STP Loop

Unanswered Question
yogesh.suryawanshi Mon, 09/21/2009 - 01:37

Hi,

let's assume your 2 vlans have got in to loop & both are using DHCP to lease ip's to their hosts.....you will so realise vlan's 1 may get ip of vlan 2 & vice versa......

For troubleshoot you will have to log in to switches right from access to core & check in CDP neighbor if any Unusual switch has become neighbor or not.....

Regards,

Yogesh

Giuseppe Larosa Mon, 09/21/2009 - 01:48

Hello Neo,

>> I would like to know how could i conclude whether there is a STP loop in my LAN or not

First of all STP is out there to try to prevent loops so let's call them bridging loops.

Second when a loop forms none can do something in the network and the campus network becomes isolated.

network devices cpu go to 100% also on powerful devices like C6500.

if there is enough time and you are able to telnet/ssh to one distribution device you can try to shut the links betweeen the two distribution switches in an attempt to break the loop.

(if the design is classical with two distribution and each access switch with an uplink to each of the two distribution nodes)

If it is too late for this you need to find someone on the place and to ask them one of two actions:

a)

to power off one distribution switch.

Or

b) to unplug uplinks between access layer switches and one of the distribution switches

in this case the loop is broken by physically eliminating link redundancy.

bridging loops can cause extended out of service.

solution a) may be faster but it causes to miss with the reload log information on the power cycled device.

typically messages of HSRP state flapping or of routers running a routing protocol that complain to receive a duplicated hello are a sign of a loop.

also messages about mac address flapping can be a sign of a loop in action.

spanning-tree loop guard, storm control, UDLD and the usage of a dedicated management vlan can help in getting the time to access distribution nodes.

Hope to help

Giuseppe

cat 6500s leave lots of forensic evidense of a bridge loop, only power down a switch as a last resort or it will be hard to track the source. The last loop we had on our huge 10G switch network was traced down to a VMWARE server that was misconfigured

With my experiance a bridge loops occurs and then SPT fails because the CPU spikes so fast, then no one is the root bridge, TCN's just keep looping and looping.

Steps to troubleshoot bridge loops or massive unicast flooding

Sho int | I tx|line

Shows all interfaces in switch with their corresponding tx and rx utilization. When there is a bridge loop you will see 100% utilization on at least 2 interfaces

Sho int | I output drops|line

Shows all interfaces in switch with their corresponding input queue drops and output drops. During a bridge loop you will see tons of output drops on the looping int

Sho spant det | I Number of top

Shows source of TCN origination

Switch#sho catalyst6000 all

chassis MAC addresses: 1024 addresses from 00d0.01e3.bc00 to 00d0.01e3.bfff

traffic meter = 1% Never cleared

peak = 40% reached at 11:32:30 AZ Wed May 10 2009

shows the last time there was a peak, after a loop condition has been corrected and you did not reload the switch you can or if your client claimed there was a loop and when you started working on the switch the loop was gone you can check this command, this peak will be high during a loop

Actions

This Discussion