3550 drops IPX connection.

Discussion in 'Cisco' started by Andy Lawson, Apr 23, 2004.

  1. Andy Lawson

    Andy Lawson Guest

    Hi all,

    I have a very strange problem with a Cisco Catalyst 3550 which seems to
    stop forwarding IPX routes to one of the Netware servers connected to
    it. If the routing tables on the server are flushed, then the server
    will populate a full IPX routing table. But after five minutes or so,
    the server loses all IPX routes and does not seem to receive any more
    IPXRIP updates - so the IPX routing table on the server empties, showing
    only the local addresses.

    There are three Netware servers connected to this switch and, bizarrely,
    the problem affects only the most recent server to get connected.

    One of the servers (on FA0/9) is redundant, and one of the servers (on
    FA0/21) is fairly unstable - but very important.

    During backup the server on FA0/21 will quite often drop it's connection
    to the switch, more an annoyance than a problem. When it reconnects it
    suffers this weird IPX issue and cannot populate it's IPX route table. I
    have a little tool which sits and does period IPX Ping checks, and when
    this reports a failure I go to the 3550 and shut/no shut FA0/9 - making
    the redundant server the mostly recently connected. IPX routes then
    populate to the server on FA0/21 and the server on FA0/9 shows an empty
    IPX route table instead - which is not a major issue.

    For info, the 3550 has the IP routing module installed, and the server
    is a Compaq Proliant 1600 running NW4.11SP9. Sorry - I don't have Cisco
    IOS revisions handy, but the switches were only recently bought so it
    should be fairly up to date.

    Thanks for any info!
     
    Andy Lawson, Apr 23, 2004
    #1
    1. Advertisements

  2. Andy Lawson

    Hansang Bae Guest


    It sounds like you need to check your duplex settings in NetWare and the
    switch. Also, do you have any IPX timers or RIP/SAP timers in place?
    Mismatched timers can cause what you're seeing on the servers.


    --

    hsb

    "Somehow I imagined this experience would be more rewarding" Calvin
    *************** USE ROT13 TO SEE MY EMAIL ADDRESS ****************
    ********************************************************************
    Due to the volume of email that I receive, I may not not be able to
    reply to emails sent to my account. Please post a followup instead.
    ********************************************************************
     
    Hansang Bae, Apr 24, 2004
    #2
    1. Advertisements

  3. Andy Lawson

    Andy Lawson Guest

    I've played with the duplex and speed settings on both switch and
    server, without success. Tried fixing both to the same speed and duplex
    on all options (10 half, 10 full, 100 half and 100 full) - no change.

    IPX and RIP/SAP timers sound interesting - never heard of these before.
    Do you know of any useful pages I can read on this? I'll have a hunt
    myself, but it never hurts to ask :)

    Cheers!
     
    Andy Lawson, Apr 24, 2004
    #3
  4. Andy Lawson

    Hansang Bae Guest

    The cable's good? NIC nlms are up to date? Tried a different nic?

    Search cisco for "ipx rip sap timers" The commands you're looking for
    are "ipx update interval rip" and "ipx update interval sap"


    --

    hsb

    "Somehow I imagined this experience would be more rewarding" Calvin
    *************** USE ROT13 TO SEE MY EMAIL ADDRESS ****************
    ********************************************************************
    Due to the volume of email that I receive, I may not not be able to
    reply to emails sent to my account. Please post a followup instead.
    ********************************************************************
     
    Hansang Bae, Apr 25, 2004
    #4
  5. Andy Lawson

    Andy Lawson Guest

    Tried different NICs, cables and switch ports. It doesn't appear to be
    the NIC drivers - it happens to whichever server is last connected (one
    is NW4.11SP9, one's NW6SP3 and the other's NW6SP4). We havn't tried
    replacing the NIC nlms because it doesn't look like a fix. Plus, I built
    the two NW6 boxes, but the NW4 box pre-dates my employment at this
    company and I don't trust it :) Can't afford to lose it at the moment, tho!
    Hmmmm. Had a quick browse thru this lot - the "ipx sap-queue-maximum"
    looks interesting - I might try and increase`this. I guess I'm looking
    for some situation where one of the servers can drop off the end of some
    sort of queue or buffer.

    Thanks for the input - any other ideas you (or anybody) might have,
    please let me know!
     
    Andy Lawson, Apr 25, 2004
    #5
  6. Andy Lawson

    mh Guest

    1. Is IPX routing configured on your 3550 or is IPX being bridged?

    2. If IPX routing is not configured, then none of the IOS IPX commands
    will be applicable (i.e. "ipx update interval rip")

    3. Please post your complete 3550 config without passwords
     
    mh, Apr 25, 2004
    #6
  7. Andy Lawson

    mh Guest

    mh, Apr 25, 2004
    #7
  8. Andy Lawson

    Andy Lawson Guest

    Eeep. Forgot about that. The 3550 doesn't route IPX, it just bridges it.
    Will do. Don't have it here, unfortunately....
     
