Yep, I've seen that problem also. Usually when proper change and configuration management policies are not followed, or there are no policies. If you fully document what you are trying to do, the configuration commands that you will use, test to perform after the change, and the backout plan, and then have that reviewed by a peer, then you shouldn't have issues. Of course, no one actually does that.
Fred Reimer, CISSP, CCNP, CQS-VPN, CQS-ISS Senior Network Engineer Coleman Technologies, Inc. 954-298-1697 > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:cisco-nsp- > [EMAIL PROTECTED] On Behalf Of Christopher E. Brown > Sent: Monday, November 19, 2007 5:12 PM > To: Holemans Wim > Cc: cisco-nsp@puck.nether.net > Subject: Re: [c-nsp] etherchannel problems > > > I does seem like dynamic would be more risky, but in > practice I have > found that running LACP is alot better than "channel mode > on". It takes > a few seconds longer to start up, but does a very good job > of protecting > against unbound interfaces. > > > Holemans Wim wrote: > > We just got bitten by a serious etherchannel problem : we > have an 2 gig > > etherchannel link between 2 campus. > > Someone on the other end misconfigured an interface (typed > 6/1 instead > > of 1/6) and had overwritten the allowed vlans on one of > the interfaces. > > As a result of this, the interface was thrown out of the > bundle (at that > > side only) BUT the interface stayed UP. On the other > campus, both > > interfaces > > stayed in the bundle with very big problems as a result : > the 6500 at > > that side considered both lines as valid and distributed > the packets > > over both interfaces, sending half of the traffic in > 'space'. > > > > If the interface had gone down as a result of the > unbundling, there > > would have been no problem. We only use static channel > settings, so not > > etherchannel negotiations between switches. Can this be > solved with > > dynamic etherchannel bundling ? Or someone has another > solution for this > > problem ? > > > > Wim Holemans > > Networkservices University of Antwerp > > _______________________________________________ > > cisco-nsp mailing list cisco-nsp@puck.nether.net > > https://puck.nether.net/mailman/listinfo/cisco-nsp > > archive at http://puck.nether.net/pipermail/cisco-nsp/ > > > -- > ------------------------------------------------------------ > ------------ > Christopher E. Brown <[EMAIL PROTECTED]> desk > (907) 550-8393 > cell > (907) 632-8492 > IP Engineer - ACS > ------------------------------------------------------------ > ------------ > _______________________________________________ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
