how to track down loops in my switches?

Unanswered Question
May 19th, 2008
User Badges:

Hi


I've got a problem where random users are plugging their voice and data ports on their Avaya phones straight into the switches, instead of connecting the data port to a PC. This I believe creates a layer 2 loop.


My problem is how can I track this loop down? What commands do I have available on my 3560 switches and what should I be observing?


Do I need to use wireshark? If so how do I monitor my switch given that I could be having up to a max of a Gb of traffic passing the switch but I'm connected on a fastethernet port?


Thanks

Dan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
royalblues Mon, 05/19/2008 - 00:52
User Badges:
  • Green, 3000 points or more

Dan,


1. If you have CDP enabled, then you will see the IPhone connected to multiple ports when you issue show cdp neighbor command. You can then trace down the port and remove it


2. If the mirrored traffic exceeds the traffic that the interface can handle, then the traffic would be dropped by wireshark.


Narayan

dan_track Mon, 05/19/2008 - 00:55
User Badges:

Hi


The Avaya phones don't talk the cdp protocol, I think only Cisco equipment talks CDP as it is Cisco propriety.


Any other thoughts?


Thanks

Dan

royalblues Mon, 05/19/2008 - 01:01
User Badges:
  • Green, 3000 points or more

Oops i missed that u had stated avaya phones.


Do u get logs stating that the same mac-address is being learnt from 2 diff ports or port flapping messages?


Narayan

dan_track Mon, 05/19/2008 - 01:34
User Badges:

Hi


I have logging enabled but I couldn't see any messages that stated that. Although on this occassion when I had the problem I was lucky enough to physically trace the problem phone, but I'd like to get the switches to tell me.


Thanks

Dan

Take a look at the commands used in the cisco-phone SmartPort macro "sh parser macro". If nothing else, you want bpduguard on those access ports to keep you from looping up. You can go back later on a port that's been disabled and "sh int status err-disabled" to see why a port was taken down.

Actions

This Discussion