    Andy Lawson, Apr 25, 2004
    #8
  9. Program ended abnormally on 25/04/2004 09:40, Due to a catastrophic mh error:
    AFAIK, 3550s do not support IPX routing.
    Or at least answer these questions:
    - Are all three servers on the same ipx network?
    - Are all switch ports for the servers configured for STP-portfast?
    - Do any of the servers run NLSP? If so, do all three?
    - If the servers have IP loaded, do IP pings also stop?

    Since the 3550 couldn't care less about ipx packets, it's either a physical
    issue with the port where that server is connected or a mismatch between the ipx
    settings of that new server and the other two.
     
    Francois Labreque, Apr 25, 2004
    #9
  10. Andy Lawson

    mh Guest

    Post the following info:


    show version

    show mac-address-table aging-time ! Default is 300 seconds / 5 minutes


    show mac-address-table ! Enter this command when all Novell servers
    are reachable


    show mac-address-table ! Enter this command again after the Novell
    server loses it routes and
    ! BEFORE resetting Novell server IPX routing table
    ! to see if the server's MAC address is in the switch's layer 2
    forwarding table



    show interface fa 0/9 ! Do a show interface for all Novell server
    ports
    show interface fa 0/21



    clear counters



    show interface counters fa 0/9 ! Show the interface counters for the 3
    Novell server switch ports
    show interface counters fa 0/21 ! repeat several times
     
    mh, Apr 25, 2004
    #10
  11. Andy Lawson

    Hansang Bae Guest

    Some other things to think about. Do you have more than one frame type
    bound to the NIC? I.e. 802.3raw and 802.2 (sic) running together? Or
    are your running everything in Ethernet_II? What about your printers?

    You have unique internal IPX numbers for the servers, correct?

    Does NDS look healthy?

    --

    hsb

    "Somehow I imagined this experience would be more rewarding" Calvin
    *************** USE ROT13 TO SEE MY EMAIL ADDRESS ****************
    ********************************************************************
    Due to the volume of email that I receive, I may not not be able to
    reply to emails sent to my account. Please post a followup instead.
    ********************************************************************
     
    Hansang Bae, Apr 25, 2004
    #11
  12. Andy Lawson

    Andy Lawson Guest

    Yes. All NICs bound with IPX to this switch have the same IPX address.
    Further - we have four 3550s connected in a (currently partial) ring
    with high speed short haul connections, spanning the London area. All
    NICs connected to these switches use the same IPX address, but different
    IP addresses are bound at each site and to the short haul interconnects.
    I would guess there are in the region of 300 stations connected into
    this IPX network - not a scary number, but we do need it to be stable!
    We're looking to add probably another coupla hundred or so, and complete
    the ring to establish redundancy on the short haul lines.
    Will check config (and copy here) tomorrow.
    Don't think so - will check.
    All three have IP bound. IP pings do not stop.
    About a week and a half prior to the fault occurring, we re-numbered the
    IP and IPX networks in use at this site, and brought in the new Cisco
    equipment. All systems ran fine from the time of the migration until the
    fault occurred.

    The new server was installed because the issue arose. We couldn't find a
    fix - in fact we had significant trouble isolating the circumstances of
    the fault. The server just stopped routing IPX one day...

    One of the things we tried was to replace the server and attempt to
    migrate the volumes to the new box. It was during the installation of
    the new server (the server now connected for FA0/9) that we noted the
    problem transferred to the new server. This lead us to the conclusion
    that the problem only arose on the most recent server to establish an
    ethernet connection to the switch. Then we able to switch the problem
    back to the new server.

    Again - thanks for all the input, I'll try and post the extra info tomorrow.

    Cheers!
     
    Andy Lawson, Apr 25, 2004
    #12
  13. Andy Lawson

    mh Guest

    Do you have access to a Sniffer ?

    Is there a spare port on the 3550 to which the Novell server are connected?
     
    mh, Apr 26, 2004
    #13
  14. Andy Lawson

    Andy Lawson Guest

    IOS (tm) C3550 Software (C3550-I5Q3L2-M), Version 12.1(13)EA1a, RELEASE
    SOFTWARE (fc1)

