Big problem with 2960S-24TS-S

newskydata · ‎07-24-2013

Hi,

I have a new switch 2960S-24TS-S trunking to 3750G (3750G working great). Currently I have big problem with switch 2960S then

Some time, all servers on sw 2960S downtime ~ 4-5m after uptime again

I checked then see that 1 server got SYN FLOOD attack ~ 60Mbps, but all servers down although on sw 2960S have many diffrent VLANs

# sh ver

Switch Ports Model SW Version SW Image

------ ----- ----- ---------- ----------

* 1 26 WS-C2960S-24TS-S 12.2(55)SE7 C2960S-UNIVERSALK9-M

I have some switches 2960-24TT-L then haven't get above error like 2960S and working great.

Switch Ports Model SW Version SW Image

------ ----- ----- ---------- ----------

* 1 26 WS-C2960-24TT-L 12.2(55)SE5 C2960-LANBASEK9-M

Any body help me ? Thanks so much ! Sorry so bad english !

Leo Laohoo · ‎07-24-2013

Some time, all servers on sw 2960S downtime ~ 4-5m after uptime again

You mean your severs connected to the 2960S will go down/up regularly?

newskydata · ‎07-24-2013

Yeap,

All servers connected to 2960S will go down/up although only once server getting attacked. And have many VLANs on SW

And I also can't connect to SW 2960S via SSH v2 when once server being attacked

Leo Laohoo · ‎07-24-2013

Post the "sh logs".

newskydata · ‎07-28-2013

Hi Leo,

I see that gi 0/7 auto up down

# sh log

Syslog logging: enabled (0 messages dropped, 0 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled)

No Active Message Discriminator.

No Inactive Message Discriminator.

Console logging: level debugging, 800 messages logged, xml disabled,

filtering disabled

Monitor logging: level debugging, 0 messages logged, xml disabled,

filtering disabled

Buffer logging: level debugging, 800 messages logged, xml disabled,

filtering disabled

Exception Logging: size (4096 bytes)

Count and timestamp logging messages: disabled

File logging: disabled

Persistent logging: disabled

No active filter modules.

Trap logging: level informational, 803 message lines logged

Log Buffer (4096 bytes):

d state to down

*Apr 6 00:25:38.044: %LINK-3-UPDOWN: Interface GigabitEthernet0/7, changed state to down

*Apr 6 00:25:40.398: %LINK-3-UPDOWN: Interface GigabitEthernet0/7, changed state to up

*Apr 6 00:25:41.399: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to up

*Apr 6 00:26:37.440: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to down

*Apr 6 00:26:38.447: %LINK-3-UPDOWN: Interface GigabitEthernet0/7, changed state to down

*Apr 6 00:26:40.796: %LINK-3-UPDOWN: Interface GigabitEthernet0/7, changed state to up

*Apr 6 00:26:41.797: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to up

*Apr 6 00:43:00.423: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to down

*Apr 6 00:43:04.874: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to up

*Apr 6 00:43:06.064: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to down

*Apr 6 00:43:07.071: %LINK-3-UPDOWN: Interface GigabitEthernet0/7, changed state to down

*Apr 6 00:43:09.503: %LINK-3-UPDOWN: Interface GigabitEthernet0/7, changed state to up

*Apr 6 00:43:10.505: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to up

*Apr 6 00:44:06.388: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to down

*Apr 6 00:44:07.395: %LINK-3-UPDOWN: Interface GigabitEthernet0/7, changed state to down

*Apr 6 00:44:09.791: %LINK-3-UPDOWN: Interface GigabitEthernet0/7, changed state to up

*Apr 6 00:44:10.793: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to up

*Apr 6 02:23:47.199: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection

*Apr 6 02:26:04.992: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection

*Apr 6 03:03:14.663: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to down

*Apr 6 03:03:19.051: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to up

*Apr 6 03:03:22.464: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to down

*Apr 6 03:03:23.466: %LINK-3-UPDOWN: Interface GigabitEthernet0/7, changed state to down

*Apr 6 03:03:25.862: %LINK-3-UPDOWN: Interface GigabitEthernet0/7, changed state to up

*Apr 6 03:03:26.863: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to up

*Apr 6 03:03:43.834: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to down

*Apr 6 03:03:44.836: %LINK-3-UPDOWN: Interface GigabitEthernet0/7, changed state to down

*Apr 6 03:03:47.200: %LINK-3-UPDOWN: Interface GigabitEthernet0/7, changed state to up

*Apr 6 03:03:48.202: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to up

*Apr 6 03:09:46.972: %SYS-5-CONFIG_I: Configured from console by dokhanh on vty1 (203.162.100.19)

*Apr 10 05:23:21.825: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to down

*Apr 10 05:23:22.826: %LINK-3-UPDOWN: Interface GigabitEthernet0/7, changed state to down

*Apr 10 05:23:25.883: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to up

*Apr 10 05:23:28.210: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to down

*Apr 10 05:23:30.806: %LINK-3-UPDOWN: Interface GigabitEthernet0/7, changed state to up

*Apr 10 05:23:31.807: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to up

*Apr 10 05:23:49.392: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to down

*Apr 10 05:23:50.393: %LINK-3-UPDOWN: Interface GigabitEthernet0/7, changed state to down

*Apr 10 05:23:52.794: %LINK-3-UPDOWN: Interface GigabitEthernet0/7, changed state to up

*Apr 10 05:23:53.806: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/7, changed state to up

Leo Laohoo · ‎07-29-2013

Something is WRONG here.

