Slow or unresponsive management interface SG220-50P

jlea · ‎04-04-2018

So I have an issue that's causing me to pull my hair out.

Switching functionality seems to be working great, but during business hours I have 2 switches that both have extremely slow or often times completely unresponsive web UI and SSH mgmt. Troubleshooting steps thusfar:

Changed IP in case of conflict - no change

Reboot does not help

Upgraded firmware - no change

Inspected traffic load - not high

CPU utilization doesn't seem high either

Memory - plenty free

RMON - no errors, collisions, etc. Nothing showing wrong

STP stats look fine - no excessive topology changes

Syslogs show routine interface ups and downs, nothing abnormal for the clients coming and going

I enabled SSH as I though perhaps that would help, but no.

Pings are fine, no issues pinging the devices even when mgmt interface wont load

Tried in Firefox, Chrome, Edge, and IE - and of course SSH via PuTTY

Everything on the switches is seemingly normal, yet both switches have this issue.

BPDU guard on edge ports enabled in case unmanaged switches were causing problems, no help.

Am I missing something? Could it be an iOS bug on BOTH switches? It sure seems environmental, but the environment looks fine. :(

Diana Karolina Rojas · ‎04-04-2018

Hi Jlea!

What are the IOS versions for your equipment? Which is the administrative VLAN?

Regards,

jlea · ‎04-04-2018

SG220-50P switches, Version 1.1.4.1, release software

BOOTLDR: Sx220 Boot Loader Version 1.0.0.6, Release software

Compiled Jan24, 2014

Administrative VLAN is default/1

Thanks :)

Diana Karolina Rojas · ‎04-04-2018

Are all your network devices in the same vlan? Is it possible you can move the management interface for these switches to another VLAN? just for testing.

-----Do not forget to rate useful post-----

Regards,

jlea · ‎04-04-2018

I can try that this evening when I regain access to the switches.

I forgot to add that I've done a packet capture and what I can see if a lot of TCP retransmits.

When I go to the IP of the switch, it consistently provides the blue background, but never loads the frames for logging in. When I SSH I often times get timed out and connections closes.

Diana Karolina Rojas · ‎04-04-2018

If all your network devices are in the VLAN 1 and have the administrative vlan also en VLAN 1 you maybe have a lot of broadcast in your network and maybe this is the problem. That is because I recommend you to test with another VLAN.

----Please remember to rate and/or mark the useful answers, it motivates us in the community-----

Regards,

jlea · ‎04-04-2018

Ok, I'll try it. I did a packet capture on the interface that connects the switch to the firewall and filtered out packets with the destination of the network's broadcast address and it does not look like much at all. Unless this is not a reliable source of seeing broadcasts. Also with previous high broadcast situations I've experienced latency issues on the local network, often times crippling them. For this instance the only traffic effected seems to be management traffic. Which to me is strange.

Georg Pauwen · ‎04-04-2018

Hello,

are you using (the default) Vlan 1 for management ? You could try to use a Loopback for management and see if that makes a difference (page 227 of the attached user guide)...

https://www.cisco.com/c/dam/en/us/td/docs/switches/lan/csbss/sf20x_sg20x/administration_guide/Cisco_200Sx_v1_4_AG.pdf