preempt
ip 192.168.0.21
no shutdown
interface Vlan3
ip address 192.168.2.3/24
ip ospf cost 50
no ip ospf passive-interface
ip ospf priority 90
ip router ospf 100 area 0.0.0.0
hsrp 3
preempt
ip 192.168.2.1
no shutdown
interface Vlan4
ip address 192.168.4.3/24
ip ospf cost 50
no ip ospf passive-interface
ip ospf priority 90
ip router ospf 100 area 0.0.0.0
hsrp 4
preempt
ip 192.168.4.1
no shutdown
interface Vlan5
ip address 192.168.60.10/24
ip ospf cost 50
no ip ospf passive-interface
ip ospf priority 90
ip router ospf 100 area 0.0.0.0
hsrp 5
preempt
ip 192.168.60.1
no shutdown
interface Vlan6
ip address 192.168.61.6/24
ip ospf cost 50
no ip ospf passive-interface
ip ospf priority 90
ip router ospf 100 area 0.0.0.0
hsrp 6
preempt
ip 192.168.61.1
no shutdown
interface Vlan8
ip address 192.168.8.3/24
ip ospf cost 50
no ip ospf passive-interface
ip ospf priority 90
ip router ospf 100 area 0.0.0.0
hsrp 8
preempt
ip 192.168.8.1
no shutdown
interface Vlan10
ip address 192.168.3.37/24
ip ospf cost 50
no ip ospf passive-interface
ip ospf priority 90
hsrp 10
preempt
ip 192.168.3.1
no shutdown
interface Vlan52
ip address 192.168.52.3/24
ip ospf cost 50
no ip ospf passive-interface
ip ospf priority 90
hsrp 52
preempt
ip 192.168.52.1
no shutdown思科-nexus01 01
router ospf 100
router-id 192.168.1.242
default-information originate
redistribute static route-map static-in-ospf
rfc1583compatibility
interface Vlan2
ip ospf priority 100
ip router ospf 100 area 0.0.0.0
interface Vlan3
ip ospf priority 100
ip router ospf 100 area 0.0.0.0
interface Vlan4
ip ospf priority 100
ip router ospf 100 area 0.0.0.0
interface Vlan5
ip ospf priority 100
ip router ospf 100 area 0.0.0.0
interface Vlan6
ip ospf priority 100
ip router ospf 100 area 0.0.0.0
interface Vlan8
ip ospf priority 100
ip router ospf 100 area 0.0.0.0
interface Vlan10
ip ospf priority 100
ip router ospf 100 area 0.0.0.0
interface Vlan52
ip ospf priority 100
ip router ospf 100 area 0.0.0.0
interface loopback0
ip ospf priority 100
ip router ospf 100 area 0.0.0.0思科-nexus02 02
router ospf 100
router-id 192.168.1.243
rfc1583compatibility
interface Vlan2
ip ospf cost 50
no ip ospf passive-interface
ip ospf priority 90
ip router ospf 100 area 0.0.0.0
interface Vlan3
ip ospf cost 50
no ip ospf passive-interface
ip ospf priority 90
ip router ospf 100 area 0.0.0.0
interface Vlan4
ip ospf cost 50
no ip ospf passive-interface
ip ospf priority 90
ip router ospf 100 area 0.0.0.0
interface Vlan5
ip ospf cost 50
no ip ospf passive-interface
ip ospf priority 90
ip router ospf 100 area 0.0.0.0
interface Vlan6
ip ospf cost 50
no ip ospf passive-interface
ip ospf priority 90
ip router ospf 100 area 0.0.0.0
interface Vlan8
ip ospf cost 50
no ip ospf passive-interface
ip ospf priority 90
ip router ospf 100 area 0.0.0.0
interface Vlan10
ip ospf cost 50
no ip ospf passive-interface
ip ospf priority 90
ip router ospf 100 area 0.0.0.0
interface Vlan52
ip ospf cost 50
no ip ospf passive-interface
ip ospf priority 90
ip router ospf 100 area 0.0.0.0
interface loopback0
ip ospf priority 90
ip router ospf 100 area 0.0.0.0回答 1
Network Engineering用户
发布于 2018-03-03 11:31:59
Problem1:您应该有一致的L3成本,L3路由与L2 hsrp网关冗余无关。
Problem1b:您的主机vlans挂在Nexus设备上,对于OSPF来说应该是被动的,为什么在这里需要主动的ospf?
Problem2:在您的vlan2 (192.168.0.0/24)上,如果所有设备都使用L2共享ip互连,则不应该有hsrp,只有在进行静态路由并需要l2 ip故障转移时才需要。
Problem3:如果您有双Nexus设备,您可能已经配置了vPC,尽管您没有附加任何配置。vPC有用于互连L3设备和遍历对等链路的特定规则。请参阅https://www.cisco.com/c/en/us/support/switches/nexus-5000-series-switches/products-implementation-design-guides-list.html
Problem3:推荐使用专用的L3链路(而不是Vlan)连接到其他L3路由器。
https://networkengineering.stackexchange.com/questions/43081
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号