Hi All,

apologies if this should go in the stoopid category ! 

I have a stacked pair of SG350XG-2F10 switches with a pair of HPE servers connected via LAG's.

We have spiceworks desktop installed on a virtual machine on the 2 node cluster.

We've been having periodic short network disconnections every 4 hours for some time and I've finally proven that the cause of this is the Spiceworks inventory discovery scan. 

Since this tool is running with about 20 other VM's the 60 second Syn Protection setting disconnects all of them too (since they share the same physical ethernet port).

I've switched the Syn Protection setting on the switch to report only mode so we don't lose connectivity.

I'm not sure but on balance I'd say it should be necessary to re-enable the block setting but then I'd have to disable the Spiceworks inventory discovery scan which obviously isn't great as we then can't inventory new devices that are added to our network. 

I've been asked if increasing the protection threshold from 80 to a.n.other number would be worth doing but obviously I don't know how much over that figure the port is going.

Any advice would be gratefully received.