Shulou(Shulou.com)06/01 Report--

I. description of phenomena

1. Network topology

2. The business of the server virtualization platform is all interrupted and inaccessible, including the remote management of WAF firewall and data center switch.

Second, the train of thought of troubleshooting

According to the OSI seven-layer reference model, the idea of layer-by-layer investigation is carried out from the application layer to the physical layer.

Third, the solution to the fault

1. First, check the traffic status of each interface of the core switch to see if there is * traffic. The results of the view are normal.

2. Secondly, check the physical link status between devices to see if there is a link failure. The result of the view is that the interface of the WAF firewall to the data center switch and the interface of the data center switch are not lit, thus confirming that the physical link failure caused the business interruption.

3. The deadlock under the condition of changing the network jumper between the WAF firewall and the data center switch to confirm that there is no problem with the network cable.

4. Separately test the interface of the data center switch and the interface of the WAF firewall, and find that the interface of the data center switch is normal, but the interface of the WAF firewall can not be started all the time, so the problem of the WAF firewall interface can be determined.

5. Because it is not possible to log in to WAF Firewall for remote troubleshooting, the temporary solution given by the manufacturer is to restart WAF Firewall by calling WAF Firewall 400 to inquire.

6. According to the manufacturer's suggestion, after restarting the WAF firewall, the interface of the WAF firewall starts normally and the business returns to normal.

Fourth, break the casserole and ask to the end

1. The optical port of the core switch connected to the WAF firewall and the point port of the downlink data center switch do not belong to a group of Bypass interface groups.

Note: Bypass function: bypass, that is, two networks can be physically connected without passing through the network security device through a specific trigger state (power outage or crash). Therefore, with Bypass, when the network security device fails, you can also allow the networks connected to this device to connect to each other. Of course, at this time, this network device will no longer deal with the packets in the network.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.