cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1106
Views
20
Helpful
13
Replies

My confused....about spanning-tree protocol on redundant network .

lin-d
Level 1
Level 1

Hello everybody :

I having an question about switch spanning-tree protocol , in my network topology in below ( sorry i can't post diagram ).

------ ------

| 1 | | 2 |

------ ------

------ ------ ------

| 3 | | 4 | | 5 |

------ ------ ------

1.Switch 3.4.5 directly connect to the Switch 1.2 .

2.Switch 1 is configurationed become "Root Bridge".and All the Port on Switch 1 are Forwarding mode .( Root Port :RP )

3.Switch 1 also directly connect to Switch 2.

4.All the Switch Port on the Switch 2 are Forwarding mode .( Designated Port : DP )

5.All the Switch Port connect Switch 1 are Forwarding mode .( Designated Port : DP )

6.All the Switch Port connect Switch 2 are Blocking mode .( Non-Designated Port : NDP ) except Switch 1.

7.Switch 1 with Switch 2 is peer . for Network Redundant.

my problem is why switch 2 will send traffic to the switch 3.4.5. , switch 3.4.5 is directly connect to switch 2 .but these switch

port state is blocking .i suppose these switch port ( connect switch 2 )will receive BPDU from switch 2 .not receive internet traffic .

=================================================

now i show interface on switch 2 .i can saw the interface description:

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 10779000 bits/sec, 2869 packets/sec

Note : This is on switch 2, type show interface command .these port is directly connect to switch 3.4.5 . all the port is same situation.

=================================================

now i show interface on switch 3.4.5.( this is connect to switch 2 )

switch 3.

5 minute input rate 12167000 bits/sec, 3249 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

switch 4

5 minute input rate 12278000 bits/sec, 3273 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

switch 5

5 minute input rate 11877000 bits/sec, 3178 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

Note : These interface just have input traffic .( is from switch 2 ),i think these traffic not are BPDU packet .and my network spanning-tree protocols is fine .and all switch are

vlan 1 .same subnet network .

Device : all switch are WS-C3524-XL.

IOS : c3500XL-c3h2s-mz-120.5-XU.bin ( Processor is running Enterprise Edition Software )

P.S.Sorry my english is very poor .

Best Regard ,

David Lin .

13 Replies 13

lgijssel
Level 9
Level 9

It may be that you have a problem with unidirectional links. This can cause the behaviour described here. It may be a general cabling issue or it can be on the link between switch 1 and 2.

Please check all cabling between the switches, especially the link between switch 1 and 2.

Another possibility is incorrect trunking, i.e. one side = trunk while the other is not.

Regards,

Leo

Dear Leo :

Very thanks your help !! before post problem , i check & test many thing .i can checked.include unidirectional links

( optical fiber ).I test switch 1 and 2 .and show in below .( in my network topology is not configured Trunk. )

P.S.The purpose is to confirm current configuration & device .interface topology is normal

step .1 ( test on switch 2 )

=====================================================================

switch 2#p ------>>test Layer 3 ...

Protocol [ip]:

Target IP address: 10.1.1.101

Repeat count [5]: 1000

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]:

Sweep range of sizes [n]:

Type escape sequence to abort.

Sending 1000, 100-byte ICMP Echos to 10.1.1.101, timeout is 2 seconds:

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!! ------>> test layer 3 ip packet is good .

Success rate is 100 percent (1000/1000), round-trip min/avg/max = 1/3/55 ms

switch 2#

switch 2#sh arp ----->>check arp table state .

Protocol Address Age (min) Hardware Addr Type Interface

Internet 10.1.1.108 77 0002.7e61.b580 ARPA VLAN1

Internet 10.1.1.182 0 00e0.fe22.c080 ARPA VLAN1

Internet 10.1.1.181 0 0002.bad5.7d07 ARPA VLAN1

Internet 10.1.1.250 238 0009.43d2.59f0 ARPA VLAN1

Internet 10.1.1.254 77 0000.0c07.ac01 ARPA VLAN1

Internet 10.1.1.231 120 0030.80f2.31a0 ARPA VLAN1

Internet 10.1.1.10 0 00d0.b7b7.698c ARPA VLAN1

Internet 10.1.1.14 1 0050.fc69.06a2 ARPA VLAN1

Internet 10.1.1.101 28 0002.7e61.9000 ARPA VLAN1---->switch 1

Internet 10.1.1.103 60 0002.fd38.6500 ARPA VLAN1---->switch 3

Internet 10.1.1.102 - 0002.7e62.c2c0 ARPA VLAN1---->self

Internet 10.1.1.100 134 0050.547f.c52c ARPA VLAN1

switch 2#

switch 2#sh mac add 0002.fd38.6500 ---->>test mac add where from??and learning .

