07-01-2015 04:26 AM - edited 03-08-2019 12:47 AM
Hello! I have a weird issue that's confusing me and was hoping that someone might have an idea why. First off, my network is currently a melting pot of unmanaged switches (Mostly Netgear and 3Com) and a couple of managed switches that have the default configuration set (everything is on the default vlan 1). I'm in the process of installing all new Cisco SG500-52P switches in the closets and SG300-10PP switches at couple of areas where there are several workstations and VoIP phones where running more cables to is almost impossible (like service desk areas). I have yet to bring the 52Ps online, however, yesterday I installed one of the 10PPs and everything worked fine while I was there. After about an hour, I got a call that everyone at that desk was down. I could no longer ping the switch nor could I ping any of the workstations on the 10PP switch. When I got down there I tried pinging several different things on our network. I could ping somethings and others failed. I restarted the switch and everything worked for a couple of hours and then it went down again. I feel like one of the older managed switches is causing the issue, but I'm not for sure. Does anyone else have any ideas as to what might be causing this?
07-01-2015 07:01 AM
Hi Nathan,
I’d start with the SG300-10PP as issues started after this was installed and check via the web interface
Under Status and Statistics;
What is the new SG300-10PP providing? Simple LAN extension or central uplinks to WAN?
With all in vlan 1 depending how big the LAN is could result in a large broadcast domain and a lot of broadcast traffic. I’ve seen a similar issue in the past where a specific port would error disable due to exceeding the broadcast storm control threshold.
Do you have any Storm control set on the ports? (Under Security > Storm Control)
07-01-2015 07:47 AM
Thanks for the reply Davies! I had already checked for collisions and errors like you suggested and ound none. I DID find that the switch port on the SG300-10PP that is the uplink to the main switch in the closet was showing a "locked" status under Security-Port Security. So I unchecked the "locked" checkbox and set the max number of addresses allowed to 256 (which is the max it will allow), and it immediately came back online and things started working (without rebooting the switch). I'm not really sure how that got "locked", but It's been up and running for about three hours now. I'll keep an eye on it.
07-01-2015 09:30 AM
That sounds promising!
All device MAC addresses passing through this uplink port will increment the port security MAC counter. This will probably exceed 256 in time if different users/devices are onsite
On an access switch I would only have port security on the access ports and not the uplink trunks(or in this case vlan 1 access port)
I appreciate this may not be possible if access ports are provided by unmanaged 3com and netgear switches (not sure functionality available on these devices)
Port security can be disabled under - Port Management > Port Settings > Uncheck Protected Port
Or another option that would be more secure if all the devices are known - port security with static MACs - although you would need to complete for all devices.
Guide by Tom Watts;
https://supportforums.cisco.com/document/116256/how-configure-static-mac-port-security-sx300
07-02-2015 04:12 AM
The weird thing is that all the ports already have the "protected port" checkbox unchecked. I put another one of the SG300-10PPs in place late yesterday evening at another one of our stores, but it's uplink went to one of the few managed switches on the network. Needless to say, it's not had any issues as of yet. Hopefully I will have everything ready and in place to switch over to the new switches by next weekend and this won't be an issue any longer. Thanks for your help!
07-02-2015 04:40 AM
Hi Nathan, can you provide a Physical Network Diagram? (maybe a small one, or just of the area of the problem) Also tell us please which pingtests you performed and which failed?
Due to have some (melting pot like) unmanaged switches, did you check about loops/STP? (maybe a loop which is building up really slowly and then makes everything stops working...
What Protocols are running in your Network?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide