cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
10677
Views
10
Helpful
11
Replies

2960X Intermittent Connectivity Issues

kumardilip
Level 1
Level 1

This is a strange problem, posting here because we haven't been able to isolate the source of the issue. We recently migrated few switch stacks from 3750X/V2 to 2960X in different sites. After the migration, we are observing intermittent connectivity issues on random PCs on the network. The PCs are cnnected to Cisco IP phone, and the phone connects to a network point in the wall or desk. The symptoms are that the PC shows that it has lost network during the issue, including the applications such as Outlook and, RDP. The PC event viewer log shows that the DNS lookup has failed (Event ID 1014). All of this while the physical interface is still up on both the PC and the switch.

 

The PC cannot ping the gateway, nor any other PC on the same network. ARP -a output on the PC shows it has no arp for the gateway or has lost/deleted it. Packet capture on the PC NIC shows that the PC is sending ARP broadcasts to the gateway but there is no response. However, it can see ARP broadcasts from other PCs in the subnet/vlan during the issue. SPAN capture from the switch port shows that it is not seeing the ARP broadcasts sent from the PC.

 

In one of the sites, we disabled EEE (no power efficient ethernet) on the switch ports which seems to have resolved the issue. This is related to bug CSCut57181. But we have another site with the same issue, and disabling EEE did not help. We tried connecting the PC directly to the face plate on the wall bypassing the phone, and it still loses network intermittently. We had a vendor run cable tests and the results are good and the cabling meets the standard.

 

Has anyone else come across this issue?  This could be related, I will post updates when I get one. Some more information about the devices involved.

 

Access Switch -

Model - WS-C2960X-48FPD-L

Number of switches in stack - 6

Software Version - 15.2(2)E5

 

Core Switch -

Model - WS-C3850-12XS

Number of switches in stack - 2

Software Version - 03.07.04E

 

Access Port Configuration on all ports - 

switchport access vlan 923
switchport mode access
switchport voice vlan 823
switchport port-security maximum 3
switchport port-security aging time 2
switchport port-security
no power efficient-ethernet
srr-queue bandwidth share 1 30 35 5
priority-queue out
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
service-policy input AUTOQOS-SRND4-CISCOPHONE-POLICY

 

1 Accepted Solution

Accepted Solutions
11 Replies 11

Leo Laohoo
Hall of Fame
Hall of Fame

CSCve53124 or CSCue23882

Bug CSCve53124 - The conditions are very similar, PCs on the master switch don't see any issues, only those on the stack members. However, we don't have both DHCP snooping and port-security enabled at the same time, and the ports do not flap. Do you think disabling port-security will help in this case?

 

Sw04#sh ip dhcp snooping
Switch DHCP snooping is disabled
Switch DHCP gleaning is disabled
DHCP snooping is configured on following VLANs:
none
DHCP snooping is operational on following VLANs:
none
DHCP snooping is configured on the following L3 Interfaces:

Insertion of option 82 is enabled
circuit-id default format: vlan-mod-port
remote-id: 7486.0b9b.f680 (MAC)
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Verification of giaddr field is enabled

 

Definitely not the bug CSCue23882 , we don't have DAI and IPDT enabled on the switches.

Disabling port-security fixed the issue, definitely a SW bug. I will post an update as soon as the Cisco TAC responds to me.

Hi did you get a answer from TAC ? I have the same problem. Thx Mario 

Yachay
Level 1
Level 1

Could you run the following commands and paste the output?

 

  • sh port-security address (only for the interface in which the PC is connected)
  • sh port-security interface GiA/B/C (change it for the actual interface)
  • sh int GiA/B/C
  • sh run int GiA/B/C

 

Output attached as a file.

Hi, Any luck with the TAC I seem to be having very similar issues on x4 stack intermittent network drops for 10-15seconds or up to a minute.

Hi, Any luck with the TAC I seem to be having very similar issues on x4 stack intermittent network drops for 10-15seconds or up to a minute.

Hi @All 

 

i just tried another IOS Version this seem´s to solve the problem. Please try the IOS 15.2(6)E2 this Version works and the problem didn't happen again. 

 

Regards Mario 

Hi @All 

 

i just tried another IOS Version this seem´s to solve the problem. Please try the IOS 15.2(6)E2 this Version works and the problem didn't happen again. 

 

Regards Mario 

same issue here.

i have a stack of 2 and we upgraded to os 15.2(7)E2 and users on master switch in my case are having issue

i noticed the mac address of the client disappears from the port. no log entry or so ever.

also don't have dhcp snooping enabled.

disabling port security seems to be resolving the issue.

anybody found any solution besides downgrading?

this release has been out for a few months and is starred.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: