Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
590
Views
0
Helpful
5
Replies

Network Outage

frimpsjk
Level 1
Level 1

‎05-23-2018 12:13 PM - last edited on ‎03-25-2019 04:48 PM by Community Manager

Hi,

i need help and suggestions on this issue i am having. As shown on the sketch, i have a single host server connecting to my core setup. This server has two nics with vlan 100 transiting my core with the GW on the Firewall as do all my other vlans on the core. The second vlan (50) which is non-routable does not go through my core infrastructure.

Now i want to take this server down but when the cable with vlan 100 ( which is an access port on the 7K) is removed, the whole network goes down. I see CPU spikes on the FW (Palo Alto). I reached out to Palo alto and was told it was coming from the 7k, but i do not see any spikes on the 7k.

This is scary as a i have other single hosts connected to the 7k that i need to take down.

Any clues as to what i am be experiencing ?

Labels:
Preview file
309 KB
0 Helpful
5 Replies 5

dperezoquendo
Level 1
Level 1

‎05-23-2018 01:36 PM

Hello,
I'm not entirely sure what you mean by the "whole network goes down". When you remove the Vlan 100 connection from the 7K to the server, no other devices can connect to that server? If so, that should be expected as, according to your diagram and what you've stated, this is the routable interface that other devices will use to talk to that server.
0 Helpful

frimpsjk
Level 1
Level 1
In response to dperezoquendo

‎05-24-2018 07:27 AM

Thanks for your response. So that is a layer 2 connection and when that cable is removed, all services are disrupted. All other hosts transiting the core lose connectivity.I hope this made it clear on how disruptive this issue.

0 Helpful

dperezoquendo
Level 1
Level 1
In response to frimpsjk

‎05-24-2018 08:47 AM

Hello, I'm still trying to understand of what the end goal is on removing the vlan 100 connection. Do the other hosts have another connection to that server? If not, then removing the vlan 100 connection will surely isolate that server from your core infrastructure.
If you're trying to have all the other hosts reach this server via that second connection off the 2960/vlan 50, then you need to ensure all are using vlan 50 and are on same subnet.
If you're saying that when removing the vlan 100 connection for that 1 server affects ALL others in that they can't talk to anyone else on the network, then you need to take closer look on how your routing is taking place.
0 Helpful

frimpsjk
Level 1
Level 1
In response to dperezoquendo

‎05-24-2018 12:06 PM

Yes the latter part was right. That server is on vlan 100 and it has to be decommissioned. It's just L2 with the gateway on the Firewall.  Still digging, appreciate your help!

0 Helpful

dperezoquendo
Level 1
Level 1
In response to frimpsjk

‎05-24-2018 12:39 PM

That's extremely odd. If the gateway is on the Firewalls, then removing that server should have 0 effect on other devices unless they are somehow being routed through it.

Can the other hosts reach their default gateway with that server unplugged? Try to verify the routing these devices take place and how they get to their default gateway. If you're allowing ICMP through your network, the traceroute command should be helpful. May also help to gather and compare the data with the server connected and disconnected.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card