Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1272
Views
0
Helpful
6
Replies

using cat93k to split wan connection and getting high packet loss

nflnetwork
Level 1
Level 1

‎05-03-2020 12:07 PM

hi we are splitting an ISP wan connection into a firewall and using 3 ports on the cisco cat93k .

ports 46,47,48

i have the 3 ports in access mode on vlan 100

spanning tree portfast

unfortunately the wan connection is not usable. seeing large packet loss.

if i move these 3 connections into a $100 netgear switch it works flawlessly.

what am i missing on the cisco?

 

we are doing this because the firewall is 2 units in HA mode and i needed to split the WAN connection . Pretty standard .

Labels:
0 Helpful
6 Replies 6

balaji.bandi
Hall of Fame
Hall of Fame

‎05-03-2020 01:55 PM

We need more information, where the packet Loss occuring. while leaving the Switch or FW ?

 

Can you provide configuration and example here ? along with your FW connection, what FW is this ?

 

as per my understanding here, switch is only Layer 2 simple access VLAN forwarding the Traffic to FW to take decision to split between ISP i guess here.

 

i only see here there may be some speed negotiation between Switch and FW or some missing config here.

 

wait for your inputs to understand more better.

 

BB

=====Preenayamo Vasudevam=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

nflnetwork
Level 1
Level 1
In response to balaji.bandi

‎05-03-2020 01:59 PM

We need more information, where the packet Loss occuring. while leaving the Switch or FW ?
i am pinging the wan IP address, packet loss is on traffic coming in

Can you provide configuration and example here ? along with your FW connection, what FW is this ?
fortigate 200, cisco is only being used as a splitter


as per my understanding here, switch is only Layer 2 simple access VLAN forwarding the Traffic to FW to take decision to split between ISP i guess here.

correct

i only see here there may be some speed negotiation between Switch and FW or some missing config here.

everything is set to auto

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to nflnetwork

‎05-03-2020 02:10 PM

i am pinging the wan IP address, packet loss is on traffic coming in

 

BB - WAN IP outside Fortigate (internet ) or is this IP configured on fotigate ?

 

can show output of packet loss ? - Fortigate is HA Mode right ? HA need Sync Link - how is HA connection ? what VLAN is this ?

 

BB

=====Preenayamo Vasudevam=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

nflnetwork
Level 1
Level 1
In response to balaji.bandi

‎05-03-2020 02:19 PM

WAN interface on the firewall.
0 Helpful

nflnetwork
Level 1
Level 1
In response to balaji.bandi

‎05-03-2020 02:21 PM

i see this in the logs

*May 3 21:19:05.809: %SW_MATM-4-MACFLAP_NOTIF: Host 0009.0f09.0002 in vlan 97 is flapping between port Te4/0/46 and port Te4/0/47
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to nflnetwork

‎05-03-2020 02:42 PM

We only know Limited information as of now, as per your message you have only VLAN 100, now we see VLAN 97.

 

( I  advise you to post the Switch configuration)

 

*May 3 21:19:05.809: %SW_MATM-4-MACFLAP_NOTIF: Host 0009.0f09.0002 in vlan 97 is flapping between port Te4/0/46 and port Te4/0/47

 

Some recomendation to fix the issue :

 

1. find out that MAC Address belong to what device ?

2. Make sure you seperate the HA SYNC  Links Data VLAN for best practive.

 

BB

=====Preenayamo Vasudevam=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents