STP problem [7:70797]
Hi all, We are having an STP problem where we think a user with an integrated wireless and LAN NIC is creating a bridge loop and bringing down the entire network. The problem occurs then goes away after 20 or so minutes unless we can narrow down which closet it is coming from and reboot the switch. All of our management tools die during the outage. Does anyone have any ideas on how we might prevent this from happening or track down the offender? We have 6509's in our Core and a mix of 3548's and 3550-SMI. Any thoughts are appreciated. Thanks! Chris Dumais, CCNP, CNA Sr. Network Administrator NSS Customer and Desktop Services Team Maine Medical Center (207)871-6940 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70797&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP problem [7:70797]
Chris, STP should be enough to avoid these types of problems. In order to cause a bridging loop the station would have to have both interfaces in the same VLAN and forward all L2 traffic except for BPDUs. Even if this were the case the wireless network (10-Mbps?) shouldn't be enough to bring the LAN to its knees (100-Mbps?). If you have STP enabled on all of your switches, I'm doubt that a single station is bringing the network down. Once you find the offending switch that you need to reboot, you can issue console commands to determine the root bridge and any blocked ports. Make sure that things are normal. You do have your root bridge set manually, don't you? :) To find out which port is causing the loop, take a look at the interface counters. You should see an unreal amount of traffic on the offending port (and the uplink to the core switch). When STP has been enabled I have only come across layer-2 loops twice. Once when a few HP switches had gone bad, and another time when a customer had configured channeling on one side but not the other (3500 series, no channel negotiation). In both cases I found that the problem was made worse with increasing traffic levels, and the problem also revolved around the same set of switches. The channeling problem was a bit more difficult to narrow down though, since it disabled MLS on the core switch and every segment appeared to have problems!!! I hope that helps, - Tom Christopher Dumais wrote: > Hi all, > We are having an STP problem where we think a user with an integrated > wireless and LAN NIC is creating a bridge loop and bringing down the entire > network. The problem occurs then goes away after 20 or so minutes unless we > can narrow down which closet it is coming from and reboot the switch. All of > our management tools die during the outage. Does anyone have any ideas on > how we might prevent this from happening or track down the offender? We have > 6509's in our Core and a mix of 3548's and 3550-SMI. Any thoughts are > appreciated. Thanks! > > Chris Dumais, CCNP, CNA > Sr. Network Administrator > NSS Customer and Desktop Services Team > Maine Medical Center > (207)871-6940 > [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70812&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP problem [7:70797]
At 04:52 PM 6/17/2003 +, Christopher Dumais wrote: >Hi all, >We are having an STP problem where we think a user with an integrated >wireless and LAN NIC is creating a bridge loop Based on what do you think this? Somehow it seems unlikely to me that a loop through a wireless link (I assume it's the and bringing down the entire >network. The problem occurs then goes away after 20 or so minutes unless we >can narrow down which closet it is coming from and reboot the switch. All of >our management tools die during the outage. Does anyone have any ideas on >how we might prevent this from happening or track down the offender? We have >6509's in our Core and a mix of 3548's and 3550-SMI. Any thoughts are >appreciated. Thanks! > >Chris Dumais, CCNP, CNA >Sr. Network Administrator >NSS Customer and Desktop Services Team >Maine Medical Center >(207)871-6940 >[EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70805&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP problem [7:70797]
PVST+ Except no substitute. Hardcode everything. No PAGP, DISL, or VTP EVER AGAIN. Next make sure your root bridge is really what you think it is (knowing what spanning-tree uplink fast does to bridge priority, etc). Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70807&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP problem [7:70797]
What an interesting scenario! If I understood your message correctly, the network picture is something like this: Wired Network -Cat-Wireless Network |User| Your problem is that the user is bridging the wired and wireless (and so is the Cat), which means there are two functioning links (bridges) between the wireless and wired. Your real problem is even if you track this user down and beat them severaly with an AP antenna until his MCSE falls on the floor,this problem is going to repeat itself with the next user who has a similar wired/wireless card. So...it's a long day and I can't think of the specific commands or syntax or what I had for lunch, but configure the cat port that the wireless AP is connected to to make it the root bridge such that it will always beat the out of any wanna be bridges, thus ensuring that the rogues block. Sorry, can't be more specific than this, but my brain is frazzled so right now, I think STP is something you put in your car...but maybe it will help with your problem... HTH anyway, Charles ""Christopher Dumais"" wrote in message news:[EMAIL PROTECTED] > Hi all, > We are having an STP problem where we think a user with an integrated > wireless and LAN NIC is creating a bridge loop and bringing down the entire > network. The problem occurs then goes away after 20 or so minutes unless we > can narrow down which closet it is coming from and reboot the switch. All of > our management tools die during the outage. Does anyone have any ideas on > how we might prevent this from happening or track down the offender? We have > 6509's in our Core and a mix of 3548's and 3550-SMI. Any thoughts are > appreciated. Thanks! > > Chris Dumais, CCNP, CNA > Sr. Network Administrator > NSS Customer and Desktop Services Team > Maine Medical Center > (207)871-6940 > [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70801&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP problem [7:70797]
At 06:59 PM 6/17/2003 +, Zsombor Papp wrote: >At 04:52 PM 6/17/2003 +, Christopher Dumais wrote: > >Hi all, > >We are having an STP problem where we think a user with an integrated > >wireless and LAN NIC is creating a bridge loop > >Based on what do you think this? Somehow it seems unlikely to me that a >loop through a wireless link (I assume it's the ... [hmm, groupstudy ate half my email] .. 11Mbps type) brings down a 6509, or even a 3550. Also, I am not sure what a "user" means in this context, but I don't think Windows or Linux does bridging by default, regardless of how many interfaces there are. In general, first step of loop-avoidance is usually to disable portfast on every port where you are not 100% sure that it can't participate in a loop (in your case this seems to be every port). Thanks, Zsombor > > and bringing down the entire > >network. The problem occurs then goes away after 20 or so minutes unless we > >can narrow down which closet it is coming from and reboot the switch. All of > >our management tools die during the outage. Does anyone have any ideas on > >how we might prevent this from happening or track down the offender? We have > >6509's in our Core and a mix of 3548's and 3550-SMI. Any thoughts are > >appreciated. Thanks! > > > >Chris Dumais, CCNP, CNA > >Sr. Network Administrator > >NSS Customer and Desktop Services Team > >Maine Medical Center > >(207)871-6940 > >[EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70819&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: STP problem [7:70797]
Turn on bpdu-guard in spanning tree..that will disable the port That the bridge is looping..or it should. Larry Letterman Cisco Systems -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Christopher Dumais Sent: Tuesday, June 17, 2003 9:53 AM To: [EMAIL PROTECTED] Subject: STP problem [7:70797] Hi all, We are having an STP problem where we think a user with an integrated wireless and LAN NIC is creating a bridge loop and bringing down the entire network. The problem occurs then goes away after 20 or so minutes unless we can narrow down which closet it is coming from and reboot the switch. All of our management tools die during the outage. Does anyone have any ideas on how we might prevent this from happening or track down the offender? We have 6509's in our Core and a mix of 3548's and 3550-SMI. Any thoughts are appreciated. Thanks! Chris Dumais, CCNP, CNA Sr. Network Administrator NSS Customer and Desktop Services Team Maine Medical Center (207)871-6940 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70814&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP problem [7:70797]
To be honest about the only way to isolate these meltdowns is to start disconnecting devices. I assume you have a general idea where the problem is occuring. The flatter your network the more difficult I might add!! Dave Christopher Dumais wrote: > Hi all, > We are having an STP problem where we think a user with an integrated > wireless and LAN NIC is creating a bridge loop and bringing down the entire > network. The problem occurs then goes away after 20 or so minutes unless we > can narrow down which closet it is coming from and reboot the switch. All of > our management tools die during the outage. Does anyone have any ideas on > how we might prevent this from happening or track down the offender? We have > 6509's in our Core and a mix of 3548's and 3550-SMI. Any thoughts are > appreciated. Thanks! > > Chris Dumais, CCNP, CNA > Sr. Network Administrator > NSS Customer and Desktop Services Team > Maine Medical Center > (207)871-6940 > [EMAIL PROTECTED] -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 "Government can do something for the people only in proportion as it can do something to the people." -- Thomas Jefferson Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70815&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP problem [7:70797]
>When STP has been enabled I have only come across layer-2 loops twice. >Once when a few HP switches had gone bad, and another time when a >customer had configured channeling on one side but not the other (3500 >series, no channel negotiation). The interesting thing about this last configuration is that the side configured for channeling could predict the future. Really weird. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70818&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP problem [7:70797]
Access points can be configured to do bridging and I wouldn't be surprised to discover that they don't do STP, especially low-end ones from the local KMart. A lot of low-end switches don't do STP either. So, the access point would have to be inserted into the network just right so that it caused a loop, but that's certainly possible. In that case all the looping broadcast traffic, not to mention looping unknown unicast traffic, could bring a network to its knees. I'm surprised so many people doubted his decription of the problem!? Anyway, finding it will be hard, though there's good advice from Tom and others. I think I would revert to an old-fasioned communications channel. Announce over the loud speaker that if you just connected a wireless access point, disconnect it now and report to the office! :-) Priscilla Tom Martin wrote: > > Chris, > > STP should be enough to avoid these types of problems. In order > to cause > a bridging loop the station would have to have both interfaces > in the > same VLAN and forward all L2 traffic except for BPDUs. Even if > this were > the case the wireless network (10-Mbps?) shouldn't be enough to > bring > the LAN to its knees (100-Mbps?). If you have STP enabled on > all of your > switches, I'm doubt that a single station is bringing the > network down. > > Once you find the offending switch that you need to reboot, you > can > issue console commands to determine the root bridge and any > blocked > ports. Make sure that things are normal. You do have your root > bridge > set manually, don't you? :) > > To find out which port is causing the loop, take a look at the > interface > counters. You should see an unreal amount of traffic on the > offending > port (and the uplink to the core switch). > > When STP has been enabled I have only come across layer-2 loops > twice. > Once when a few HP switches had gone bad, and another time when > a > customer had configured channeling on one side but not the > other (3500 > series, no channel negotiation). > > In both cases I found that the problem was made worse with > increasing > traffic levels, and the problem also revolved around the same > set of > switches. The channeling problem was a bit more difficult to > narrow down > though, since it disabled MLS on the core switch and every > segment > appeared to have problems!!! > > I hope that helps, > > - Tom > > > Christopher Dumais wrote: > > Hi all, > > We are having an STP problem where we think a user with an > integrated > > wireless and LAN NIC is creating a bridge loop and bringing > down the entire > > network. The problem occurs then goes away after 20 or so > minutes unless we > > can narrow down which closet it is coming from and reboot the > switch. All of > > our management tools die during the outage. Does anyone have > any ideas on > > how we might prevent this from happening or track down the > offender? We have > > 6509's in our Core and a mix of 3548's and 3550-SMI. Any > thoughts are > > appreciated. Thanks! > > > > Chris Dumais, CCNP, CNA > > Sr. Network Administrator > > NSS Customer and Desktop Services Team > > Maine Medical Center > > (207)871-6940 > > [EMAIL PROTECTED] > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70821&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP problem [7:70797]
At 08:34 PM 6/17/2003 +, Priscilla Oppenheimer wrote: >Access points can be configured to do bridging and I wouldn't be surprised >to discover that they don't do STP, especially low-end ones from the local >KMart. A lot of low-end switches don't do STP either. Yet they filter out BPDUs? If they don't, then assuming proper configuration on the "high end" switches, can there be really loop? > So, the access point >would have to be inserted into the network just right so that it caused a >loop, but that's certainly possible. In that case all the looping broadcast >traffic, not to mention looping unknown unicast traffic, could bring a >network to its knees. > >I'm surprised so many people doubted his decription of the problem!? A 6509 can switch multiple gigabits of traffic without any problems. You would need quite a few wireless loops to kill such a box. I might be missing something but I still doubt that "a user with an integrated wireless and LAN NIC" can kill bring down a network of 6509 and 3550 switches. Thanks, Zsombor Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70825&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP problem [7:70797]
Sorry, I should have done the search first. Came up first link in google... padding padding padding http://cert.uni-stuttgart.de/archive/bugtraq/2001/07/msg00605.html > Christopher Dumais wrote: > >>Hi all, >>We are having an STP problem where we think a user with an integrated >>wireless and LAN NIC is creating a bridge loop and bringing down the entire >>network. The problem occurs then goes away after 20 or so minutes unless we >>can narrow down which closet it is coming from and reboot the switch. All > > of > >>our management tools die during the outage. Does anyone have any ideas on >>how we might prevent this from happening or track down the offender? We > > have > >>6509's in our Core and a mix of 3548's and 3550-SMI. Any thoughts are >>appreciated. Thanks! >> >>Chris Dumais, CCNP, CNA >>Sr. Network Administrator >>NSS Customer and Desktop Services Team >>Maine Medical Center >>(207)871-6940 >>[EMAIL PROTECTED] > -- Thomas Crowe Senior Engineer / Senior Architect EMC Proven Professional, Master Architect EMC Proven Professional, Master+ Operator CTS Professional Services, Atlanta Office Phone: 770-664-3900 Cell Phone: 678-521-0360 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70831&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP problem [7:70797]
