[c-nsp] The network went down

Nicolaj Ottsen no at webpartner.dk
Fri Sep 17 15:44:07 EDT 2004 

Hi,

If you use "vlan dot1q tag native", you can get this problem if you
forget to enable it on one switch with redundant links. I guess any type
of misconfiguration could cause this. L2, with this many switches, is a
tricky thing because small problems does not excist only disasters. I
would seriously consider using the L3 functions in the 3550. Use L3
(OSPF) to create redundancy at the "core" and L2 for redundancy at
department level ... If not L3 all the way.

Also remember to secure your access ports to prevent disaster.

Interface X x/x
 spanning-tree bpdufilter enable
 spanning-tree bpduguard enable
 spanning-tree guard root

To automaticly bring the network back up after a failure enable
"errdisable recovery", below is a list of what the switch can react to.

errdisable recovery interval 30

errdisable recovery cause udld
errdisable recovery cause bpduguard
errdisable recovery cause security-violation
errdisable recovery cause channel-misconfig
errdisable recovery cause pagp-flap
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery cause l2ptguard
errdisable recovery cause psecure-violation
errdisable recovery cause gbic-invalid
errdisable recovery cause dhcp-rate-limit
errdisable recovery cause unicast-flood
errdisable recovery cause vmps
errdisable recovery cause loopback

/Nicolaj


-----Original Message-----
From: Alexandra Alvarado [mailto:aaaa at telconet.net] 
Sent: 17. september 2004 21:01
To: cisco-nsp at puck.nether.net; Alexandra Alvarado
Subject: [c-nsp] The network went down


  ----- Original Message -----
  From: Alexandra Alvarado
  To: cisco-nsp at puck.nether.net ; Alexandra Alvarado
  Sent: Thursday, September 16, 2004 6:40 PM
  Subject: The network went down!


  Hello,

  Since 2 weeks ago I configured MSTP in the network that I manage, all
was success, when a link fails, the backup link is activated
  automatically in 1 second.  

  I have 9 redundant links approximately, in around 50 cisco switches
catalyst 3550, all of them are part of one region.

  Today I try to activate a new redundant link and all the network went
down, the 90% of the switches stayed out, and the switches
  that I could reach had in the log message "crash memory"; I supose
that was a loop, but I have reviewed too many times and
  I can't find any bad configuration. I had to reload all switches to
get connectivity again and shut down the link that caused the problem.

  Can anybody help to me giving some tips about it.

  Thanks

  Alexandra Alvarado
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list