Strange network connectivity issue

AmnardC04 · ‎07-18-2005

Building A houses 2x core switches (WS-C6509 w/ Sup2)

Building B houses 1x distribution switch (WS-C4006) & 2 access switches (WS-C3560 & WS-C3548-XL) per floor.

Before: both WS-C6509s and majority of the access switches are running RSTP while the WS-C4006 is running PVST+.

Then we upgraded the CatOS and enabled RSTP on the WS-C4006.

After: RSTP is running on most switches except a few WS-C35XX-XL series.

After the CatOS upgrade, we encountered a network connectivity issue.

That is, multiple PCs on one of the active VLANs plugged into access switches in Building B would be unable to communicate with PCs on the same VLAN plugged into the WS-C4006 or the gateway. Oddly enough, the same PCs that are plugged into the WS-C4006 can communicate with the gateway and the PCs plugged into access switches.

Then I tried extending another VLAN from Building A to the access switches in Building B. The PCs plugged into the access switches suffered the same problem.

I checked the VTP trunk pruning & spanning tree port status on each interface with nothing out of ordinary. Rebooting the WS-C4006 and these access switches did NOT fix the problem. Can anyone help or come up with some logical explanation?

We have the same setup in several building. The network connectivity issue seems to affect only 1 or 2 VLANs per building out of 60+ VLAN on site.

Thanks!

Georg Pauwen · ‎07-18-2005

Hello,

can you track this problem to specific access switches ? Can you post the configuration of the 4006 and one of the access switches that is experiencing this problem ? Also, are the 6509 switches the (primary and secondary) root for the VLANs that are having this problem ? And, are the 6509 switches configured as VTP server, while all other switches are configured as VTP client ? Can you also post the output of 'show vtp status' from the 4006, one of the 'problem' switches, as well as of the 6509 switches ?

Lots of questions, but it might help to solve your problem to have this info...

Regards,

GP

AmnardC04 · ‎07-19-2005

>can you track this problem to specific access

>switches ?

All access switches on a floor are affected since they are all chained together in a straight line with the first switch connected to the dist switch.

>Can you post the configuration of the 4006 and one

>of the access switches that is experiencing this

>problem ?

Done! See attachments.

>Are the 6509 switches the (primary and secondary)

>root for the VLANs that are having this problem ?

Yes, they are. Both core switches have been configured as pri and sec root bridges alternating between odd and even vlan ids.

>Are the 6509 switches configured as VTP server,

>while all other switches are configured as VTP >client ?

Yes, they are.

>Can you also post the output of 'show vtp status'

>from the 4006, one of the 'problem' switches, as >well as of the 6509 switches ?

See attachments

Just to let you know. They were working prior the CatOS upgrade and STP mode change for years.

Georg Pauwen · ‎07-19-2005

Hello,

from what I can tell from your attachments, your Core-SW1 and Core-SW2 switches are running VTP version 1, while your WS-C3560 is running VTP version 2.

VTP version 1 and VTP version 2 are not interoperable on switches in the same VTP domain.

I would recommend to configure both core switches for VTP version 2, since that version supports features such as consistency checks, which are not supported in VTP version 1.

Does that make sense ?

Regards,

GP

AmnardC04 · ‎07-19-2005

Hmm, only core switches and WS-C4006s are running VTP ver 1, the remaining 60+ switches are running ver 2. How the heck did that happen? In any case, they are now running ver 2.

I will do some testing during the day and report back.

AmnardC04 · ‎07-20-2005

Still not working.

But I noticed something though...

Execute "clear arp" and then "sh arp" on the either core switch's msfc lists every ip addresses and mac addresses of the subnet that had the problem including that of the PCs that are on the affected access switches. For a few minutes, I could ping the PCs that are plugged into the affected access switches from the gateway.