- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Aruba & ProVision-based
- >
- Re: A lot of packet loss in Switching Infrastructu...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-21-2019 01:19 AM
тАО06-21-2019 01:19 AM
Hello HP Community,
i'm pretty new to the networking thematics in our company.
Today we've got huge problems with our switch infrastructure. Basicall this is what we have:
Ground Floor 1: JL256A (Mainswitch) + JL255A
Ground Floor 2: J9729A + J9727A
1st Floor: J9729A + J9727A
2nd Floor: J9729A + JL262A
Each Switch of one floor ist connected via fibre to the mainswitch. The second one in the specific floor is connected to the first one of that floor.
So basically I need the perfect configuration for that setup. Currently STP is disabled on all switches and because a lot of the ports of each switch gets deactivated by loop-protection, almost all port with clients, are loop-protection disabled. Also a lot of ports have trustet snmp-snooping port. Is this necessary?
On the mainswitch i see a lot of "excessive broadcast" warnings and the majority of the clients has arount 30% packet loss.
I wish i could reset all switches and configure them completely freshly. Do you have any suggestions for the ideal setup?
Best regards,
Jonas
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-23-2019 12:32 PM
тАО06-23-2019 12:32 PM
SolutionHello,
Excessive Broadcasts in a situation with disabled STP and loop protection almost certainly means you actually have a loop somewhere in your network. My first suggestion would be to read up on STP and loop-protection, and to enable both. Set your switch in the 'core' network as your root bridge (spanning-tree priority 0) and make sure all other switches run it too.
STP prevents L2 loops between your switches and is very easy to configure unless you are fine-tuning settings on a large multi-vlan network. See for example https://community.spiceworks.com/how_to/43285-how-to-set-up-stp-on-hp-switches or the official docs your switches for more details.
Loop-protect prevents loops on ports connected to clients and should be used on client ports, since STP is not intended to prevent loops on the client side. Once you have enabled it, check the switch log ('show log') to see which ports, if any, have a loop. See also https://support.hpe.com/hpsc/doc/public/display?docId=c03398959
These protocols don't usually have bugs in their basic functionality, and if loop-protect started disabling your access ports, that's a pretty good sign you actually have a loop, or several, in your network.
Hope that helps.
Justin
Working @ HPE
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-24-2019 12:59 AM
тАО06-24-2019 12:59 AM
Re: A lot of packet loss in Switching Infrastructure
Hello Justin,
thanks a lot for your reply.
I'll enable STP asap on the switches.
Here is basically what i did at the weekend:
I unplugged all client ports on the switches and gave each of them a "clean" configuration file. After that, everything was absolutely fine and worked like a charme. I plugged the client ports back in and still, everything was working. The last step was to plug in the Access Points - but still - no loops, nothing which didn't work as expected.
Now after two days, not a single warning is showing in the logs of the switches, so i'm not exactly sure what caused the huge problems. I attached the current running config and as mentioned before i'll add the STP configs.
The Link for the loop-protect is unfortunately not working, but i think this is very similar: https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c03439069
Best Regards,
Jonas
; J9729A Configuration Editor; Created on release #WB.16.08.0001
; Ver #14:01.44.08.15.9b.3f.b3.b8.ee.34.79.3c.29.eb.9f.fc.f3.ff.37.ef:09
hostname "SW-1OG-01"
module 1 type j9729a
dhcp-snooping
dhcp-snooping authorized-server 192.168.176.1
dhcp-snooping authorized-server 192.168.176.12
dhcp-snooping authorized-server 192.168.176.13
dhcp-snooping authorized-server 192.168.176.20
dhcp-snooping authorized-server 192.168.176.41
dhcp-snooping authorized-server 192.168.176.42
dhcp-snooping authorized-server 192.168.176.43
dhcp-snooping authorized-server 192.168.176.44
dhcp-snooping authorized-server 192.168.176.45
dhcp-snooping authorized-server 192.168.176.46
dhcp-snooping authorized-server 192.168.176.47
dhcp-snooping authorized-server 192.168.176.48
dhcp-snooping authorized-server 192.168.190.1
dhcp-snooping vlan 1-3
no dhcp-snooping option 82
timesync ntp
ntp unicast
ntp server 192.168.176.12 iburst
ntp server 194.25.134.196
ntp enable
no telnet-server
time daylight-time-rule western-europe
time timezone 60
web-management ssl
ip authorized-managers 192.168.176.0 255.255.255.0 access manager
ip authorized-managers 10.11.12.1 255.255.255.0 access manager
ip default-gateway 192.168.176.1
interface 1
dhcp-snooping trust
name "AP - 1. OG Grossraumbuero"
exit
interface 2
dhcp-snooping trust
name "AP - 1. OG Buero Admin"
exit
interface 42
name "araNas02 - Port 1"
exit
interface 43
name "Drucker - 1. OG Grossraumbuero"
exit
interface 44
name "araNas02 - Port 2"
exit
interface 45
dhcp-snooping trust
name "Uplink SW-EG-01"
exit
interface 46
dhcp-snooping trust
name "Uplink SW-1OG-02"
exit
interface 47
dhcp-snooping trust
exit
snmp-server community "xxxx" unrestricted
snmp-server host 192.168.176.16 community "xxxx" trap-level critical
snmp-server contact "IT" location "1OG"
vlan 1
name "LAN"
untagged 1-48
ip address 192.168.176.35 255.255.255.0
exit
vlan 2
name "Gast"
tagged 1-2,45-48
no ip address
exit
no tftp server
no autorun
no dhcp config-file-update
no dhcp image-file-update
password manager
password operator
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-26-2019 07:03 AM
тАО06-26-2019 07:03 AM
Re: A lot of packet loss in Switching Infrastructure
Hello Jonas,
Nice to hear it seems to run better now. Keep in mind that you might need to enable the fault-finder feature on some ProCurve/ArubaOS switches if the devices were factory reset (command like: fault-finder all) to see messages such as Excessive Broadcasts in the logs.
The article about loop-protect is accurate, you can configure that on all access ports where clients are connected. It's also a good idea to look into Spanning-tree's BPDU-Filtering or Protection features for your access ports. BPDU Filtering drops BPDUs on the configured ports and prevents end-users plugging in switches and unauthorized devices running STP from causing topology changes and disrupting your production topology.
See also https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c02597328
Justin
Working @ HPE