Здравствуйте.
Есть сетевая схема ниже. Приоритет при проектировании сетевой структуры был отдан приоритет высокой доступности. В основу ядра сети выбрано два свитча mikrotik CRS125-24G-1S. Для пользователей выбрали CSS326-24G-2S+RM. На всех свитчах включен RSTP.
Схема соединения такая:
SW1 p.23 - SWITCH_A P.1
SW1 p.24 - SWITCH_B P.1
SW2 p.23 - SWITCH_A P.2
SW2 p.24 - SWITCH_B P.2
SW3 p.23 - SWITCH_A P.3
SW3 p.24 - SWITCH_B P.3
SWITCH_A p.24 - GW p.1
SWITCH_B p.24 - GW p.2
SWITCH_A задан Bridge Priority 4000h, у всех остальных свитчей он 8000h.
В данной конфигурации на GW, SWITCH_A, SWITCH_B в логах пишутся ошибки об образовании петли и наблюдается нестабильная работа сети.
Если убрать SWITCH_B ошибки исчезают и все работает ок.
Подскажите, где что не так?
В SW1-3 все оставлено по умолчанию.
В логах на GW или на Switch_A выпадают вот такие сообщения
interface, warning ether1:bridge port received packet with own address as source address (cc:2d:e0:2e:fb:aa); probably loop.
Вот немного урезаные конфиги:
Конфиг
GW
/interface bridge
add fast-forward=no name=LocalNet
/interface ethernet
set [ find default-name=ether1 ] mac-address=E4:8D:8C:17:9E:32 name=SW_A \
speed=100Mbps
set [ find default-name=ether2 ] mac-address=E4:8D:8C:17:9E:33 name=SW_B \
speed=100Mbps
add bridge=LocalNet local-forwarding=yes
/interface bridge port
add bridge=LocalNet interface=SW_A
add bridge=LocalNet interface=SW_B
/ip neighbor discovery-settings
set discover-interface-list=none
/interface list member
set telnet disabled=yes
set ftp disabled=yes
set www port=8888
set ssh port=2200
set api disabled=yes
set api-ssl disabled=yes
/ip socks
set port=4145
/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote
/lcd
set time-interval=hour
/system identity
set name=gw
/system logging
set 3 topics=info
add action=remote topics=info
add action=remote topics=error
add action=remote topics=warning
add action=syslog topics=firewall
add action=syslog topics=error
add action=syslog topics=info
add action=syslog topics=warning
add action=remote topics=firewall
/system watchdog
set automatic-supout=no watchdog-timer=no
/tool bandwidth-server
set authenticate=no enabled=no
/tool mac-server mac-winbox
set allowed-interface-list=DMZ
/tool mac-server ping
set enabled=no
/tool sniffer
set file-limit=5000KiB filter-interface=all
SWITCH_A
/interface ethernet
set [ find default-name=ether1 ] comment=SW1
set [ find default-name=ether2 ] comment=SW2
set [ find default-name=ether3 ] comment=SW3
set [ find default-name=ether24 ] comment=Gateway
/interface bridge
add name=bridge_all_ports priority=0x4000
/interface bridge port
add bridge=bridge_all_ports interface=all
/ip neighbor discovery-settings
set discover-interface-list=none
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www-ssl disabled=no
set api disabled=yes
set api-ssl disabled=yes
/snmp
set enabled=yes trap-generators=interfaces trap-interfaces=all
/system clock
set time-zone-name=Europe/Kiev
/system identity
set name=SW_A
Switch_B
/interface ethernet
set [ find default-name=ether1 ] disabled=yes
set [ find default-name=ether2 ] disabled=yes loop-protect=on
set [ find default-name=ether3 ] disabled=yes loop-protect=on
set [ find default-name=ether4 ] disabled=yes loop-protect=on
set [ find default-name=ether5 ] disabled=yes loop-protect=on
set [ find default-name=ether6 ] disabled=yes
set [ find default-name=ether7 ] disabled=yes loop-protect=on
set [ find default-name=ether8 ] disabled=yes loop-protect=on
set [ find default-name=ether9 ] disabled=yes loop-protect=on
set [ find default-name=ether10 ] disabled=yes loop-protect=on
set [ find default-name=ether11 ] disabled=yes loop-protect=on
set [ find default-name=ether12 ] disabled=yes
set [ find default-name=ether13 ] disabled=yes
/interface bridge
add name=All_ports priority=0x8000
/interface bridge port
add bridge=All_ports interface=all
Средний
Простой
