Geekzone: technology news, blogs, forums
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.

135 posts

Master Geek

# 177107 22-Jul-2015 17:09
Send private message


I'm starting to think this is a bug, or some physical issue. There are 8 Cisco 2960SC 8 port switches as edge POE switches for phones.

7 of them are working fine, 1 is not.

The core switch stack is the STP root for all VLANs, but this one edge unit is not receiving any BPDUs for any of its VLANs except VLAN 1. The upstream switch is sending BPDUs. Entire network is running PVST and the configuration is consistent across all of the 8 2960SCs.

VTP is running, and is also consistent throughout. Native VLAN is 1 everywhere.

No pruning, all of the requisite VLANs are allowed on anything that should be trunking. Also not a priority issue, nor is there any BPDU filtering or ACLs anywhere.


Create new topic
281 posts

Ultimate Geek

  # 1350181 23-Jul-2015 08:49
Send private message

It's been almost 4 years since I left my networking job so this advice is a bit...rusty - but there aren't any bpdu guards on any of the ports? Also the vlans are active in the vlan DB on all switches (VTP should take care of that if i remember correctly...but best check anyway)? You sound like you know whats up so you've probably checked that.

I'd swap out this dodgy switch with one of the working ones to see if it's the switch or the trunk to the core switch.

135 posts

Master Geek

  # 1350186 23-Jul-2015 08:54
Send private message

Thanks mate, no bpdu filtering or guards anywhere. Yeah, that was the next move. Replace that one out and see what the story is...



456 posts

Ultimate Geek

  # 1350220 23-Jul-2015 09:43
Send private message

Sounds like a VTP issue on that switch with the vlan's not being present on the switch other than Vlan1 which is setup by default.

Have you checked the software versions on the switches?

135 posts

Master Geek

  # 1350226 23-Jul-2015 09:53
Send private message

Yes, VTP is consistent right through the network. All running version 2. All Vlans are present on all switches. The faulty one thinks it is the root for all Vlans except Vlan 1 because it's only receiving BPDUs for Vlan 1. There are different IOS versions around as there are different model switches (all Cisco), but I would have thought that shouldn't matter.

456 posts

Ultimate Geek

  # 1350256 23-Jul-2015 10:37
Send private message

What does the spanning tree status show on the core switch for the port that links to the naughty switch?

Can you port mirror the uplink port on the naughty access switch and use wireshark to capture the traffic, disconnect the uplink, confirm the spanning tree status is okay on the core then reconnect it and see what traffic you get? Repeat on the core switch mirroring the downlink to the naughty switch.


I fix stuff!
1758 posts

Uber Geek


  # 1350267 23-Jul-2015 10:50
Send private message

Check you are running the correct spanning tree version. Some spanning-tree literations don't support spanning-tree per vlan. (STP for eample)

You want to be running PVST on all switches to support spanning-tree per vlan.

135 posts

Master Geek

  # 1350270 23-Jul-2015 10:52
Send private message

There is a distribution layer between the core and edge. The bad switches upstream switch is sending BPDUs but they are not being received, except for Vlan 1. Wiresharking is a good idea, but I'll have to go out to the site


135 posts

Master Geek

  # 1350271 23-Jul-2015 10:53
Send private message

Yes, PVST is running everywhere.

135 posts

Master Geek

  # 1351172 24-Jul-2015 14:07
Send private message

So I go out to the site and replace the "faulty" switch with one exactly the same, paste in the config and bam........

Same result.

So go, OK, must be the upstream unit that's got something amiss. Go to the cabinet where that resides and find a blimmin 3Com switch in between the edge and distro switches. Passes CDP traffic so you think the Ciscos are directly connected, but does not support per Vlan STP. It's just sitting on Vlan 1 and that is the only traffic that is moving through it. Apparently they had had some re-cabling recently and the electrician had mis-patched it back up with uplinks through the 3Com instead of Cisco to Cisco.

I guess there's a lesson here somewhere.


256 posts

Ultimate Geek

  # 1351212 24-Jul-2015 15:43
Send private message

tatbaird: I guess there's a lesson here somewhere.

Yep, not all Electricians understand Networking, just like how not all Network Engineers understand Electricity.

135 posts

Master Geek

  # 1351214 24-Jul-2015 15:46
One person supports this post
Send private message

I was thinking more of a lesson for myself, but thanks for contributing.

Create new topic

Twitter and LinkedIn »

Follow us to receive Twitter updates when new discussions are posted in our forums:

Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:

Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:

News »

New AI legaltech product launched in New Zealand
Posted 21-Aug-2019 17:01

Yubico launches first Lightning-compatible security key, the YubiKey 5Ci
Posted 21-Aug-2019 16:46

Disney+ streaming service confirmed launch in New Zealand
Posted 20-Aug-2019 09:29

Industry plan could create a billion dollar interactive games sector
Posted 19-Aug-2019 20:41

Personal cyber insurance a New Zealand first
Posted 19-Aug-2019 20:26

University of Waikato launches space for esports
Posted 19-Aug-2019 20:20

D-Link ANZ expands mydlink ecosystem with new mydlink Mini Wi-Fi Smart Plug
Posted 19-Aug-2019 20:14

Kiwi workers still falling victim to old cyber tricks
Posted 12-Aug-2019 20:47

Lightning Lab GovTech launches 2019 programme
Posted 12-Aug-2019 20:41

Epson launches portable laser projector
Posted 12-Aug-2019 20:27

Huawei launches new distributed HarmonyOS
Posted 12-Aug-2019 20:20

Lenovo introduces single-socket servers for edge and data-intensive workloads
Posted 9-Aug-2019 21:26

The Document Foundation announces LibreOffice 6.3
Posted 9-Aug-2019 16:57

Symantec sell enterprise security assets for US$ 10.7 billion to Broadcom
Posted 9-Aug-2019 16:43

Artificial tongue can distinguish whisky and identify counterfeits
Posted 8-Aug-2019 20:20

Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.