Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1103
Views
1
Helpful
4
Replies

Strange issue with LACP took down entire VLAN

johnsmunoz
Level 1
Level 1

‎08-25-2023 07:20 AM - edited ‎08-25-2023 07:28 AM

WS-C3850-48T Version 16.12.08 

I setup a port channel for a Mac Pro with two NICs

interface Port-channel1
switchport access vlan 100
switchport mode access
!

interface GigabitEthernet1/0/13
switchport access vlan 100
switchport mode access
channel-group 1 mode active
!
interface GigabitEthernet1/0/14
switchport access vlan 100
switchport mode access
channel-group 1 mode active

My coworker setup the LAG on the Mac and plugged it in to 13 and 14 but couldn't get the port channel to come up. Summary was showing the ports were suspended.  

1 Po1(SD) LACP Gi1/0/13(s) Gi1/0/14(s)

My coworker moved into ports 15 and 16 just to see if those would come online.  I was on the switch console at the time and began seeing a flood of messages:

*Aug 25 01:58:37.392: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/13, changed state to down
*Aug 25 01:58:40.039: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/15, changed state to up
*Aug 25 01:58:40.297: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/14, changed state to down
*Aug 25 01:58:41.039: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/15, changed state to up
*Aug 25 01:58:42.973: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/16, changed state to up
*Aug 25 01:58:43.974: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/16, changed state to up
*Aug 25 01:58:57.030: %SW_MATM-4-MACFLAP_NOTIF: Host 003e.e1ca.e4fe in vlan 100 is flapping between port Gi1/0/16 and port Gi1/0/15
*Aug 25 01:59:08.382: %SW_MATM-4-MACFLAP_NOTIF: Host 001b.667a.d8ed in vlan 100 is flapping between port Gi1/0/16 and port Te1/1/4
.

.

.
*Aug 25 01:59:10.468: %SW_MATM-4-MACFLAP_NOTIF: Host 1866.da4c.1bae in vlan 100 is flapping between port Gi1/0/16 and port Gi1/0/2
*Aug 25 01:59:10.500: %SW_MATM-4-MACFLAP_NOTIF: Host 003e.e1ca.e4fe in vlan 100 is flapping between port Gi1/0/16 and port Gi1/0/15
*Aug 25 01:59:10.565: %SW_MATM-4-MACFLAP_NOTIF: Host a08c.fd16.6d47 in vlan 100 is flapping between port Gi1/0/16 and port Te1/1/4
*Aug 25 01:59:10.574: %SW_MATM-4-MACFLAP_NOTIF: Host ec8e.b5bc.9a9a in vlan 100 is flapping between port Gi1/0/16 and port Te1/1/4
*Aug 25 01:59:13.525: %PLATFORM_MATM-4-QUEUE_OVERLIMIT: MATM dropped learn cache batch messages as queue limit has reached.

Te1/1/4 is an uplink to our core. 

I also noticed that my Remote Desktop to the console computer died.  I unplugged 15 and 16 and everything came back to life.  Fixed the client LAG, connected to 13/14 and everything was fine.

I however began getting messages from the monitoring systems of alerts that devices were suddenly unreachable.  The monitoring system and devices begin reported were not even a physical part of the switch we were working on. Just on the same VLAN.

I'm not 100% sure if the client ports were running as standard ethernet ports or LAG ports but I'm more curious of how this configuration could have disrupted the entire VLAN and how can I prevent this from accidentally or intentionally happening again.  

Labels:
0 Helpful
4 Replies 4

Elliot Dierksen
VIP
VIP

‎08-25-2023 09:02 AM

The port up/down generated a spanning tree topology change. That could have caused reachability issues to other devices in the same VLAN.

0 Helpful

DanielP211
VIP Alumni
VIP Alumni

‎08-25-2023 11:09 AM

Hello!

So the problem seems to be that your coworker created a L2 loop, which caused the whole network to go down.
The problem was that the ports 15 and 16 are not configured as LAG, and the device on the other hand is so an L2 loop was created whicn caused MAC flooding. 

BR

****Kindly rate all useful posts*****

johnsmunoz
Level 1
Level 1
In response to DanielP211

‎08-26-2023 08:29 AM

I was guessing this might have been happening.  With my limited undemanding of STP, I thought L2 loops would be prevented. I suppose I don't have STP configured properly.  Any guidance on where I can find some documentation on what I might need to start working on?

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame

‎08-25-2023 08:11 PM

@johnsmunoz wrote:

 

My coworker setup the LAG on the Mac and plugged it in to 13 and 14 but couldn't get the port channel to come up. Summary was showing the ports were suspended.  

Do this safely:  Pick any VLAN that is not allowed.  Let's say, VLAN 8.  Configure the etherchannel to only allow VLAN 8 (remove any other VLANs).  

Connect the links to the MBP.  When the links go up, the etherchannel goes into "suspended" state.  But it will also specify WHY the ports are in "suspended" state.  I suspect the MBP is either not configured for LAG or is using a different etherchannel flavour.

0 Helpful
Customers Also Viewed These Support Documents