[c-nsp] spanning trees failing on five minute intervals

Church, Chuck cchurch at netcogov.com
Tue Oct 25 11:21:55 EDT 2005 

MAC addresses in the CAM table time out after 5 minutes by default, I
believe.  Sounds like an address is timing out, forcing a destination to
be re-learned.  You can try making the timeout period 10 minutes for all
VLANs, and see if the problem occurs every 10 minutes.  If so, you'll
know for sure that's the cause, and can then work on why a destination
with steady traffic is timing out.  Is it affecting just one device? 


Chuck Church
Lead Design Engineer
CCIE #8776, MCNE, MCSE
Netco Government Services - Design & Implementation
1210 N. Parker Rd.
Greenville, SC 29609
Home office: 864-335-9473
Cell: 703-819-3495
cchurch at netcogov.com
PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4371A48D


-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Steve Howell
Sent: Tuesday, October 25, 2005 10:45 AM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] spanning trees failing on five minute intervals

We have an otherwise healthy network that is dropping
packets on precise five minute intervals.  The problem
originally came to our attention when we started
seeing SYNs dropping from one of our applications, but
we can also reproduce it with traceroute.  We narrowed
down the problem to where we see our 6500 get a
packet, but it does not deliver it to the neighboring
switch.

There is no evidence of bursty traffic at the time of
the packet drops.

I tried looking for something on the switch that could
have an aging interval of five minutes, and it turns
out that spanning trees typically age out after five
minutes.  I am wondering if it's plausible to have
some kind of spanning tree misconfiguration that could
cause a very transient network failure.  Most of what
I've read so far suggests that spanning tree problems
take significantly longer to resolve themselves than a
second or two, so I could be chasing down a complete
red herring.

Just to complicate things, I'm a software developer,
not a network engineer, and I don't have access to the
Cisco box.  What I'm looking for here is a plausible
theory that would explain short-lived failures to
deliver packets from a 6500 that happen on precise
five minute intervals.  Once I have a decent theory, I
can try to have a somewhat intelligent discussion with
my network engineer colleagues, even though I'm a bit
out of my depth here.

Thanks,

Steve



		
__________________________________ 
Yahoo! FareChase: Search multiple travel sites in one click.
http://farechase.yahoo.com
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list