Поменяли часть коммутаторов Dlink на MES2324B и начались проблемы.....
Используем прошивку 4.0.5.
Конфигурация свитча:
Код: Выделить всё
no spanning-tree
port jumbo-frame
bridge multicast filtering
vlan database
vlan 10,31,101-150,200-250,444,500,4050
exit
no lldp run
loopback-detection enable
loopback-detection interval 60
erps
erps vlan 4050
port west tengigabitethernet1/0/1
port east tengigabitethernet1/0/2
ring enable
protected vlan add 1-501
exit
multicast snooping profile IPTV
match ip 239.195.0.1 239.195.255.255
match ip 225.3.1.1 225.3.1.255
exit
ip dhcp information option
mac access-list extended Deny
deny any 00:00:00:00:00:00 00:00:00:00:00:00 ace-priority 100
exit
ip access-list extended TV
permit ip any 224.0.0.0 0.255.255.255 precedence 7 ace-priority 10
exit
mac access-list extended CLIENT_IPOE
permit any 40:55:39:00:00:00 00:00:00:ff:ff:ff ace-priority 1
permit any 00:00:5e:00:00:00 00:00:00:ff:ff:ff ace-priority 2
permit any 00:30:88:00:00:00 00:00:00:ff:ff:ff ace-priority 3
permit any 10:f3:11:00:00:00 00:00:00:ff:ff:ff ace-priority 4
permit any 01:00:5e:00:00:00 00:00:00:ff:ff:ff ace-priority 5
permit any ff:ff:ff:ff:ff:ff 00:00:00:00:00:00 ace-priority 6
deny any 00:00:00:00:00:00 00:00:00:00:00:00 ace-priority 100
exit
hostname ***
username texpo password encrypted 74fb946015fabfe02b89c560989f075e668809b0
username support password encrypted 8415c7e1e46fd3120241ac8ede909c16b94beda7 privilege 15
snmp-server server
snmp-server location ***
encrypted snmp-server community Zv3P1dHvN9VYTXqlSWh5ij9pbKxpquQTa0pisvW4DGo= ro view Default
encrypted snmp-server community 6wQPgCvF2lFjPbKVqSWhzhZimGFqaoqku0W3RtSJZfw= ro view Default
clock timezone " " +3
sntp anycast client enable both
clock source sntp
sntp unicast client enable
sntp unicast client poll
sntp server ***
ip name-server ***
interface vlan 1
no ip address dhcp
exit
!
interface vlan 10
name Management
ip address 10.128.18.102 255.255.255.0
exit
!
interface gigabitethernet1/0/1
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/2
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/3
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/4
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/5
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/6
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/7
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/8
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/9
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/10
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/11
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/12
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/13
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/14
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/15
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/16
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/17
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/18
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/19
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/20
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/21
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/22
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/23
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface gigabitethernet1/0/24
loopback-detection enable
bridge multicast unregistered filtering
storm-control broadcast level 3
storm-control multicast level 10
port security max 5
port security mode max-addresses
port security discard
spanning-tree disable
service-acl input CLIENT_IPOE
switchport access vlan 202
switchport access multicast-tv vlan 31
switchport protected-port
switchport forbidden default-vlan
multicast snooping add IPTV
multicast snooping max-groups 20
exit
!
interface tengigabitethernet1/0/1
ip dhcp snooping trust
spanning-tree disable
spanning-tree bpdu filtering
switchport mode general
switchport general allowed vlan add 10,31,101-150,200-250,444,500,4050 tagged
switchport forbidden default-vlan
exit
!
interface tengigabitethernet1/0/2
ip dhcp snooping trust
spanning-tree disable
spanning-tree bpdu filtering
switchport mode general
switchport general allowed vlan add 10,31,101-150,200-250,444,500,4050 tagged
switchport forbidden default-vlan
exit
!
interface tengigabitethernet1/0/3
switchport forbidden default-vlan
exit
!
interface tengigabitethernet1/0/4
switchport forbidden default-vlan
exit
!
ip igmp snooping
ip igmp snooping vlan 31
ip igmp snooping vlan 31 immediate-leave host-based
ip igmp snooping vlan 202
ip dhcp snooping
ip dhcp information option suboption-type custom
ip dhcp snooping vlan 202
mac address-table aging-time 60
ip default-gateway 10.128.18.1Проблема следующая телевидение работает около нескольких часов, потом полностью отключается. Подписок на коммутаторе не видно. Помогает ЛИБО перезагрузка свитча (временно) либо перенос абонента в другой порт (тоже временно).
Что делать?
С дуру попытался откатиться на 4.0.4, а там все по другому, а самое главное option_82. Команду "ip dhcp information option suboption-type custom" вообще не понимает.
Собственно, кто виноват и что делать? На FTP видел тестовую 4.0.6, но уже обновляться всё желание пропало. Прошу помощи! Абоненты нервничают.