Interface duplex mismatch........!

Answered Question

Hi everyone,

One of my cisco 3550 switchport (fastEthernet)is connected to an ASA firewal gig port. Settings are as follows:

@Switch: Full duplex / 100 mbps

@FW: auto / auto

Now the problem is that the FW interface is negotiating to half duplex / 100 mbps rather that full duplex. Where does the problem lie, we want it to be ful duplex? can a bad cable or bad port also create such duplex mismatch.

--gaurav

I have this problem too.
0 votes
Correct Answer by dabels about 8 years 10 months ago

you will find that if you have a duplex mismatch on two cisco devices that support CDP you will get messages stating that there is a duplex mis-match right away (FW probably doesn't have cdp on by default) this is because Cisco can read both sides of the connection and tell if there is a mis-match. not sure that I want a message popping up every time I hard code a speed/duplex.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
smothuku Thu, 03/27/2008 - 04:26

Hi Gaurav ,

If you change switch port to auto and auto what is the status of FW gig port.

If possible change the speed and duplex to full and 100Mbps on FW Gig interface.

Thanks,

Satish

Richard Burts Thu, 03/27/2008 - 04:40

gaurav

Both devices should be set the same way for speed and duplex: if 1 is set for auto they should both be set for auto and if 1 is set manually then both should be set manually.

What is happening to you is an example of this principle. You have set the switch duplex setting manually so it will not negotiate. And if a device does not negotiate duplex and the other device is attempting to negotiate duplex then the other device will default to half duplex. So I suggest that either you change the firewall to set speed and duplex or you change the switch to auto auto.

HTH

Rick

andrew.butterworth Thu, 03/27/2008 - 04:52

I can't believe people still do this...

Cisco should add a warning message to Catalyst IOS if the speed or duplex is manually set saying that the connected device must be hard-coded or a duplex mismatch may occur.

Andy

royalblues Thu, 03/27/2008 - 05:46

I agree that there should be some warning message

Often i have seen this issue cropping up when a desktop is connected via an IP phone. Ports on the IP phone are set to auto while they are hard coded on the switch resulting poor performance

Narayan

Kevin Dorrell Thu, 03/27/2008 - 07:32

There are two right solutions:

1. Auto on the host, auto on the switch

2. Fixed on the host, same fixed on the switch.

There are two wrong solutions:

1. Auto on the host, fixed on the switch

2. Any fixed on the host, auto on the switch

This is the No 1 candidate for an FAQ.

Kevin Dorrell

Luxembourg

glen.grant Thu, 03/27/2008 - 14:21

The firewall is working as designed . When you hardcoded the switch and left the FW as auto you created a speed/duplex mismatch . Auto can always sense the speed ok but it cannot correctly sense the farend for duplex unless the far end is also auto so it will default the interface which is half duplex so the FW actually worked as expected , just match the ends if the switch is hardcoded then the FW must be hardcoded otherwise change the switch to auto for speed and duplex.

Correct Answer
dabels Thu, 03/27/2008 - 15:03

you will find that if you have a duplex mismatch on two cisco devices that support CDP you will get messages stating that there is a duplex mis-match right away (FW probably doesn't have cdp on by default) this is because Cisco can read both sides of the connection and tell if there is a mis-match. not sure that I want a message popping up every time I hard code a speed/duplex.

Kevin Dorrell Thu, 03/27/2008 - 15:23

Gaurav, don't worry about it. It's just that it is probably the most frequently asked question here. That's not your fault - it just means that we, or Cisco, have not made a good enough job of getting the message across.

Someone suggested that the software should warn you of the incompatibility. I agree - that would be a great idea. What about it Cisco? - it should be easy enough to implement a warning message.

Kevin Dorrell

Luxembourg

Jon Marshall Thu, 03/27/2008 - 15:36

No please, Cisco IOS is not Microsoft :-).

If i want to code a ports speed/duplex i really don't want to be reminded everytime that this may create a problem - it will be like when you try and delete a file off windows and it keeps asking you if you are really really sure. It's bad enough when you have to configure a port as portfast !

I guess it's different strokes for different folks but coming from a Unix background originally, one of the things i love about IOS is that it just lets you get on with it.

I suspect a fair few will disagree :-)

Jon

Actions

This Discussion