I seem to recall a similar problem when MS released one of the first beta versions of XP. I don't recall the exact details right off but I know it involved a laptop (generally) with a wireless NIC and Windows XP, resulting in the catastropic meltdown of Cisco switched networks. I will see if I can locate some more details, but it may be something to look into. HTH > Christopher Dumais wrote: > >>Hi all, >>We are having an STP problem where we think a user with an integrated >>wireless and LAN NIC is creating a bridge loop and bringing down the entire >>network. The problem occurs then goes away after 20 or so minutes unless we >>can narrow down which closet it is coming from and reboot the switch. All > > of > >>our management tools die during the outage. Does anyone have any ideas on >>how we might prevent this from happening or track down the offender? We > > have > >>6509's in our Core and a mix of 3548's and 3550-SMI. Any thoughts are >>appreciated. Thanks! >> >>Chris Dumais, CCNP, CNA >>Sr. Network Administrator >>NSS Customer and Desktop Services Team >>Maine Medical Center >>(207)871-6940 >>[EMAIL PROTECTED] > -- Thomas Crowe Senior Engineer / Senior Architect EMC Proven Professional, Master Architect EMC Proven Professional, Master+ Operator CTS Professional Services, Atlanta Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70830&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP problem [7:70797]
""Zsombor Papp"" wrote in message news:[EMAIL PROTECTED] > At 08:34 PM 6/17/2003 +, Priscilla Oppenheimer wrote: > >Access points can be configured to do bridging and I wouldn't be surprised > >to discover that they don't do STP, especially low-end ones from the local > >KMart. A lot of low-end switches don't do STP either. > > Yet they filter out BPDUs? If they don't, then assuming proper > configuration on the "high end" switches, can there be really loop? > > > So, the access point > >would have to be inserted into the network just right so that it caused a > >loop, but that's certainly possible. In that case all the looping broadcast > >traffic, not to mention looping unknown unicast traffic, could bring a > >network to its knees. > > > >I'm surprised so many people doubted his decription of the problem!? > > A 6509 can switch multiple gigabits of traffic without any problems. You > would need quite a few wireless loops to kill such a box. I might be > missing something but I still doubt that "a user with an integrated > wireless and LAN NIC" can kill bring down a network of 6509 and 3550 > switches. Not knowing firsthand, I've checked the Cisco documentation. For the 1200 series of AP's, at least, I can find no reference to spanning tree. Not saying it isn't there. Just saying I see no reference. every AP with which I am familiar has but a single ethernet port. It is essentially a hub, although some of the vendors have some pretty sophisticated capability build in as part of their firmware and OS. I've been working with Proxim on a deal, with 802.1x port based authentication. The particular Proxim device creates virtual ports for end stations, and communicates with radius to ensure that the user can authenticate against the 802.1x database, even as the user moves from AP to AP. It is not inconceivable that putting in a series of wireless AP's could create a loop somewhere. Particularly if there are rogue devices out there and someone is wandering among them. Just thinkking out loud, but the switch would see a user MAC comming into different ports as the user moved around. Thinking out loud again, with an authorized and reasonably thought out wireless installation, all your AP's would be in the same subnet/vlan and users wandering from AP to AP would cause no problems becasue to the back room switch the user mac would be on the same vlan as it moves. as far as the switch is concerned, nothing untoward has happened. Unless something is terribly wrong - i.e. major bug in the AP software - users cannot be connected to more than one access-point simultaneously ( if they could, that might cause loop problems ) generally, the wireless nic firmware negotiates connection to the AP with the strongest signal in a mobile situation. Once in a while I see a comment that leads to believe that there may be some misunderstanding about the term "bridge" when used in conjunction with wireless. A wireless bridge is a device for point to point wireless communication with another wireless bridge. It is more like a serial link than what most folks think of when they hear the term "bridge". one of those newfangled terms that is in the purist sense misused, but neverless is used differently than in the world of switches. So, one way for wireless, with it's single ethernet port, to create a loop would be for it to bridge to anther AP, which in turn is plugged into the same switch. Loops would form and the ensuing broadcast storm could wreak havoc. > > Thanks, > > Zsombor Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70832&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP problem [7:70797]
