Solved: Catalyst 3560 not switching or passing through traffic.

nabeelr · ‎11-04-2023

A few weeks ago a Catalyst 3560 seemingly randomly stopped passing through traffic. I have gone so far as to format it's flash and xmodem up a new copy of iOS, as well as clearing the nvram, and yet the switch simply won't pass through traffic.

It's connected to a Juniper EX4200, and it's port is working fine.

I used Wireshark to look at the traffic on the network, and I can't even see any of the broadcast packets from the other devices on the switch. (Edit: It seems I can see SOME broadcast packets, but not as many as I'd expect...)

I'm lost as to what to do... it's like each port is totally isolated, and the only traffic I see are the packets from my own device, as well as some packets from the switch itself.

I should add, something weird happened around the same time that this switch started behaving like this:

The EX4200 that this switch is plugged into, is a pair in a virtual chassis, and at around the same time this Catalyst 3560 started misbehaving, the same sort of thing happened with the EX4200s, except those were only on ports where NEW devices were plugged into. The ports where devices had been connected to before, still operated normally. A power cycle fixed this issue on the Junipers, however I've power cycled, reset and reflashed the Cisco Catalyst with no luck.

I'm at a loss. I have no idea what happened to these switches, and why a reboot fixed one, and the other seems to be totally stuck.

It must be misconfiguration it... but how? IIRC, without a config, or with the basic config, these switches just act like switches... don't they?

I haven't done Cisco stuff in more than 10 years, so I may be making an obvious mistake.

Any help would be appreciated.

nabeelr · ‎11-05-2023

I thought that too, and I tried that with no success...

I can't accept that it just randomly died, but yet can switch SOME traffic between devices, but not other traffic between switches... it just doesn't make sense...

I did port mirroring on the Juniper switch it's connected to, and I see a bunch of spanning tree packets and LLDP packets from both switches... along with the very occasional DHCP discover packet coming from the cisco switch.

While writing this, I decided to try disabling spanning tree... it fixed it...
I never adjusted the settings for spanning tree... so IDK why this would even happen...

But that was the solution, turn off spanning tree on the upstream juniper switch.

View solution in original post

Kasun Bandara · ‎11-05-2023

@nabeelr hi, do you see any abnormal logs in console? or logging?

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB

nabeelr · ‎11-05-2023

Nope... just your regular messages in the console, about interfaces coming up, or going down, when things get plugged in or unplugged from the ports.

marce1000 · ‎11-05-2023

- What kind of link are you setting up with the Juniper EX4200 : just layer2 , LAG , trunk ... ?

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

nabeelr · ‎11-05-2023

Tried just a basic access port layer 2, which worked before, also tried making it a trunk port on the juniper to the c3560, no luck.

marce1000 · ‎11-05-2023

- A layer 2 connection is kind of undefined in the sense of the switch knowing what to do , it would only make sense if it arrives on the same vlan at the other end , and then traffic would be limited to that vlan-broadcast-domain only , normally you will make a trunk link ; but if you do that , which is advised then make sure there is a consistent vlan list at both ends, and device which or all vlans should go over the trunk.
So basically go for the trunk link and follow these settings : (but have consistent vlans to carry first)

Juniper
aggregated-ether-options {

lacp {

passive;

periodic slow;

}

On the 3650 switch, for each Etherchannel member port:
channel-group mode active

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

nabeelr · ‎11-05-2023

So I tried just as an access port, with no vlans and all untagged traffic, then I tried as a trunk port with vlan 3 and untagged traffic (vlan 0 in Juniper), and neither worked.

Before the port was just a simple access port with untagged traffic.

LACP is not enabled on the port that this switch is plugged into.

marce1000 · ‎11-05-2023

>...So I tried just as an access port, with no vlans and all untagged traffic, then I tried as a trunk port with vlan 3 and untagged traffic (vlan 0 in Juniper), and neither worked.
Ok , LACP is not involved (currently) indeed , but then for testing with the trunk , you need to make sure that the vlans would have the same tag , so there should be a similar vlan 3 carried over the trunk in juniper (not vlan 0) . So try the trunk solution again with that in mind , it's more consistent, then check if the devices on vlan 3 can communicate on both platforms and over the link

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

nabeelr · ‎11-05-2023

Yeah, I'm aware. The traffic I'm looking to get on the switch is untagged anyways, and when the port on the juniper is a trunk port, the untagged traffic still doesn't make it through to the c3560, and when the juniper's port is set as an access port on vlan 0 (untagged), again the same thing.

I can plug a device into that port and see all the traffic coming from the juniper, but the cisco just doesn't seem to do anything with it.

marce1000 · ‎11-05-2023

- In essence only make tagged traffic go over the trunk ('numeric vlans' , don't have vlan 0 involved on the trunk) , the trunk link as such should be left alone when being made afterwards, other ports are then put in vlan 3 at both ends (example) and supposedly should be able to communicate ,

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

MHM Cisco World · ‎11-05-2023

show interface status <<- share this please

Thanks A Lot
MHM

nabeelr · ‎11-05-2023

Switch>show interface status

Port      Name               Status       Vlan       Duplex  Speed Type
Fa0/1                        connected    1          a-full  a-100 10/100BaseTX
Fa0/2                        notconnect   1            auto   auto 10/100BaseTX
Fa0/3                        notconnect   1            auto   auto 10/100BaseTX
Fa0/4                        notconnect   1            auto   auto 10/100BaseTX
Fa0/5                        notconnect   1            auto   auto 10/100BaseTX
Fa0/6                        notconnect   1            auto   auto 10/100BaseTX
Fa0/7                        notconnect   1            auto   auto 10/100BaseTX
Fa0/8                        notconnect   1            auto   auto 10/100BaseTX
Fa0/9                        notconnect   1            auto   auto 10/100BaseTX
Fa0/10                       notconnect   1            auto   auto 10/100BaseTX
Fa0/11                       notconnect   1            auto   auto 10/100BaseTX
Fa0/12                       notconnect   1            auto   auto 10/100BaseTX
Fa0/13                       notconnect   1            auto   auto 10/100BaseTX
Fa0/14                       notconnect   1            auto   auto 10/100BaseTX
Fa0/15                       notconnect   1            auto   auto 10/100BaseTX
Fa0/16                       notconnect   1            auto   auto 10/100BaseTX
Fa0/17                       connected    1          a-full  a-100 10/100BaseTX
Fa0/18                       notconnect   1            auto   auto 10/100BaseTX
Fa0/19                       notconnect   1            auto   auto 10/100BaseTX
Fa0/20                       notconnect   1            auto   auto 10/100BaseTX
Fa0/21                       notconnect   1            auto   auto 10/100BaseTX

Port      Name               Status       Vlan       Duplex  Speed Type
Fa0/22                       notconnect   1            auto   auto 10/100BaseTX
Fa0/23                       notconnect   1            auto   auto 10/100BaseTX
Fa0/24                       notconnect   1            auto   auto 10/100BaseTX
Fa0/25                       notconnect   1            auto   auto 10/100BaseTX
Fa0/26                       notconnect   1            auto   auto 10/100BaseTX
Fa0/27                       notconnect   1            auto   auto 10/100BaseTX
Fa0/28                       notconnect   1            auto   auto 10/100BaseTX
Fa0/29                       notconnect   1            auto   auto 10/100BaseTX
Fa0/30                       notconnect   1            auto   auto 10/100BaseTX
Fa0/31                       notconnect   1            auto   auto 10/100BaseTX
Fa0/32                       notconnect   1            auto   auto 10/100BaseTX
Fa0/33                       notconnect   1            auto   auto 10/100BaseTX
Fa0/34                       notconnect   1            auto   auto 10/100BaseTX
Fa0/35                       notconnect   1            auto   auto 10/100BaseTX
Fa0/36                       notconnect   1            auto   auto 10/100BaseTX
Fa0/37                       notconnect   1            auto   auto 10/100BaseTX
Fa0/38                       notconnect   1            auto   auto 10/100BaseTX
Fa0/39                       notconnect   1            auto   auto 10/100BaseTX
Fa0/40                       notconnect   1            auto   auto 10/100BaseTX
Fa0/41                       notconnect   1            auto   auto 10/100BaseTX
Fa0/42                       notconnect   1            auto   auto 10/100BaseTX
Fa0/43                       notconnect   1            auto   auto 10/100BaseTX
Fa0/44                       notconnect   1            auto   auto 10/100BaseTX

Port      Name               Status       Vlan       Duplex  Speed Type
Fa0/45                       notconnect   1            auto   auto 10/100BaseTX
Fa0/46                       notconnect   1            auto   auto 10/100BaseTX
Fa0/47                       notconnect   1            auto   auto 10/100BaseTX
Fa0/48                       notconnect   1            auto   auto 10/100BaseTX
Gi0/1                        notconnect   1            auto   auto Not Present
Gi0/2                        notconnect   1            auto   auto Not Present
Gi0/3                        notconnect   1            auto   auto Not Present
Gi0/4                        notconnect   1            auto   auto Not Present
Switch>

nabeelr · ‎11-05-2023

Here's a copy of the config, just in case I'm missing something obvious:

Switch#show  running-config
Building configuration...