Non-static Address Table:

Destination Address Address Type VLAN Destination Port

------------------- ------------ ---- --------------------

0002.fd38.6500 Dynamic 1 GigabitEthernet0/2 ----->current!! g0/2!!

(design all traffic must to pass through root switch .)

switch 2#sh mac add 0002.7e61.9000 ---->>test mac add where from??and learning .

Non-static Address Table:

Destination Address Address Type VLAN Destination Port

------------------- ------------ ---- --------------------

0002.7e61.9000 Dynamic 1 GigabitEthernet0/2 ----->current!! g0/2!!

switch 2#

switch 2#sh int g0/2 ----->>show interface state .

GigabitEthernet0/2 is up, line protocol is up

Hardware is Gigabit Ethernet, address is 0002.7e62.c2da (bia 0002.7e62.c2da)

Description: CONNECT TO switch 1[CISCO 3524 Gigabitethernet 0/2]

MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,

reliability 255/255, txload 3/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive not set

Auto-duplex (Full), link type is autonegotiation, media type is SX

output flow-control is off, input flow-control is off

ARP type: ARPA, ARP Timeout 04:00:00

Last input 00:00:00, output 00:00:05, output hang never

Last clearing of "show interface" counters 03:45:32

Queueing strategy: fifo

Output queue 0/40, 0 drops; input queue 0/75, 0 drops

5 minute input rate 5000 bits/sec, 6 packets/sec

5 minute output rate 12681000 bits/sec, 3270 packets/sec

37531 packets input, 2843714 bytes, 0 no buffer

Received 32004 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 watchdog, 11890 multicast, 0 pause input

43993843 packets output, 3200537001 bytes, 0 underruns

0 output errors, 0 collisions, 0 interface resets

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier, 0 pause output

0 output buffer failures, 0 output buffers swapped out ----->current!!

switch 2#

switch 2#show Span ----->>show spanning-tree state .

Spanning tree 1 is executing the IEEE compatible Spanning Tree protocol

Bridge Identifier has priority 32768, address 0002.7e62.c2c0

Configured hello time 2, max age 20, forward delay 15

Current root has priority 1, address 0002.7e61.9000

Root port is 48, cost of root path is 4

Topology change flag not set, detected flag not set, changes 996

Times: hold 1, topology change 35, notification 2

hello 2, max age 20, forward delay 15

Timers: hello 0, topology change 0, notification 0

...

Interface Gi0/2 (port 48) in Spanning tree 1 is FORWARDING

Port path cost 4, Port priority 128

Designated root has priority 1, address 0002.7e61.9000 ------>current!!he known 0002.7e61.9000 are root bridge!!

Designated bridge has priority 1, address 0002.7e61.9000 ------>Root Port!!

Designated port is 48, path cost 0

Timers: message age 1, forward delay 0, hold 0

BPDU: sent 516, received 7311676

==========================================================

step .2 ( test on switch 1 )

switch 1#p ------>>test Layer 3 ...

Protocol [ip]:

Target IP address: 10.1.1.102

Repeat count [5]: 1000

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]:

Sweep range of sizes [n]:

Type escape sequence to abort.

Sending 1000, 100-byte ICMP Echos to 10.1.1.102, timeout is 2 seconds:

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!! ------>> test layer 3 ip packet is good .

Success rate is 100 percent (1000/1000), round-trip min/avg/max = 1/5/42 ms

switch 1#sh arp ----->>check arp table state .

