Ethernet loop in office

Does anyone have experience with network loops, spanning tree protocoll and redundant lines between switches?

Though our switches should use spanning tree protocol to provide redundancy. We have used redundant lines to our access-switches. Network specialists have installed this over one year ago. A few months ago, we notices strange things within our network. continuous ping to different virtual machines are answering with timeout sometimes, but nobody did sth before and after. So we thought the VMs are overloaded or had problem with storage.. long history. checked hardware and vmware, but no result, everything works fine. Networkspecialist from HPE has done logfile analyses and say we have network loop. Funny, because there isn't any loop besides redundant ways to access switches. And this is set to spanning tree, just one line is configured as "forwarding" and the 2nd is configured as "blocking".

Does anyone know some tools for checking network for ethernet loop? In office we're using HPE and aruba components. At home i'm using netgear (cheapest 8-port-managed switch) which has loop detection built in already. And also unifi which also could detect loops and use spanning tree protocoll. I wonder why more expensive hardware won't be able to detect ethernet loop.
Actually the aruba-switches say there's no loop and spanning tree is working fine.
But we have noticed through HPE's logfile analysis, two MAC-addresses are coming up to two ports of our redundant applied core-switches.
Can somebody give me some advice what i should check?

mozarella
kltaylorVioletChepilinh

Answers

  • kltaylorkltaylor Member Posts: 465 ✭✭✭✭
    What was the purpose initially for the loop to be implemented?
    "There's a fine line between audacity and idiocy."
    -Warden Anastasia Luccio, Captain
    VioletChepil
  • mozarellamozarella Member Posts: 55 ✭✭✭
    Actually we didn't implement any loop. We have changed all switches (access-switches and also core-switches) to implement a new network and new ESXi-hosts. The new network is designed that most of the access-switches are connected redundant to core-switch by using spanning tree protocoll.
    For example we have two core-switches called infrz1cs1 (infrastructure rechenzentrum (server-room) 1 core switch 1) and infrz1cs2. We also have two access-switches (48 port; sfp+ ports) called infrz1as1 and infrz1as2 connected via two DAC-cable to both of the core-switches. So there are 4 lines. Example infrz1as1 is connected with A1-port to infrz1cs1 to port 1. infrz1as1 A2-port is connected to infrz1cs2 port 1.
    cs1 and cs2 are also conntected with port 9 and 10 to each other. MSTP (spanning tree) is always disabling the 2nd way. So there shouldn't be any loop.

    Maybe somebody is connecting a switch twice to another switch by mistake. How to find this? I just notice that some servers (VMs) are not possible to get right answer from ping-command, just deliver timeout, but only sometimes. Most of the time it's working well.
    VioletChepil
  • kltaylorkltaylor Member Posts: 465 ✭✭✭✭
    I have to be honest, I don't have experience with that at all.  It seems like it would be similar to a network consisting of a firewall, domain server, and smart switches.
    Without using advanced routing through the firewall to achieve multiple subnets on the same network (where my experience lies) trying to find what you're looking to find is going to be an ordeal for sure.
    "There's a fine line between audacity and idiocy."
    -Warden Anastasia Luccio, Captain
    VioletChepilHronos
  • mozarellamozarella Member Posts: 55 ✭✭✭
    We don't have different subnets within the LAN like you mentioned. subnet (DMZ, multiple internet-connections, VPN..) are seperated through firewall and are not "inline" at the LAN.

    DNS, DHCP, Windows Active Directory, fileservices and other services are running within Windows VMs at our three ESXi-hosts.
  • VioletChepilVioletChepil London, UKAdministrator Posts: 1,616 admin
    Ok I'll see if any other of the network experts have anything to add on this topic!
    @TheCustomCave @Romulus @Pooh @Hronos @Idroy @GadgetVirtuoso - anything to add on this topic? 

    Community Manager at Fing

  • PoohPooh Member Posts: 642 ✭✭✭✭✭
    Sorry @VioletChepil - this is something this Bear's got no experience on... but I am following the thread with interest.
    People say nothing is impossible, but I do nothing every day.
    VioletChepil
  • TheCustomCaveTheCustomCave Member Posts: 45 ✭✭✭
    Wireshark may be worth looking at. That could at least give you some idea of which switch is going crazy.
    I've had some similar issues with some of my switches with constant arp flooding. My usual response is to check the ports from within the management console of the switch itself, see what's being hammered the most. Usually loops would cause total blackouts on the network rather than sporadic ping responses so I'm not entirely convinced it's down to the loop.

    VioletChepilkltaylormozarella
  • RomulusRomulus Member Posts: 33 ✭✭✭
    I have no experience in this area either. But you might want to try and audit the devices on your network to make sure you have nothing added by users. Examples: Laptop connected wired and wirelessly to the network that is bridging. A rogue WAP that someone added, someone plugging cables where they should not.

    You should also consider a bad cable, a stupid bad cable in a core part of our network at work caused us months of poor performance.
    I think using wireshark should help but it's probably not going to be an easy thing to track down with that.
    VioletChepilkltaylormozarella
  • kltaylorkltaylor Member Posts: 465 ✭✭✭✭
    Wireshark may be worth looking at. That could at least give you some idea of which switch is going crazy.
    I've had some similar issues with some of my switches with constant arp flooding. My usual response is to check the ports from within the management console of the switch itself, see what's being hammered the most. Usually loops would cause total blackouts on the network rather than sporadic ping responses so I'm not entirely convinced it's down to the loop.

    Wireshark can provide a lot of useful information about the traffic being received through TCP ports.
    "There's a fine line between audacity and idiocy."
    -Warden Anastasia Luccio, Captain
    TheCustomCaveVioletChepil
  • kltaylorkltaylor Member Posts: 465 ✭✭✭✭
    Romulus said:
    I have no experience in this area either. But you might want to try and audit the devices on your network to make sure you have nothing added by users. Examples: Laptop connected wired and wirelessly to the network that is bridging. A rogue WAP that someone added, someone plugging cables where they should not.

    You should also consider a bad cable, a stupid bad cable in a core part of our network at work caused us months of poor performance.
    I think using wireshark should help but it's probably not going to be an easy thing to track down with that.
    I completely agree with the suggestion for an audit.  As I've stated before here, mute/block it and see who yells about it. =)
    "There's a fine line between audacity and idiocy."
    -Warden Anastasia Luccio, Captain
    TheCustomCaveVioletChepil
  • mozarellamozarella Member Posts: 55 ✭✭✭
    Thanks for your suggestions. Really interesting ways to go on and check. i'll try my best.

    kltaylorVioletChepil
  • HronosHronos Member Posts: 163 ✭✭✭
    Pooh said:
    Sorry @VioletChepil - this is something this Bear's got no experience on... but I am following the thread with interest.
    Same here! hehehe
    I hope to learn something more!
    Keep looking up!
    kltaylorVioletChepil
  • inhinh Member Posts: 1

    Spanning tree is kind of dated at this point.


    I would use port channels.

    VioletChepilkltaylor
  • kltaylorkltaylor Member Posts: 465 ✭✭✭✭
    inh said:

    Spanning tree is kind of dated at this point.


    I would use port channels.

    I was thinking the same thing but was waiting for validation through another poster.
    "There's a fine line between audacity and idiocy."
    -Warden Anastasia Luccio, Captain
    VioletChepil
Sign In or Register to comment.