My hub is calling me to dinner so I have to make this quick. The access point that I'm most familiar with is the Apple airport. It's essentially a router. It connects 2 subnets and does DHCP and NAT. It can also be put into bridging mode, in which it is transparent and connects devices in the same subnet. I doubt it does STP. I hadn't noticed that the originial poster said wireless NIC. That seems sort of unlikely to cause major problems I agree. I sketeched out some simple loops though. They certainly could happen. Wish we had whiteboard capability on GroupStudy. Gotta run. The hub made dinner! :-) Priscilla The Road Goes Ever On wrote: > > ""Zsombor Papp"" wrote in message > news:[EMAIL PROTECTED] > > At 08:34 PM 6/17/2003 +, Priscilla Oppenheimer wrote: > > >Access points can be configured to do bridging and I > wouldn't be > surprised > > >to discover that they don't do STP, especially low-end ones > from the > local > > >KMart. A lot of low-end switches don't do STP either. > > > > Yet they filter out BPDUs? If they don't, then assuming proper > > configuration on the "high end" switches, can there be really > loop? > > > > > So, the access point > > >would have to be inserted into the network just right so > that it caused a > > >loop, but that's certainly possible. In that case all the > looping > broadcast > > >traffic, not to mention looping unknown unicast traffic, > could bring a > > >network to its knees. > > > > > >I'm surprised so many people doubted his decription of the > problem!? > > > > A 6509 can switch multiple gigabits of traffic without any > problems. You > > would need quite a few wireless loops to kill such a box. I > might be > > missing something but I still doubt that "a user with an > integrated > > wireless and LAN NIC" can kill bring down a network of 6509 > and 3550 > > switches. > > > Not knowing firsthand, I've checked the Cisco documentation. > For the 1200 > series of AP's, at least, I can find no reference to spanning > tree. Not > saying it isn't there. Just saying I see no reference. > > every AP with which I am familiar has but a single ethernet > port. It is > essentially a hub, although some of the vendors have some pretty > sophisticated capability build in as part of their firmware and > OS. I've > been working with Proxim on a deal, with 802.1x port based > authentication. > The particular Proxim device creates virtual ports for end > stations, and > communicates with radius to ensure that the user can > authenticate against > the 802.1x database, even as the user moves from AP to AP. > > It is not inconceivable that putting in a series of wireless > AP's could > create a loop somewhere. Particularly if there are rogue > devices out there > and someone is wandering among them. Just thinkking out loud, > but the switch > would see a user MAC comming into different ports as the user > moved around. > > Thinking out loud again, with an authorized and reasonably > thought out > wireless installation, all your AP's would be in the same > subnet/vlan and > users wandering from AP to AP would cause no problems becasue > to the back > room switch the user mac would be on the same vlan as it moves. > as far as > the switch is concerned, nothing untoward has happened. > > Unless something is terribly wrong - i.e. major bug in the AP > software - > users cannot be connected to more than one access-point > simultaneously ( if > they could, that might cause loop problems ) generally, the > wireless nic > firmware negotiates connection to the AP with the strongest > signal in a > mobile situation. > > Once in a while I see a comment that leads to believe that > there may be some > misunderstanding about the term "bridge" when used in > conjunction with > wireless. > > A wireless bridge is a device for point to point wireless > communication with > another wireless bridge. It is more like a serial link than > what most folks > think of when they hear the term "bridge". one of those > newfangled terms > that is in the purist sense misused, but neverless is used > differently than > in the world of switches. > > So, one way for wireless, with it's single ethernet port, to > create a loop > would be for it to bridge to anther AP, which in turn is > plugged into the > same switch. Loops would form and the ensuing broadcast storm > could wreak > havoc. > > > > > > > > > > Thanks, > > > > Zsombor > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70836&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP problem [7:70797]
"" Riley"" wrote in message news:[EMAIL PROTECTED] > What an interesting scenario! If I understood your message correctly, the > network picture is something like this: > > > Wired Network -Cat-Wireless Network > |User| > > Your problem is that the user is bridging the wired and wireless (and so is > the Cat), which means there are two functioning links (bridges) between the > wireless and wired. > > Your real problem is even if you track this user down and beat them severaly > with an AP antenna until his MCSE falls on the floor,this problem is going > to repeat itself with the next user who has a similar wired/wireless card. > > So...it's a long day and I can't think of the specific commands or > syntax or what I had for lunch, but configure the cat port that the wireless > AP is connected to to make it the root bridge such that it will always beat > the out of any wanna be bridges, thus ensuring that the rogues block. > > Sorry, can't be more specific than this, but my brain is frazzled so right > now, I think STP is something you put in your car...but maybe it will help > with your problem... > > HTH anyway, > > Charles nice to see you here again, Charles. Where you been keeping yourself? :-> I like your layout. Like the other guy said, though, I'm not sure a Windoze machine would bridge between these tow interfaces. Of course, I ould be wrong. It