Current configuration : 2157 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
enable secret 5 ***
enable password ***
!
!
!
no aaa new-model
system mtu routing 1500
!
!
!
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface FastEthernet0/25
!
interface FastEthernet0/26
!
interface FastEthernet0/27
!
interface FastEthernet0/28
!
interface FastEthernet0/29
!
interface FastEthernet0/30
!
interface FastEthernet0/31
!
interface FastEthernet0/32
!
interface FastEthernet0/33
!
interface FastEthernet0/34
!
interface FastEthernet0/35
!
interface FastEthernet0/36
!
interface FastEthernet0/37
!
interface FastEthernet0/38
!
interface FastEthernet0/39
!
interface FastEthernet0/40
!
interface FastEthernet0/41
!
interface FastEthernet0/42
!
interface FastEthernet0/43
!
interface FastEthernet0/44
!
interface FastEthernet0/45
!
interface FastEthernet0/46
!
interface FastEthernet0/47
!
interface FastEthernet0/48
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface Vlan1
 no ip address
 shutdown
!
ip classless
ip http server
ip http secure-server
!
!
vstack
!
line con 0
 speed 115200
line vty 0 4
 password ***
 login
line vty 5 15
 password ***
 login
!
end

Switch#

MHM Cisco World · ‎11-05-2023

I need to see interface status
I think there is mis matching in L1 or missing L2 protocol config.

Thanks A Lot
MHM

nabeelr · ‎11-05-2023

I posted it already, before I posted my config... but the post seems to have been removed for some reason...

I'll post it again:

Switch>show interface status

Port      Name               Status       Vlan       Duplex  Speed Type
Fa0/1                        connected    1          a-full  a-100 10/100BaseTX
Fa0/2                        notconnect   1            auto   auto 10/100BaseTX
Fa0/3                        notconnect   1            auto   auto 10/100BaseTX
Fa0/4                        notconnect   1            auto   auto 10/100BaseTX
Fa0/5                        notconnect   1            auto   auto 10/100BaseTX
Fa0/6                        notconnect   1            auto   auto 10/100BaseTX
Fa0/7                        notconnect   1            auto   auto 10/100BaseTX
Fa0/8                        notconnect   1            auto   auto 10/100BaseTX
Fa0/9                        notconnect   1            auto   auto 10/100BaseTX
Fa0/10                       notconnect   1            auto   auto 10/100BaseTX
Fa0/11                       notconnect   1            auto   auto 10/100BaseTX
Fa0/12                       notconnect   1            auto   auto 10/100BaseTX
Fa0/13                       notconnect   1            auto   auto 10/100BaseTX
Fa0/14                       notconnect   1            auto   auto 10/100BaseTX
Fa0/15                       notconnect   1            auto   auto 10/100BaseTX
Fa0/16                       notconnect   1            auto   auto 10/100BaseTX
Fa0/17                       connected    1          a-full  a-100 10/100BaseTX
Fa0/18                       notconnect   1            auto   auto 10/100BaseTX
Fa0/19                       notconnect   1            auto   auto 10/100BaseTX
Fa0/20                       notconnect   1            auto   auto 10/100BaseTX
Fa0/21                       notconnect   1            auto   auto 10/100BaseTX

Port      Name               Status       Vlan       Duplex  Speed Type
Fa0/22                       notconnect   1            auto   auto 10/100BaseTX
Fa0/23                       notconnect   1            auto   auto 10/100BaseTX
Fa0/24                       notconnect   1            auto   auto 10/100BaseTX
Fa0/25                       notconnect   1            auto   auto 10/100BaseTX
Fa0/26                       notconnect   1            auto   auto 10/100BaseTX
Fa0/27                       notconnect   1            auto   auto 10/100BaseTX
Fa0/28                       notconnect   1            auto   auto 10/100BaseTX
Fa0/29                       notconnect   1            auto   auto 10/100BaseTX
Fa0/30                       notconnect   1            auto   auto 10/100BaseTX
Fa0/31                       notconnect   1            auto   auto 10/100BaseTX
Fa0/32                       notconnect   1            auto   auto 10/100BaseTX
Fa0/33                       notconnect   1            auto   auto 10/100BaseTX
Fa0/34                       notconnect   1            auto   auto 10/100BaseTX
Fa0/35                       notconnect   1            auto   auto 10/100BaseTX
Fa0/36                       notconnect   1            auto   auto 10/100BaseTX
Fa0/37                       notconnect   1            auto   auto 10/100BaseTX
Fa0/38                       notconnect   1            auto   auto 10/100BaseTX
Fa0/39                       notconnect   1            auto   auto 10/100BaseTX
Fa0/40                       notconnect   1            auto   auto 10/100BaseTX
Fa0/41                       notconnect   1            auto   auto 10/100BaseTX
Fa0/42                       notconnect   1            auto   auto 10/100BaseTX
Fa0/43                       notconnect   1            auto   auto 10/100BaseTX
Fa0/44                       notconnect   1            auto   auto 10/100BaseTX

Port      Name               Status       Vlan       Duplex  Speed Type
Fa0/45                       notconnect   1            auto   auto 10/100BaseTX
Fa0/46                       notconnect   1            auto   auto 10/100BaseTX
Fa0/47                       notconnect   1            auto   auto 10/100BaseTX
Fa0/48                       notconnect   1            auto   auto 10/100BaseTX
Gi0/1                        notconnect   1            auto   auto Not Present
Gi0/2                        notconnect   1            auto   auto Not Present
Gi0/3                        notconnect   1            auto   auto Not Present
Gi0/4                        notconnect   1            auto   auto Not Present
Switch>