Solved: Re: Network often gets down

wfqk · ‎07-22-2019

Hi switches are connected to firewall connected to internet. we often get alert email saying the network gets down. When checking Solarwind, we can see the network has disconnection for a few min or a little longer, then it comes back to normal. please see attached picture which shows device availability, the white bar shows downtime. we did not find something wrong in port or cable. Anyone has some suggestion how to check it and what can cause the issue? Thank you

paul driver · ‎07-22-2019

Hello

you say when this outage occurs it happens in all your switching infrastructure which could suggest possible stp topology changes temporary dropping your network.

chexk for frequented stp tcns in your interfaces also make sure any access ports have enabled

lastly make sure don’t have any bpdufiltering

applied to the ports

show spanning- tree detail | inc ieee|occurr|from| exec

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

Martin L · ‎07-22-2019

that;s not too bad; is this internal network or outside influences your downtime?

wfqk · ‎07-22-2019

Thank you for your reply. it is pretty often happens in different sites. some of them even have this kind of issue much more often.

Please see attached picture again. it happened several times within one week. Sometimes it looks like the downtime comes from uplink side ---firewall(it means the firewall and switches have the issue together at the same time), but other time it looks like it happens within inside network. Once it happens, all switches within the site have this issue at the same time.

paul driver · ‎07-22-2019

Hello

you say when this outage occurs it happens in all your switching infrastructure which could suggest possible stp topology changes temporary dropping your network.

chexk for frequented stp tcns in your interfaces also make sure any access ports have enabled

lastly make sure don’t have any bpdufiltering

applied to the ports

show spanning- tree detail | inc ieee|occurr|from| exec

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

wfqk · ‎07-22-2019

Thank you Paul for your reply. From output below, it looks like the tcns is coming from port g0/1, which is connected to firewall. In fact, the firewall and its behind switches have the outage at the same time. g0/1 is trunk. Do you think we stop the tcns flooding by adding command portfast to the port?

switch02#sh spanning-tree detail | inc ieee|occurr|from| exec
VLAN0030 is executing the rstp compatible Spanning Tree protocol
Number of topology changes 3 last change occurred 2d15h ago
from GigabitEthernet0/1

VLAN0090 is executing the rstp compatible Spanning Tree protocol
Number of topology changes 3 last change occurred 2d15h ago
from GigabitEthernet0/1
VLAN0255 is executing the rstp compatible Spanning Tree protocol
Number of topology changes 2 last change occurred 2d15h ago
from GigabitEthernet0/1

paul driver · ‎07-23-2019

Hello

you only need the connection to the firewall as a trunk if that fw is performing the routing for your lan otherwise suggest you make this an access-port with portfast applied

Also suggest make sure the switch that is running as your core switch is the stp root for the lan and lastly apply stp portfast to alll access-ports only and not on any switch interconnections

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

wfqk · ‎07-23-2019

Thank you Paul. I think what you mentioned above is to try to resolve downtime caused by tcns, right? after i review the case, i notice the downtime is lasting between 5 min to 4 hours. tcns should not cause this longer downtime, and it looks like it was caused by ISP because i can see the connection to ISP also has downtime at the same time. How do you think about this?