Your description shows a 2960S while your "sh log" is either from a 2960G or a 3560G. Which is which?

newskydata · ‎07-29-2013

No, This is log messages of SW 2960S

Leo Laohoo · ‎07-29-2013

This is log messages of SW 2960S

No it's not.

2960S interface naming convention is EXACTLY like a 3750.

I'm not pedantic. I want to know if Gi0/7 is a 2960G or a 3560G.

newskydata · ‎07-29-2013

It's a port of WS-C2960S-24TS-S. And this switch got above problem. Port 0/7 connect to windows server. I'm using port 0/23 connect to SW 3750G mode trunking

You want to show log of 2960S or 3750G ?

Topology

Trunking

3750G <------------------->2960S

Thank you so much

Leo Laohoo · ‎07-29-2013

Ok, then.

Do this:

1. Command: test cable tdr interface Gi0/7;

2. Wait for about 5 to 7 seconds;

3. Command: sh cable tdr interface Gi0/7; and

4. Post the output to #3.

newskydata · ‎07-29-2013

TDR test last run on: April 11 01:53:45

Interface Speed Local pair Pair length Remote pair Pair status

--------- ----- ---------- ------------------ ----------- --------------------

Gi0/7 1000M Pair A 0 +/- 0 meters Pair A Normal

Pair B 3 +/- 0 meters Pair B Normal

Pair C 1 +/- 0 meters Pair C Normal

Pair D 2 +/- 0 meters Pair D Normal

Leo Laohoo · ‎07-29-2013

Ok, thanks for the output.

I've got a suspicion you've got a faulty patch cord nearest Gi0/7. Let me explain:

1. Look at the Status. It shows "Normal". That's good.

2. Look at the Length of the cable. Notice Pair "A" is showing a distance of 0? Pair A decides whether or not your link should go up or down. Judging from the output to the "sh logs" earlier, this is your culprit.

newskydata · ‎07-29-2013

Thanks Leo,

I will check it

But my main problem is some time I can't connect to switch and All server on switch is downed after 3-4m then all normal

citriakatt · ‎07-29-2013

Hello,

are you using uplinkfast towards 3750G switch and portfast on ports facing servers?

Also are you using the same STP on all switches?

newskydata · ‎07-29-2013

Hi,

This is STP configuration of my switch

spanning-tree mode pvst

spanning-tree extend system-id

and all ports have setting like

interface GigabitEthernet0/7

switchport access vlan 865

switchport mode access

switchport port-security maximum 7

switchport port-security mac-address sticky

switchport port-security mac-address sticky 0025.90d3.b030 vlan access

switchport port-security mac-address sticky 0025.90d3.b031 vlan access

spanning-tree portfast

!

Some reports

#sh

spanning-tree

VLAN0800

Spanning tree enabled protocol ieee

Root ID Priority 32769

Address 001e.f662.f200

Cost 15

Port 24 (GigabitEthernet0/24)

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 33568 (priority 32768 sys-id-ext 800)

Address 08cc.68e3.9d80

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type

------------------- ---- --- --------- -------- --------------------------------

Gi0/24 Root FWD 4 128.24 P2p

VLAN0861

Spanning tree enabled protocol ieee

Root ID Priority 33629

Address 0013.1aa9.1a80

Cost 4

Port 24 (GigabitEthernet0/24)

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 33629 (priority 32768 sys-id-ext 861)

Address 08cc.68e3.9d80

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type

------------------- ---- --- --------- -------- --------------------------------

Gi0/4 Desg FWD 4 128.4 P2p Edge

Gi0/6 Desg FWD 4 128.6 P2p Edge

Gi0/24 Root FWD 4 128.24 P2p

VLAN0865

Spanning tree enabled protocol ieee

Root ID Priority 33633

Address 0013.1aa9.1a80

Cost 4

Port 24 (GigabitEthernet0/24)

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 33633 (priority 32768 sys-id-ext 865)

Address 08cc.68e3.9d80

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type

------------------- ---- --- --------- -------- --------------------------------

Gi0/1 Desg FWD 4 128.1 P2p Edge

Gi0/2 Desg FWD 19 128.2 P2p Edge

Gi0/3 Desg FWD 4 128.3 P2p Edge

Gi0/5 Desg FWD 4 128.5 P2p Edge

Gi0/7 Desg FWD 4 128.7 P2p Edge

Gi0/8 Desg FWD 4 128.8 P2p Edge

Gi0/9 Desg FWD 4 128.9 P2p Edge

Interface Role Sts Cost Prio.Nbr Type

------------------- ---- --- --------- -------- --------------------------------

Gi0/24 Root FWD 4 128.24 P2p