Protocol Address Age (min) Hardware Addr Type Interface

Internet 10.1.1.182 1 00e0.fe22.c080 ARPA VLAN1

Internet 10.1.1.181 0 0002.bad5.7d07 ARPA VLAN1

Internet 10.1.1.254 40 0000.0c07.ac01 ARPA VLAN1

Internet 10.1.1.252 145 00b0.6453.7920 ARPA VLAN1

Internet 10.1.1.253 4 0002.4b5a.0310 ARPA VLAN1

Internet 10.1.1.240 56 00b0.64b9.9c70 ARPA VLAN1

Internet 10.1.1.10 0 00d0.b7b7.698c ARPA VLAN1

Internet 10.1.1.14 9 0050.fc69.06a2 ARPA VLAN1

Internet 10.1.1.101 - 0002.7e61.9000 ARPA VLAN1 ---->self

Internet 10.1.1.103 39 0002.fd38.6500 ARPA VLAN1 ---->switch 3

Internet 10.1.1.102 7 0002.7e62.c2c0 ARPA VLAN1 ---->switch 2

Internet 10.1.1.100 110 0050.547f.c52c ARPA VLAN1

switch 1#

switch 1#sh mac add 0002.7e62.c2c0 ---->>test mac add where from??and learning .

Non-static Address Table:

Destination Address Address Type VLAN Destination Port

------------------- ------------ ---- --------------------

0002.7e62.c2c0 Dynamic 1 GigabitEthernet0/2 .....>current!!

switch 1#

switch 1#sh int g0/2 ----->>show interface state .

GigabitEthernet0/2 is up, line protocol is up

Hardware is Gigabit Ethernet, address is 0002.7e61.901a (bia 0002.7e61.901a)

Description: CONNECT TO switch 2[CISCO 3524 Gigabitethernet 0/2]

MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,

reliability 255/255, txload 1/255, rxload 3/255

Encapsulation ARPA, loopback not set

Keepalive not set

Auto-duplex (Full), 1000Mb/s, media type is SX

output flow-control is off, input flow-control is off

ARP type: ARPA, ARP Timeout 04:00:00

Last input 00:00:50, output 00:00:01, output hang never

Last clearing of "show interface" counters 3d05h

Queueing strategy: fifo

Output queue 0/40, 0 drops; input queue 0/75, 0 drops

5 minute input rate 13019000 bits/sec, 3477 packets/sec

5 minute output rate 1000 bits/sec, 1 packets/sec

1062190699 packets input, 3532736248 bytes, 0 no buffer

Received 750879 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 watchdog, 105370 multicast, 0 pause input

688023 packets output, 50879931 bytes, 0 underruns

0 output errors, 0 collisions, 0 interface resets

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier, 0 pause output

0 output buffer failures, 0 output buffers swapped out

switch 1#

switch 1#sh spanning-tree ----->>show spanning-tree state .

Spanning tree 1 is executing the IEEE compatible Spanning Tree protocol

Bridge Identifier has priority 1, address 0002.7e61.9000 ------>root bridge is self!!

Configured hello time 2, max age 20, forward delay 15

We are the root of the spanning tree

Topology change flag not set, detected flag not set, changes 1010

Times: hold 1, topology change 35, notification 2

hello 2, max age 20, forward delay 15

Timers: hello 0, topology change 0, notification 0

.......

switch 1#sh spanning-tree int g0/2 -----> this link is up.and state is forwarding .(to switch 2)

Interface Gi0/2 (port 48) in Spanning tree 1 is FORWARDING

Port path cost 4, Port priority 128

Designated root has priority 1, address 0002.7e61.9000

Designated bridge has priority 1, address 0002.7e61.9000

Designated port is 48, path cost 0

Timers: message age 0, forward delay 0, hold 0

BPDU: sent 7784629, received 574

switch 1#

===========================================================

I check optical fiber link between switch 1 and switch 2. cable configuration.hardware .and any possibility cause.

but i still can't find the answer to solve .but very thanks your help!!

Best Regard .

David Lin .

milan.kulik
Level 10
Level 10

Hi,

another possibility (if cabling is OK):

Remember that Switch2 is flooding broadcasts, multicasts and unknown unicasts to these ports.

Check (using sh controllers) what frame types are coming.

There might even be a failed NIC in the network sending this huge frame flow with either broadcast, unicast or bad unicast destination address.

Regards,

Milan

Dear Milan :

very thanks ....before that's i don't think. before i have had clear controller ethernet-controll interface counter...because that counter effect

i type show interface inside traffic counter .effect output traffic counter on switch 1.and clear controller ethernet-controller counter that's become to normal .

now i will check failed NIC this possibility.and very thanks. i will try few day ....and i will report result at finish. very thanks Milan .

(i check ethernet-controller ...but ..i don't understand those parameter

....what is wrong ....so i need time to understand these function.)

Best Regard.

David Lin .

9mmurphy
Level 1
Level 1

Hi David,

I believe STP is working properly.

Switch 1 is root

Switch 2 is secondary

Since switches 3,4,5 connects to both 1 and 2, they should all block on ports going to switch 2.

Switch 2 is forwarding on all ports, so it will send all broadcast and multicasts out those ports, that is why you have outbound traffic.

Switches 3, 4, 5 are all blocking on ports to switch 2, no traffic should be shown as outbound toward switch 2, likewise, switch 2 will show no inbound traffic from switch 3, 4 and 5.

Someone else will have to confirm, because I can't seem to remember, but BPDU and CDP packets I believe are handled differently on blocking ports.

HTH

Dear MICHAEL:

Very thanks for your help.i also believe my network is normal.but i can't believe that BPDU ,Broadcast and unicast packets need too much than 10Mbps and than 3 thousand packets.realy...i can't to explain that traffic is BPDU or unicast or CDP etc.(like other useful manage frames or packets)..so that is my confused. thanks again for your help.

P.S. to exceed 10Mbps is too large.

Best Regard .

David Lin .

David,

yes, BPDU and CDP are not what causes traffic like that, I was just stating that you can recieve BPDU traffic on a blocking port, I am not sure of frequency, every few seconds I imagine( I should know this, but don't feel likelooking it up).

Here is a question, what else is attached to Switch 2?

Switch 2 is generating all the traffic to switch 1, 3200 packets per second. STP will only control which ports are forwarding and blocking to prevent loops, traffic will flow what ever direction is required to reach the destination based on the cam table of the switch.

Is all of your layer 3 traffic entering the network via switch 2?

That might explain that all layer 3 traffic enters your network at switch 2. At layer 2, all traffic goes to switch 1 and then to the respective port or destination switch. It looked like Multicast and Unicast traffic amounted to a little less than 10% of your total traffic for the time frame on the counters.

You may need to analyze your taffic if the volume seems too high compared to what you expect.

You might want to post the sho interface command for the uplinks on switches 3, 4 and 5.

HTH

Dear Micheal :

first ..i realy thanks your response to help me.

Q.Is all of your layer 3 traffic entering the network via switch 2?

no, in the switch 1 and 2.they all have 1 link (catalyst 3524 G0/1)to the core router (core router 75xx x 2.and run H.S.R.P ).these is Redundant for Layer 3(to balance download traffic by dynamic route.upload traffic only flow 1 gateway is static routing.that gateway ip is virtual ip ,and normal is bundle on switch 1 .that is ok.and is operation very properly.)so layer 3 traffic will through the switch 1 & 2.to switch 3.4.5.(so not all download traffic will through switch 2 .switch 1 & 2.is Redundant. and traffic on core router link into switch 1 & 2 is balance .by dynamic routing .)

P.S.switch 1 & 2 to be part of up layer,internet traffic will from switch 1 or 2 download go to the router on switch 3.4.5.

very thanks.

=====================================

show inteface on switch 3(display connect to switch 1 and 2)

switch 3#show int f0/23 ----->>this's link to switch 1(normal)

FastEthernet0/23 is up, line protocol is up

Hardware is Fast Ethernet, address is 0002.fd38.6517 (bia 0002.fd38.6517)

Description: CONNECT TO swicth 1 F0/1

MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

reliability 255/255, txload 10/255, rxload 29/255

Encapsulation ARPA, loopback not set

Keepalive not set

Full-duplex, 100Mb/s, 100BaseTX/FX

ARP type: ARPA, ARP Timeout 04:00:00

Last input 00:00:00, output 00:00:24, output hang never

Last clearing of "show interface" counters 02:24:37

Queueing strategy: fifo

Output queue 0/40, 0 drops; input queue 0/75, 0 drops

5 minute input rate 11472000 bits/sec, 4442 packets/sec ---->>that's total traffic from switch 1.is current.

5 minute output rate 4279000 bits/sec, 4373 packets/sec

34787932 packets input, 2939746359 bytes

Received 39986 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 watchdog, 10741 multicast

0 input packets with dribble condition detected

34044868 packets output, 4141147798 bytes, 0 underruns

0 output errors, 0 collisions, 0 interface resets

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier

0 output buffer failures, 0 output buffers swapped out

switch 3#

switch 3#show int f0/24 ----->>this's link to switch 2(backup)

FastEthernet0/24 is up, line protocol is up

Hardware is Fast Ethernet, address is 0002.fd38.6518 (bia 0002.fd38.6518)

Description: CONNECT TO backup switch 2 F0/2

MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

reliability 255/255, txload 1/255, rxload 19/255

Encapsulation ARPA, loopback not set

Keepalive not set

Full-duplex, 100Mb/s, 100BaseTX/FX

ARP type: ARPA, ARP Timeout 04:00:00

Last input 00:00:01, output 00:00:53, output hang never

Last clearing of "show interface" counters 02:25:07

Queueing strategy: fifo

Output queue 0/40, 0 drops; input queue 0/75, 0 drops

5 minute input rate 7727000 bits/sec, 2026 packets/sec ----->>inbound from switch 2(traffic is too larg)

5 minute output rate 0 bits/sec, 0 packets/sec

18411262 packets input, 262724112 bytes

Received 40107 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 watchdog, 10777 multicast

0 input packets with dribble condition detected

290 packets output, 56260 bytes, 0 underruns

0 output errors, 0 collisions, 0 interface resets

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier

0 output buffer failures, 0 output buffers swapped out

switch 3#

=====================================

show spanning-tree on switch 3(display connect to switch 1 and 2)

switch 3#sh spanning-tree int f0/23 ----->>this's link to switch 1(normal)

Interface Fa0/23 (port 37) in Spanning tree 1 is FORWARDING

Port path cost 19, Port priority 128

Designated root has priority 1, address 0002.7e61.9000

Designated bridge has priority 1, address 0002.7e61.9000

Designated port is 13, path cost 0

Timers: message age 1, forward delay 0, hold 0

BPDU: sent 39649, received 7353433

switch 3#sh spanning-tree int f0/24 ----->>this's link to switch 2(backup)

Interface Fa0/24 (port 38) in Spanning tree 1 is BLOCKING

Port path cost 19, Port priority 128

Designated root has priority 1, address 0002.7e61.9000

Designated bridge has priority 32768, address 0002.7e62.c2c0

Designated port is 14, path cost 4

Timers: message age 3, forward delay 0, hold 0

BPDU: sent 892, received 7352953

switch 3#

=====================================

show controller interface on switch 3(display connect to switch 1 and 2)

switch 3#sh contro eth f0/23 ----->>this's link to switch 1(normal)

Transmit Receive

540748407 Bytes 3488938558 Bytes

761363117 Unicast frames 782734659 Unicast frames

2695 Multicast frames 200365 Multicast frames

32 Broadcast frames 537152 Broadcast frames

0 Discarded frames 0 No bandwidth frames

0 Too old frames 0 No buffers frames

0 Deferred frames 1 No dest, unicast

0 1 collision frames 0 No dest, multicast

0 2 collision frames 0 No dest, broadcast

0 3 collision frames 0 Alignment errors

0 4 collision frames 0 FCS errors

0 5 collision frames 0 Collision fragments

0 6 collision frames

0 7 collision frames 0 Undersize frames

0 8 collision frames 101908137 Minimum size frames

0 9 collision frames 342763050 65 to 127 byte frames

0 10 collision frames 32462047 128 to 255 byte frames

0 11 collision frames 25084496 256 to 511 byte frames

0 12 collision frames 219454900 512 to 1023 byte frames

0 13 collision frames 61799547 1024 to 1518 byte frames

0 14 collision frames 0 Oversize frames

0 15 collision frames

0 Excessive collisions

0 Late collisions

switch 3#

switch 3#sh contro eth f0/24 ----->>this's link to switch 2(backup)

Transmit Receive

1044496 Bytes 413748474 Bytes

0 Unicast frames 0 Unicast frames

2692 Multicast frames 83482 Multicast frames

0 Broadcast frames 0 Broadcast frames

0 Discarded frames 0 No bandwidth frames

0 Too old frames 0 No buffers frames

0 Deferred frames 457137081 No dest, unicast

0 1 collision frames 116652 No dest, multicast

0 2 collision frames 536614 No dest, broadcast

0 3 collision frames 0 Alignment errors

0 4 collision frames 0 FCS errors

0 5 collision frames 0 Collision fragments

0 6 collision frames

0 7 collision frames 0 Undersize frames

0 8 collision frames 84370733 Minimum size frames

0 9 collision frames 79939341 65 to 127 byte frames

0 10 collision frames 33895077 128 to 255 byte frames

0 11 collision frames 21096970 256 to 511 byte frames

0 12 collision frames 186009794 512 to 1023 byte frames

0 13 collision frames 52561914 1024 to 1518 byte frames

0 14 collision frames 0 Oversize frames

0 15 collision frames

0 Excessive collisions

0 Late collisions

switch 3#

Best Regard ,

David Lin .

David,

I think you've got a problem with a bad NIC in your network.

Look to the switch 3#sh contro eth f0/24 ----->>this's link to switch 2(backup)

output:

Transmit Receive

0 Deferred frames 457137081 No dest, unicast

This is a huge number of unknown unicasts which mean there are frames with destination address which is not in the Switch 2 forwarding table and so Switch 2 has to flood them to all ports.

What I would do:

Connect to Switch 2 with a protocol analyzer (PC running Ethereal freeware, e.g.), do port monitor of the line connecting to Switch 3, capture data and see what frames are going on the line. It should be an easy task to find who is sending the huge unicast flow.

Then, having the source MAC address, you sjould be able to find the source NIC.

Regards,

Milan

Dear :

very thanks .i think .you are right ...you hit this problem .very very thanks.

that's unicasts .but i don't known how to deny these mac address ..or to stop this situation .now i find this "bad" MAC'address in below .

on switch 2 type show mac .(in display i filter other normal mac's address)

Destination Address Address Type VLAN Destination Port

------------------- ------------ ---- --------------------

0002.7e61.b597 Dynamic 1 FastEthernet0/3

0002.7e61.c218 Dynamic 1 FastEthernet0/5

0002.7e61.d057 Dynamic 1 FastEthernet0/1

0002.fd38.6518 Dynamic 1 FastEthernet0/2

0030.7be6.e698 Dynamic 1 FastEthernet0/4

these mac's address is bad ,because on switch 2 can learning BPDU from the switch 1 only.and forwarding BPDU to all port on switch .and switch 3.4.5 can't forwarding they self BPDU to the switch 2 .so i thinking that is bad or my switch had problem .from information above.(i used clear arp table ...but is no working.)

Best Regard .

David Lin .

David,

I'm afraid you are missing the point now.

These MAC addresses are probably correct MAC addresses of Switch 3,4,5 ports. If you do sh int ... on the Switch 3,4,5 you'll see them, see example from my switch:

sh int fa 0/24

FastEthernet0/24 is up, line protocol is up

Hardware is Fast Ethernet, address is 0001.4264.7398

Switch 2 is still receiving CDP frames from Switch 3,4,5 (no matter the ports are blocking). So it knows these addresses correctly.

The "bad" MAC addresses can't be seen in MAC address table - if they were there Switch 2 wouldn't flood the frames to all ports.

The only way how to find "bad" addresses is to capture data from the line.

You can find the source address from the captured frames and detect the source of your problem.

Regards,

Milan

Dear Milan:

now,i understand this problem ...i will find these mac address where from ( capture layer 3 ip address "sourse")....thanks..

P.S. you are right .and i am wrong to say about CDP ...i understand ,that switch Blocking mode can't limit CDP frames ...because they are different..and i say "bad" MAC address ...also is wrong ....but my english is very poor .i don't known how to define these ....MAC ..so very very thanks....now i know how to solve this problem.

Best Regard ,

David Lin .

Review Cisco Networking for a $25 gift card