Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1415
Views
0
Helpful
2
Replies

Duplicate Packets Detected on Monitoring Tool When Switches are Added to the Network

danimalrambo
Level 1
Level 1

‎04-10-2012 09:15 AM - edited ‎03-07-2019 06:03 AM

Hello,

Recently I discovered that when a switch is added to the network one of our monitoring tools that is pinging a group of servers in our datacenter detects duplicate replies to ICMP requests. I used SPAN and Wireshark to verify. I suspect this ia a Spanning Tree issue ( I use Rapid PVST+) but I do not understand how this occuring in my topology. I have 2 65Ks (no VSS) at the core of my network. 1 is Root Bridge and the Other is Secondary or failover Root Bridge. Access switches are dual honed to the 65Ks with the uplink to the secondary blocked with a higher port cost. When I reboot a switch or add one to the network I see duplicate ICMP replies inicating to me that there may be a brief loop open in my network and these frames are being forwarded out different directions. I'd appreciate any help I can get in identifying this issue. 

Cheers!

-Danimal

BTW I'm knew to the community. This is my 1st post.

Labels:
0 Helpful
2 Replies 2

Sonugnair_2
Level 1
Level 1

‎04-10-2012 10:44 AM

Hello!

1) How is the new switch connected to the network.? Is it dual homed?

2) Make sure that all switches have rapid spanning tree enabled

3) Hard code primary and seconday roots for ALL vlans. Edge switches should never be root.

4) Make sure that you have all the spanning tree enhancements in configurations(loopguard,bpduguard)

5) Make sure that you have UDLD aggressive mode configured on all fiber ports

Also, how is the CPU utilizations on both core switches? Better to check the CPU history as well

Please check "show logging". Do you find any MAC flap messages? Do you see any HSRP (if it is your FHRP) related log messages?

Regards.

0 Helpful

danimalrambo
Level 1
Level 1
In response to Sonugnair_2

‎04-11-2012 06:34 AM

1) All switches are dual honed. The connection to the secondary root is assigned a higher cost. 

2) Rapid Spanning Tree is enabled.

3) Root switch has hard coded priority 8192

4) I'm not currently using Root Guard, BPDU Guard.

5) UDLD is not enabled

CPU utilization and history is relatively low. I don't see any MAC flapping and no HSRP events have occurred.

Thanks!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card