How to correctly manage the vswitch System

A three-layer or even four-layer switch is introduced based on the market demand. However, in any case, its core function is still layer-2 Ethernet packet exchange, but with a certain degree of ability to process IP layer or even higher layer data packets.

As one of the core devices in a LAN, A vswitch's performance directly determines the network's data transmission performance. However, after a long period of work, the switch will inevitably encounter one or another fault. To solve the fault in time, the network administrator often uses a remote method to manage the switch system.

However, sometimes we may encounter the failure of remote switch management. What measures should we take to address this fault? Now, this article analyzes the troubleshooting methods for such faults, hoping to help you!

Check the line connection status. If the physical connection between the client system and the target switch is not smooth, we certainly cannot remotely log on to the background management system of the target switch through the network channel, therefore, when we are unable to remotely manage the vswitch, we should first use the ping command to test the smooth status of the physical connection line.

Of course, before testing the ping command, we must select a common client system that is in the same subnet as the target switch, then run the ping command to test whether the IP address of the switch device can be pinged normally. If the IP address cannot be pinged properly, the physical connection status may be faulty;

At this point, we can try to use another client system to continue the ping command test to see if the IP address of the target switch can still be pinged normally. If the IP address of the target switch cannot be pinged, the problem may occur on the switch itself. For example, if the port of the switch system is abnormal or the hardware performance of the switch is unstable, the ping failure may occur.

Of course, if we can ping the IP address of the switch device from the normal client system but cannot remotely manage the target switch device, most of the problems are that the switch has soft faults, for example, the vswitch background management system has a low version, or the vswitch system has been infiltrated by a network virus.

Check the port working status. Sometimes, when a switching port is constantly impacted by large data capacity, the CPU resources of the Board on the corresponding port may be greatly consumed, in severe cases, all switching ports on the corresponding Board may be suspended.

At this time, if we ping the IP address of the switch device through these dead switching ports, the failure will naturally fail, and the remote login operation will not succeed. To determine whether the switch port is working normally, we can use the console control line to directly connect to the switch control port.

Log on to the backend management interface of the switch system as a system administrator, and execute the string command "display cpu" in the command line status of the interface ", to view the CPU resource consumption of each Board of the switch. If the CPU consumption rate of a Board is found to exceed 50%, a switch port on the board may be continuously affected by large data volumes.

In order to find the target failover port, We can insert the network cable into each switch port of the Failover board in sequence, and then in the View Mode of the corresponding switch port, ping the gateway address of the LAN to see if the target gateway address can be pinged.

Once you find that a switch port cannot successfully ping the target gateway address, you must run the string command "display xxx" in view mode of the switch port ", "xxx" is the specified switch port, from the pop-up result interface, we can clearly determine the size of the input packet, output packet, and broadcast packet of the switching port.

If the size of the input and output data packets exceeds 1000 Mb/s at the same time, the data traffic on the current switching port is abnormal. In this case, we must use the "shutdown" Command provided by the switch system to prevent the switch from being affected.

Temporarily disable the enabling status of the target failover port, and then further find the subnet status under the target failover port, so as to find out the real "sin" that causes excessive CPU consumption of the switch board ", to restore the working status of the target switch port, we can remotely manage the target switch through the network.

The ARP virus is very popular nowadays. Once the LAN encounters an unexpected attack, the network connection icon of the client system may become red frequently, and the user will frequently lose access to the Internet, when you open the webpage content in IE, errors frequently occur.

This type of network virus spoofs the IP address and MAC address to implement ARP spoofing. This network spoofing will generate a large amount of ARP traffic in the local network, in the end, the network transmission channel will be blocked.

Obviously, when ARP virus is detected in the local LAN, we may not be able to remotely log on to the background management system of the target switch through the network channel, the system is also remotely managed. In this case, how can we determine the failure of remote switch management.

Is it caused by ARP attacks? In fact, it is very simple. We only need to scan each switch port and automatically save the scan result information to a specific text file. In the future, we will open this result file, check whether there is a prompt of address conflict. If such a prompt is displayed, it indicates that there is an ARP virus in the LAN, and then further find and disable the ARP virus source, the ARP virus can be prevented from continuing to attack the local lan network.

1. Data Interface Types of each Gigabit Switch
2. Learn how LAN switches solve Network Security Problems
3. Comprehensive analysis of basic functions of security Switches
4. PythonAndroid looks deeply at the new layer-3 Switch Technology
5. Analyze the structure and application of the application layer switch