Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1224
Views
0
Helpful
5
Replies

MAC/HOST Flapping crashing entire network

ZachOtt98645
Level 1
Level 1

‎04-07-2020 10:25 AM

In my environment we have a 4500X as a core switch and 3650's as our distribution/access switches. There are approximately 30 switches total on the campus network. These switches are all in several "loops" that provide failover via STP. Most of these loops have a trunk link connecting the floors to each other and then the top and bottom floors connect to the core.

 

Every so often we have had issues where a flood of MAC Flap errors and Host Flap errors will overload the processors of several switches, which will eventually cascade back to the core and take it down as well. The last time this occurred we isolated it to a small Netgear switch that was installed to provide an additional port for a printer. Our access ports have portfast enabled and we are using RSTP.

 

We've been in conversations with Cisco TAC for a while, and they have suggested enabling the storm protection feature for broadcast and multicast traffic. We are beginning to implement this now, but I was curious as to if anyone on this fine forum had encountered any issues like this before and how they solved them.

 

As a temporary fix we have disabled all redundant links in our network and that has temporarily kept us running. Unfortunately, we are a 24/7/365 healthcare facility and cannot shut down the network for testing and troubleshooting.

Labels:
0 Helpful
5 Replies 5

Reza Sharifi
Hall of Fame
Hall of Fame

‎04-07-2020 11:01 AM - edited ‎04-07-2020 11:02 AM

Limiting broadcast and multicast per port will defiantly help in lowering the amount of recurrence. Just be careful not to lower the amount too much if you have a lot of audio/video calls happening during the business hours. I recommend you test it with a few users before deploying it company wide. In addition, you may want to look at redesigning the network by converting the 4500x to VSS or user VRRP/HSRP on the core and uplink all access switches to the 4500s only and not daisy chain them together.

HTH

0 Helpful

ZachOtt98645
Level 1
Level 1
In response to Reza Sharifi

‎04-07-2020 11:08 AM

The 4500 is already using VSS, we have 2 chassis running as one unit.

0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to ZachOtt98645

‎04-07-2020 11:20 AM

Perfect. So, the next step is to look at the cabling plan and see if it is possible to connect all access switches to the VSS set (both chassis).

HTH

0 Helpful

ZachOtt98645
Level 1
Level 1
In response to Reza Sharifi

‎04-07-2020 11:24 AM

In our current configuration each end of the loops are load balanced between the two chassis.

0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to ZachOtt98645

‎04-07-2020 11:38 AM

Got it but can each switch directly connect to both core switches?   

If it is not possible due to cabling issues, than the storm control should still help.

HTH

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card