ineterace VLAN stop responding on FWSM automatically

Unanswered Question
Aug 8th, 2012
User Badges:

Dear Friends,


i  have been facing strange issue on FWSM (6509 switch). we have created a  vlan inteface for  server farm on fwsm and its stop responding  automatically and we need to give shut/ no shut command under that  interface to back into normal .


could anyone tell me what is the reason i am unable to find out the reason ?



Regards,


Faysal

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Ramraj Sivagnan... Sun, 08/19/2012 - 10:13
User Badges:
  • Silver, 250 points or more

Hi Bro

This could be a bug. What version of FWSM are you running on? Have you tried upgrading to version 4.1.7?

Faisal Shabbir Tue, 08/21/2012 - 21:15
User Badges:

Hello Ramraj,

thanks for your e-mail, current FWSM Firewall Version 3.2(6) is running on the module, strange thing is that there are Linux based servers running database and some library services are affected. these two servers normally stop responding and we have to rest the vlan interface to bring them back.

any expert advice??

Ramraj Sivagnan... Tue, 08/21/2012 - 21:32
User Badges:
  • Silver, 250 points or more

I would suggest upgrading to the latest version 4.1.7, to rule out bug.

Faisal Shabbir Tue, 08/21/2012 - 21:37
User Badges:

even i sent show tech output to cisco tech but he unable to identify any problem

Ramraj Sivagnan... Tue, 08/21/2012 - 21:48
User Badges:
  • Silver, 250 points or more

If Cisco TAC can't detect the issue, then I can only presume that your configuration and hardware are in good working order. The only other possibility left is either this is a software bug issue or there's ARP issue in your L2 switch, that affects only the Linux based servers. You might want to do packet capture via wireshark and paste them here.

Faisal Shabbir Tue, 08/21/2012 - 22:02
User Badges:

Thnank Raj for your analysis, yes we are on the same page  is there any possibility that something malfunctioning with the servers???

Ramraj Sivagnan... Tue, 08/21/2012 - 22:08
User Badges:
  • Silver, 250 points or more

To know for sure if there's any issues on the server end, the best way to find out is to perform packet capture via wireshark and you could either paste them here or pass the information to Cisco TAC for further analysis.

Faisal Shabbir Tue, 08/21/2012 - 22:12
User Badges:

well Raj i am not expert on Wireshark i interacted with wireshark once or may be twice

Ramraj Sivagnan... Wed, 08/22/2012 - 01:48
User Badges:
  • Silver, 250 points or more

No worries bro, if you don't know how to use Wireshark or Ethereal. Just download either of these freeware, and get the Cisco TAC engineer to assist you remotely via webex. These Cisco TAC engineers will be more than glad to assist you :-) Please do give the Cisco TAC engineers high scores in the online survey form which you'll received via email, once the Cisco TAC case is closed :-)

Actions

This Discussion