Hi all. I have a problem that I have not seen before that I need some input on. I have a company that has about 50 cisco switches, on multiple floors. They occasionally will call me and say that one floor in particular has goin down, meaning that in their view that their monitoring services lets them know that the switches cant be ping'ed. All of these switches on each floor go back to a core switch, which is vlan'ed off for each floor. When this happens, usually it only affects one floor, but it has affected more than one floor before (by the switches not being able to be reached, and about 5 to 7 switches on each floor). Usually, if Im not there, it will resolve itself in time. But what I do remember is that the very first time this happened, we found a laptop on the network with "internet connetion sharing" enabled and when we turned that off, the problem went away. However, I dont know for sure if the problem resolution was a coincedence or not. Has anyone seen anything like this before? And if so, can you give me some background as to what might be really going on (at least in your situation)? I appreciate any help.
Yes, each floor is on its own vlan. These are 3560 and 2948 switches, all tied together with redundant paths back to the core switch. It will look like this:
core switch --fiber--> 3560 --fiber--> 3560 --fiber--> 3560 --fiber--> back to second fiber blade in core
So that if one switch goes down, STP will account for the lost switch and the other switches will be ok. But, when this issue happens, the computers on that floor can NOT access resources on the network (which would be to the server vlan, through the core).
Sounds like a broadcast storm alright. I had this issue once and it's because someone installed a switch into a switchport with portfast. So everytime he would turn the switch on/off (inside a training room) we'd get a storm. Sounds like a broadcast storm alright. I had this issue once and it's because someone installed a switch into a switchport with portfast. So everytime he would turn the switch on/off (inside a training room) we'd get a storm.
Enable BPDUguard (spanning-tree bpduguard enable) on all of your access ports and ensure portfast on your trunks are disabled.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...