Aruba & ProVision-based
1747984 Members
4725 Online
108756 Solutions
New Discussion юеВ

Re: PREVENT NETWORK LOOP ON SWITCH

 
Slimer11
New Member

PREVENT NETWORK LOOP ON SWITCH

A loop on the network frequently occured. The caused of this is usually when an end user accidentally connects a copper cable both ends to the port of the switch. How do we address this? Is there a way that when the switch identify this connection it will autmotically shut down the ports. Model is Procurve HP 1700 and other 2600 model switches.

 

Thanks.  

13 REPLIES 13
Chrisd131313
Trusted Contributor

Re: PREVENT NETWORK LOOP ON SWITCH

Hi Slimer11,

 

There are two parts to this one. First off, are you running spanning-tree in your environment? Also do you know if your switches support loop-protect?

 

Normally I would setup spanning-tree and make use of bpdu-protection on all device ports (all ports end user devices attach to) and also enable "loop-protect <1-48> receiver-action send-disable."

 

Utilising bpdu-protection with spanning-tree will disable the port if it receives a spanning-tree bpdu packet on it, i.e. someone has created a loop between two spanning-tre enabled switches. If you have unmanaged switches, or you don't have spanning-tree enabled then HP have developed loop-protect. This protocol sends out loop-protect packets in scheduled intervals (every 5secs I believe) and if the switch receives this packet back it disables the port to stop a broadcast storm from occuring. There are other options like timer delays so you can automatically re-enable the disabled port, but to be honest I would always go down the path of completely disabling the port until the problem is fixed.

 

HTH

-----------------------------------------------------

Don't forget to mark a post resolved if your question was answered.
paulgear
Esteemed Contributor

Re: PREVENT NETWORK LOOP ON SWITCH

Note that 1700 series switches are unmanaged, and there isn't really anything you can do except turn on BPDU protection or loop protection on the upstream switch.

Regards,
Paul
Matcol
Frequent Advisor

Re: PREVENT NETWORK LOOP ON SWITCH

as advised above, enable spanning tree on your managed switches, and then on each uplink port that you have an unmanaged switch on, configure a broadcast limit of about 10%:

eg,

int 12 broadcast-limit 10

 

Maybe more than 10, depending on the speed of the link, but genuine broadcasts should add up to less than 50Kb/s per 10 devices, I think.

paulgear
Esteemed Contributor

Re: PREVENT NETWORK LOOP ON SWITCH

Hi Matcol,

 

I have found that broadcast limits are not enough to make a substantial difference.  In a campus network of about 70 switches, i had all access ports set to 1 percent broadcast limit, and this still didn't prevent broadcast storms from taking out the network.  Locking down all the access ports to use BPDU protection is the only effective measure, in my experience.

Regards,
Paul
Matcol
Frequent Advisor

Re: PREVENT NETWORK LOOP ON SWITCH

I was thinking that if you have limited the broadcast traffic from a "looped" unmanaged switch to 10Mb, then at least the managed switch upstream of it is only dealing with that amount of traffic, rather than the full 100Mb?

 

Matcol
Frequent Advisor

Re: PREVENT NETWORK LOOP ON SWITCH

...or does the managed switch see its own BPDU when the unmanaged switch is looped? I suppose it should.

Chrisd131313
Trusted Contributor

Re: PREVENT NETWORK LOOP ON SWITCH

Hi Matcol,

 

It depends if the unmanaged switch drops BPDU packets or not, if it does then its not going to see the BPDUs and you are going to get your storm, it's this exact scenario when loop-protect comes in to play.

-----------------------------------------------------

Don't forget to mark a post resolved if your question was answered.
Davy Priem
Regular Advisor

Re: PREVENT NETWORK LOOP ON SWITCH

You can also disable autosensing on the switch access ports. You normally use straight cables to connect pc's to the network and when someone makes a loop on the switch with a straigh cable, your network won't be affected.

paulgear
Esteemed Contributor

Re: PREVENT NETWORK LOOP ON SWITCH

Hi Chris,

 

Which models of unmanaged switch have you seen drop spanning tree BPDUs?  I have not yet found any unmanaged switch which does this.

Regards,
Paul