HPE Community
HPE Aruba Networking & ProVision-based
1819681 Members
3721 Online
109605 Solutions
New Discussion юеВ

PREVENT NETWORK LOOP ON SWITCH

 
Slimer11
New Member

тАО03-19-2013 12:28 AM

тАО03-19-2013 12:28 AM

PREVENT NETWORK LOOP ON SWITCH

A loop on the network frequently occured. The caused of this is usually when an end user accidentally connects a copper cable both ends to the port of the switch. How do we address this? Is there a way that when the switch identify this connection it will autmotically shut down the ports. Model is Procurve HP 1700 and other 2600 model switches.

 

Thanks.  

0 Kudos
13 REPLIES 13
Chrisd131313
Trusted Contributor

тАО03-19-2013 01:03 AM - edited тАО03-19-2013 01:08 AM

тАО03-19-2013 01:03 AM - edited тАО03-19-2013 01:08 AM

Re: PREVENT NETWORK LOOP ON SWITCH

Hi Slimer11,

 

There are two parts to this one. First off, are you running spanning-tree in your environment? Also do you know if your switches support loop-protect?

 

Normally I would setup spanning-tree and make use of bpdu-protection on all device ports (all ports end user devices attach to) and also enable "loop-protect <1-48> receiver-action send-disable."

 

Utilising bpdu-protection with spanning-tree will disable the port if it receives a spanning-tree bpdu packet on it, i.e. someone has created a loop between two spanning-tre enabled switches. If you have unmanaged switches, or you don't have spanning-tree enabled then HP have developed loop-protect. This protocol sends out loop-protect packets in scheduled intervals (every 5secs I believe) and if the switch receives this packet back it disables the port to stop a broadcast storm from occuring. There are other options like timer delays so you can automatically re-enable the disabled port, but to be honest I would always go down the path of completely disabling the port until the problem is fixed.

 

HTH

-----------------------------------------------------

Don't forget to mark a post resolved if your question was answered.
0 Kudos
paulgear
Esteemed Contributor

тАО03-19-2013 01:10 AM

тАО03-19-2013 01:10 AM

Re: PREVENT NETWORK LOOP ON SWITCH

Note that 1700 series switches are unmanaged, and there isn't really anything you can do except turn on BPDU protection or loop protection on the upstream switch.

Regards,
Paul
Matcol
Frequent Advisor

тАО03-19-2013 05:27 PM

тАО03-19-2013 05:27 PM

Re: PREVENT NETWORK LOOP ON SWITCH

as advised above, enable spanning tree on your managed switches, and then on each uplink port that you have an unmanaged switch on, configure a broadcast limit of about 10%:

eg,

int 12 broadcast-limit 10

 

Maybe more than 10, depending on the speed of the link, but genuine broadcasts should add up to less than 50Kb/s per 10 devices, I think.

0 Kudos
paulgear
Esteemed Contributor

тАО03-19-2013 06:22 PM

тАО03-19-2013 06:22 PM

Re: PREVENT NETWORK LOOP ON SWITCH

Hi Matcol,

 

I have found that broadcast limits are not enough to make a substantial difference.  In a campus network of about 70 switches, i had all access ports set to 1 percent broadcast limit, and this still didn't prevent broadcast storms from taking out the network.  Locking down all the access ports to use BPDU protection is the only effective measure, in my experience.

Regards,
Paul
Matcol
Frequent Advisor

тАО03-20-2013 05:23 PM

тАО03-20-2013 05:23 PM

Re: PREVENT NETWORK LOOP ON SWITCH

I was thinking that if you have limited the broadcast traffic from a "looped" unmanaged switch to 10Mb, then at least the managed switch upstream of it is only dealing with that amount of traffic, rather than the full 100Mb?

 

0 Kudos
Matcol
Frequent Advisor

тАО03-20-2013 05:25 PM

тАО03-20-2013 05:25 PM

Re: PREVENT NETWORK LOOP ON SWITCH

...or does the managed switch see its own BPDU when the unmanaged switch is looped? I suppose it should.

0 Kudos
Chrisd131313
Trusted Contributor

тАО03-21-2013 12:51 AM

тАО03-21-2013 12:51 AM

Re: PREVENT NETWORK LOOP ON SWITCH

Hi Matcol,

 

It depends if the unmanaged switch drops BPDU packets or not, if it does then its not going to see the BPDUs and you are going to get your storm, it's this exact scenario when loop-protect comes in to play.

-----------------------------------------------------

Don't forget to mark a post resolved if your question was answered.
0 Kudos
Davy Priem
Regular Advisor

тАО03-22-2013 12:59 PM

тАО03-22-2013 12:59 PM

Re: PREVENT NETWORK LOOP ON SWITCH

You can also disable autosensing on the switch access ports. You normally use straight cables to connect pc's to the network and when someone makes a loop on the switch with a straigh cable, your network won't be affected.

0 Kudos
paulgear
Esteemed Contributor

тАО03-25-2013 01:18 PM

тАО03-25-2013 01:18 PM

Re: PREVENT NETWORK LOOP ON SWITCH

Hi Chris,

 

Which models of unmanaged switch have you seen drop spanning tree BPDUs?  I have not yet found any unmanaged switch which does this.

Regards,
Paul
0 Kudos
Chrisd131313
Trusted Contributor

тАО03-26-2013 09:45 AM

тАО03-26-2013 09:45 AM

Re: PREVENT NETWORK LOOP ON SWITCH

Hey Paul,

 

Personally I have not come across any myself, but based on HPs documentation this seems to be something that can occur...

 

Spanning tree cannot detect the formation of loops where there is an unmanaged device on the network that does not process spanning tree packets and simply drops them. Loop protection has no such limitation, and can be used to prevent
loops on unmanaged switches.

 

Maybe I am interpreting the passage incorrectly, if so please ignore my previous comment and set me straight! :)

-----------------------------------------------------

Don't forget to mark a post resolved if your question was answered.
0 Kudos
paulgear
Esteemed Contributor

тАО03-26-2013 10:41 AM

тАО03-26-2013 10:41 AM

Re: PREVENT NETWORK LOOP ON SWITCH

Hi Chris,

I agree 100%; i've just never seen an unmanaged switch that dropped BPDUs and was curious which ones they were (so i can avoid them). :-)
Regards,
Paul
0 Kudos
kalyan333
New Member

тАО02-03-2015 05:54 PM

тАО02-03-2015 05:54 PM

Re: PREVENT NETWORK LOOP ON SWITCH

 hi 

    i have hp 1900 series switches 

 

       i  have faced a problem while looping these switches in netwrok. these two switches having vlan1(1-9 and 19-28 untagged) and vlan2(10-18 untagged and 19-28 tagged).

 

switch A ---25 port --- ofc connected to location P

switch B ---25 port ----ofc connected to location Q

P and Q are inter connected to somewhere in network(3com switches).

 

my problem is iam connecting a loop cable(straight cable) to switch A and Switch B on 24 port one both switches ...then entire n/w goes down...i mean packets drop....

 

please tell me solutions immediatly... 

 

0 Kudos
Razt
New Member

тАО09-17-2015 08:12 AM

тАО09-17-2015 08:12 AM

Re: PREVENT NETWORK LOOP ON SWITCH

Hi guys,

Yes everything people have said is correct however that still doesn't stop anyone from reoming or inserting a cable at the data socket end. There is another alternative called NetLoc,

 

www.netloc.co.uk

 

I saw this product and ive managed to get hold of some. it's pretty nifty little gadet and does exaclty what is says on the tin!!

you might want to check it out as it's a great deterrent and works beautifully in my school and a warehouse i look after as it also stops damage and saved me a shed load of money as i don;t need to upgrade my unmanaged switches now to get the beneift of STP.

 

cheers


Raz

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.