could also be that the integrated ethernet / wirelss card is broken for wahtever reason. Nothing would surprise me I put in a Linksys wireless network here at home, and put my wife and the kids on the wireless. My wife's laptop has a PCMCIA nic and a built in ethernet port. wonder if I could get her off the internet long enough to let me try a test or two. she's really loving being able to sit on the back deck and cruise. :-> don't be such a stranger, guy. > > > ""Christopher Dumais"" wrote in message > news:[EMAIL PROTECTED] > > Hi all, > > We are having an STP problem where we think a user with an integrated > > wireless and LAN NIC is creating a bridge loop and bringing down the > entire > > network. The problem occurs then goes away after 20 or so minutes unless > we > > can narrow down which closet it is coming from and reboot the switch. All > of > > our management tools die during the outage. Does anyone have any ideas on > > how we might prevent this from happening or track down the offender? We > have > > 6509's in our Core and a mix of 3548's and 3550-SMI. Any thoughts are > > appreciated. Thanks! > > > > Chris Dumais, CCNP, CNA > > Sr. Network Administrator > > NSS Customer and Desktop Services Team > > Maine Medical Center > > (207)871-6940 > > [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70833&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP problem [7:70797]
At 01:33 AM 6/18/2003 +, The Road Goes Ever On wrote: >Not knowing firsthand, I've checked the Cisco documentation. For the 1200 >series of AP's, at least, I can find no reference to spanning tree. Not >saying it isn't there. Just saying I see no reference. FWIW, the Aironet 1400 wireless bridge does support spanning tree. The other Aironet devices probably don't. In fact one of the Aironet 350 documents mentions that a loop may form if incorrect topology is used. >A wireless bridge is a device for point to point wireless communication with >another wireless bridge. It is more like a serial link than what most folks >think of when they hear the term "bridge". one of those newfangled terms >that is in the purist sense misused, but neverless is used differently than >in the world of switches. The Aironet 1400 is called (maybe incorrectly?) a wireless bridge and it does support point to multipoint setups. I have never used it but from the documentation it does look similar to a conventional bridge. I also noticed that in the Cisco terminology, access points and bridges are clearly distinguished. In other discussions this distinction is not always apparent. >So, one way for wireless, with it's single ethernet port, to create a loop >would be for it to bridge to anther AP, which in turn is plugged into the >same switch. Loops would form and the ensuing broadcast storm could wreak >havoc. Shouldn't the switch (assuming it supports STP) break the loop by blocking one of the two ports? Thanks, Zsombor Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70840&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: STP problem [7:70797]
Priscilla has a Hub that makes dinner..wonder when I can the cisco people To make switches that will do that. Larry Letterman Cisco Systems -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 17, 2003 6:53 PM To: [EMAIL PROTECTED] Subject: Re: STP problem [7:70797] My hub is calling me to dinner so I have to make this quick. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70842&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP problem [7:70797]
Networks. Not only is it a switch, patterned after an Ethernet switch, but it also supposedly solves the problem of rogue wireless access points. See these recent articles from 802.11 Planet and the San Jose Mercury News: http://www.80211-planet.com/news/print.php/1572381 http://www.siliconvalley.com/mld/siliconvalley/news/local/6106092.htm Priscilla The Road Goes Ever On wrote: > > "" Riley"" wrote in message > news:[EMAIL PROTECTED] > > What an interesting scenario! If I understood your message > correctly, the > > network picture is something like this: > > > > > > Wired Network -Cat-Wireless Network > > |User| > > > > Your problem is that the user is bridging the wired and > wireless (and so > is > > the Cat), which means there are two functioning links > (bridges) between > the > > wireless and wired. > > > > Your real problem is even if you track this user down and > beat them > severaly > > with an AP antenna until his MCSE falls on the floor,this > problem is going > > to repeat itself with the next user who has a similar > wired/wireless card. > > > > So...it's a long day and I can't think of the specific > commands or > > syntax or what I had for lunch, but configure the cat port > that the > wireless > > AP is connected to to make it the root bridge such that it > will always > beat > > the out of any wanna be bridges, thus ensuring that the > rogues block. > > > > Sorry, can't be more specific than this, but my brain is > frazzled so right > > now, I think STP is something you put in your car...but maybe > it will help > > with your problem... > > > > HTH anyway, > > > > Charles > > nice to see you here again, Charles. Where you been keeping > yourself? :-> > > I like your layout. Like the other guy said, though, I'm not > sure a Windoze > machine would bridge between these tow interfaces. Of course, I > ould be > wrong. It could also be that the integrated ethernet / wirelss > card is > broken for wahtever reason. Nothing would surprise me I put in > a Linksys > wireless network here at home, and put my wife and the kids on > the wireless. > My wife's laptop has a PCMCIA nic and a built in ethernet port. > wonder if I > could get her off the internet long enough to let me try a test > or two. > she's really loving being able to sit on the back deck and > cruise. :-> > > don't be such a stranger, guy. > > > > > > > ""Christopher Dumais"" wrote in message > > news:[EMAIL PROTECTED] > > > Hi all, > > > We are having an STP problem where we think a user with an > integrated > > > wireless and LAN NIC is creating a bridge loop and bringing > down the > > entire > > > network. The problem occurs then goes away after 20 or so > minutes unless > > we > > > can narrow down which closet it is coming from and reboot > the switch. > All > > of > > > our management tools die during the outage. Does anyone > have any ideas > on > > > how we might prevent this from happening or track down the > offender? We > > have > > > 6509's in our Core and a mix of 3548's and 3550-SMI. Any > thoughts are > > > appreciated. Thanks! > > > > > > Chris Dumais, CCNP, CNA > > > Sr. Network Administrator > > > NSS Customer and Desktop Services Team > > > Maine Medical Center > > > (207)871-6940 > > > [EMAIL PROTECTED] > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70894&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP problem [7:70797]
It's probably a LinkSys Hub. Didn't Cisco buy them a short time ago? :) Prof. Tom Lisa, CCAI Community College of Southern Nevada Cisco ATC/Regional Networking Academy "Cunctando restituit rem" Larry Letterman wrote: Priscilla has a Hub that makes dinner..wonder when I can the cisco people To make switches that will do that. Larry Letterman Cisco Systems -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 17, 2003 6:53 PM To: [EMAIL PROTECTED] Subject: Re: STP problem [7:70797] My hub is calling me to dinner so I have to make this quick. [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70910&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: STP problem [7:70797]
Yes we bought them...but we cant get the food they make across the Carrier lines and onto our cubes yet...:) Larry Letterman Cisco Systems -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom Lisa Sent: Wednesday, June 18, 2003 9:40 PM To: [EMAIL PROTECTED] Subject: Re: STP problem [7:70797] It's probably a LinkSys Hub. Didn't Cisco buy them a short time ago? :) Prof. Tom Lisa, CCAI Community College of Southern Nevada Cisco ATC/Regional Networking Academy "Cunctando restituit rem" Larry Letterman wrote: Priscilla has a Hub that makes dinner..wonder when I can the cisco people To make switches that will do that. Larry Letterman Cisco Systems -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 17, 2003 6:53 PM To: [EMAIL PROTECTED] Subject: Re: STP problem [7:70797] My hub is calling me to dinner so I have to make this quick. [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70913&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: STP problem [7:70797]
We had a similar situation. Only in this case, the user was taking down internet access. Seems whoever configured the machine put the default gateway in as the users address. At the time we were running two protocols, decnet and tcp/ip. Decnet was the first one to be used. The only time there was a problem was when the user would try to access the internet. After a week of troubleshooting, we started looking at all of the PCs that had been installed recently. It was pure luck that we found it. -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 17, 2003 4:35 PM To: [EMAIL PROTECTED] Subject: Re: STP problem [7:70797] Access points can be configured to do bridging and I wouldn't be surprised to discover that they don't do STP, especially low-end ones from the local KMart. A lot of low-end switches don't do STP either. So, the access point would have to be inserted into the network just right so that it caused a loop, but that's certainly possible. In that case all the looping broadcast traffic, not to mention looping unknown unicast traffic, could bring a network to its knees. I'm surprised so many people doubted his decription of the problem!? Anyway, finding it will be hard, though there's good advice from Tom and others. I think I would revert to an old-fasioned communications channel. Announce over the loud speaker that if you just connected a wireless access point, disconnect it now and report to the office! :-) Priscilla Tom Martin wrote: > > Chris, > > STP should be enough to avoid these types of problems. In order > to cause > a bridging loop the station would have to have both interfaces > in the > same VLAN and forward all L2 traffic except for BPDUs. Even if > this were > the case the wireless network (10-Mbps?) shouldn't be enough to > bring > the LAN to its knees (100-Mbps?). If you have STP enabled on > all of your > switches, I'm doubt that a single station is bringing the > network down. > > Once you find the offending switch that you need to reboot, you > can > issue console commands to determine the root bridge and any > blocked > ports. Make sure that things are normal. You do have your root > bridge > set manually, don't you? :) > > To find out which port is causing the loop, take a look at the > interface > counters. You should see an unreal amount of traffic on the > offending > port (and the uplink to the core switch). > > When STP has been enabled I have only come across layer-2 loops > twice. > Once when a few HP switches had gone bad, and another time when > a > customer had configured channeling on one side but not the > other (3500 > series, no channel negotiation). > > In both cases I found that the problem was made worse with > increasing > traffic levels, and the problem also revolved around the same > set of > switches. The channeling problem was a bit more difficult to > narrow down > though, since it disabled MLS on the core switch and every > segment > appeared to have problems!!! > > I hope that helps, > > - Tom > > > Christopher Dumais wrote: > > Hi all, > > We are having an STP problem where we think a user with an > integrated > > wireless and LAN NIC is creating a bridge loop and bringing > down the entire > > network. The problem occurs then goes away after 20 or so > minutes unless we > > can narrow down which closet it is coming from and reboot the > switch. All of > > our management tools die during the outage. Does anyone have > any ideas on > > how we might prevent this from happening or track down the > offender? We have > > 6509's in our Core and a mix of 3548's and 3550-SMI. Any > thoughts are > > appreciated. Thanks! > > > > Chris Dumais, CCNP, CNA > > Sr. Network Administrator > > NSS Customer and Desktop Services Team > > Maine Medical Center > > (207)871-6940 > > [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72467&t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: STP problem [7:70797]
Heh, you should have been at Networkers 2003 in LA. Cisco's wireless network was... Unstable to say the least. I'd estimate that the network was available only 50% of the time. First someone hacked into the DHCP server and brought that down. They someone set their IP address the same as the default route. Then people setup peer-to-peer networks with the same ESSID as the Cisco AP's. It was almost comical! Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: DeVoe, Charles (PKI) [mailto:[EMAIL PROTECTED] Sent: Thursday, July 17, 2003 8:39 AM To: [EMAIL PROTECTED] Subject: RE: STP problem [7:70797] We had a similar situation. Only in this case, the user was taking down internet access. Seems whoever configured the machine put the default gateway in as the users address. At the time we were running two protocols, decnet and tcp/ip. Decnet was the first one to be used. The only time there was a problem was when the user would try to access the internet. After a week of troubleshooting, we started looking at all of the PCs that had been installed recently. It was pure luck that we found it. -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 17, 2003 4:35 PM To: [EMAIL PROTECTED] Subject: Re: STP problem [7:70797] Access points can be configured to do bridging and I wouldn't be surprised to discover that they don't do STP, especially low-end ones from the local KMart. A lot of low-end switches don't do STP either. So, the access point would have to be inserted into the network just right so that it caused a loop, but that's certainly possible. In that case all the looping broadcast traffic, not to mention looping unknown unicast traffic, could bring a network to its knees. I'm surprised so many people doubted his decription of the problem!? Anyway, finding it will be hard, though there's good advice from Tom and others. I think I would revert to an old-fasioned communications channel. Announce over the loud speaker that if you just connected a wireless access point, disconnect it now and report to the office! :-) Priscilla Tom Martin wrote: > > Chris, > > STP should be enough to avoid these types of problems. In order > to cause > a bridging loop the station would have to have both interfaces > in the > same VLAN and forward all L2 traffic except for BPDUs. Even if > this were > the case the wireless network (10-Mbps?) shouldn't be enough to > bring > the LAN to its knees (100-Mbps?). If you have STP enabled on > all of your > switches, I'm doubt that a single station is bringing the > network down. > > Once you find the offending switch that you need to reboot, you > can > issue console commands to determine the root bridge and any > blocked > ports. Make sure that things are normal. You do have your root > bridge > set manually, don't you? :) > > To find out which port is causing the loop, take a look at the > interface > counters. You should see an unreal amount of traffic on the > offending > port (and the uplink to the core switch). > > When STP has been enabled I have only come across layer-2 loops > twice. > Once when a few HP switches had gone bad, and another time when > a > customer had configured channeling on one side but not the > other (3500 > series, no channel negotiation). > > In both cases I found that the problem was made worse with > increasing > traffic levels, and the problem also revolved around the same > set of > switches. The channeling problem was a bit more difficult to > narrow down > though, since it disabled MLS on the core switch and every > segment > appeared to have problems!!! > > I hope that helps, > > - Tom > > > Christopher Dumais wrote: > > Hi all, > > We are having an STP problem where we think a user with an > integrated > > wireless and LAN NIC is creating a bridge loop and bringing > down the entire > > network. The problem occurs then goes away after 20 or so > minutes unless we > > can narrow down which closet it is coming from and reboot the > switch. All of > > our management tools die during the outage. Does anyone have > any ideas on &g
