Re: Ping drop

grapevine · ‎06-25-2026

We have a stack of three Cisco IE switches with no other switches connected to the stack.

There are two Palo Alto firewalls connected to the stack using LACP EtherChannels:

FW1 is connected to SW1 and SW3 as an LACP Port-Channel.
FW2 is connected to SW2 and SW3 as an LACP Port-Channel.

During testing:

Removing SW1 from the stack when active results in only one ping drop.
Removing SW2 from the stack when active also results in one ping drop.
However, removing SW3 causes more than 20 consecutive ping drops.

While investigating, I noticed Spanning Tree topology changes occurring when SW3 is removed.

Since there are no downstream switches connected to the stack, I'm trying to understand why only the removal of SW3 triggers multiple topology changes and extended packet loss, whereas removing SW1 or SW2 does not.

Has anyone encountered this behavior before or have any ideas on what could be causing it? Any suggestions on what to check would be appreciated.

mloraditch · ‎06-25-2026

Do the Palo Alto logs show anything different between when SW3 is removed vs SW1 or SW2? Based on your topology, removing SW3 kills a link on both PAs at once. I suspect something is renegotiating in that instance that doesn't happen when you just pull SW1 or SW2.

If you found this post helpful, please give it a thumbs up. If my answer solves your problem please click Accept as Solution so others can benefit from it.

Joseph W. Doherty · ‎06-25-2026

Is SW3 the active master?

Is your stack also configured not to change the stack's MAC if there is a stack master failure?

BTW, it's often helpful if you identify the specific switch models and the IOS version being used.