    The MAC table contains addresses for both servers at the moment (and
    we're still having the problem). I can't risk knocking out service
    during the day, so I won't reset anything just yet....
    FastEthernet0/9 is up, line protocol is up (connected)
    Hardware is Fast Ethernet, address is 000c.ceed.e789 (bia 000c.ceed.e789)
    MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
    reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation ARPA, loopback not set
    Keepalive set (10 sec)
    Half-duplex, 100Mb/s
    input flow-control is off, output flow-control is off
    ARP type: ARPA, ARP Timeout 04:00:00
    Last input never, output 00:00:00, output hang never
    Last clearing of "show interface" counters never
    Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
    Queueing strategy: fifo
    Output queue :0/40 (size/max)
    5 minute input rate 0 bits/sec, 0 packets/sec
    5 minute ouxtput rate 0 bits/sec, 0 packets/sec
    2177480 packets input, 474273386 bytes, 0 no buffer
    Received 51951 broadcasts, 0 runts, 0 giants, 0 throttles
    0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
    0 watchdog, 5960 multicast, 0 pause input
    0 input packets with dribble condition detected
    7988773 packets output, 1405408427 bytes, 0 underruns
    7044 output errors, 9649 collisions, 19 interface resets
    0 babbles, 7044 late collision, 957 deferred
    0 lost carrier, 0 no carrier, 0 PAUSE output
    0 output buffer failures, 0 output buffers swapped out

    This looks fairly dull apart from sh int counters errors, which shows
    the following. FA0/9 is the only port with any recorded errors at all,
    and has the currently dud server on it.

    Port Single-Col Multi-Col Late-Col Excess-Col Carri-Sen Runts
    Giants
    Fa0/9 7723 1926 7044 0 0 0
    0


    Thanks again.
     
    Andy Lawson, Apr 26, 2004
    #14
  15. Andy Lawson

    Andy Lawson Guest

    Nope. IPX is only bound with Ethernet_802.2 and IP with Ethernet_II, on
    all servers. Printers are left as default, most report no IPX networks
    apart from the 802.2 one.
    Yes - we checked this.
    As healthy as it ever gets. We spent several hours cleaning it out on
    the night disaster occurred - didn't make any difference.
     
    Andy Lawson, Apr 26, 2004
    #15
  16. Hello, Andy!
    You wrote on Mon, 26 Apr 2004 16:51:49 GMT:

    AL> packets output, 1405408427 bytes, 0 underruns 7044
    AL> output errors, 9649 collisions, 19 interface resets 0
    AL> babbles, 7044 late collision, 957 deferred 0 lost

    AL> Port Single-Col Multi-Col Late-Col Excess-Col Carri-Sen
    AL> Runts
    AL> Giants
    AL> Fa0/9 7723 1926 7044 0 0
    AL> 0 0

    Looks like you have a duplex mismatch. Try to hardcode Fa0/9 to 100/Full.

    With best regards,
    Andrey.
     
    Andrey Tarasov, Apr 26, 2004
    #16
  17. Andy Lawson

    Andy Lawson Guest

    Yes - well, Ethereal. I've mailed a capture off to Novell, but they've
    gone quiet on the whole affair (and I think it's a config problem or bug
    on the 3550 anyway). I had a quick scan thru it, but couldn't find
    anything too horrific. Any ideas what I should be looking for?
    I took the capture immediately after I'd done a router reset on the
    problem server until well after the server had dropped off the IPX
    network, from a PC connected on a hub with the server and switch port.
    Yes. I've tried connecting the various servers to various ports without
    success.
     
    Andy Lawson, Apr 26, 2004
    #17
  18. Andy Lawson

    Andy Lawson Guest

    Thanks, but I've already tried that.
    It's possible this server and switchport do have a mismatch, but I don't
    think that's causing the problem with loss of IPX routing. We tried
    hardcoding the speed and duplex on all ports and server during our
    *exhaustive* problem solving excercise. :)
     
    Andy Lawson, Apr 26, 2004
    #18
  19. Hello, Andy!
    You wrote on Mon, 26 Apr 2004 17:09:52 GMT:

    AL> Thanks, but I've already tried that.
    AL> It's possible this server and switchport do have a mismatch,
    AL> but I don't think that's causing the problem with loss of IPX
    AL> routing. We tried hardcoding the speed and duplex on all
    AL> ports and server during our *exhaustive* problem solving
    AL> excercise. :)

    If you tried forcing speed/duplex settings already were you able to eliminate
    duplex mismatch? I'm not familiar with Novell drivers but in Windows world
    reboot is usually required to reflect the changes in speed/duplex settings. Have
    you tried to change cables?
    Without working Ethernet connection it's pointless to troubleshoot higher
    layers.

    With best regards,
    Andrey.
     
    Andrey Tarasov, Apr 26, 2004
    #19
  20. Andy Lawson

    mh Guest


    do you see that server advertising its IPX RIP routes ; probably
    should be just two - the internal network number and the external
    witha hop count of 0 and should be sent with a broadcast MAC address

    do you see RIP routes from the other servers being recieved in the
    Etherreal trace?
    This is quite important becasue if you see them then it would indicate
    that for some reason your server is going deaf to RIP updates

    If you dont see RIP routes being received then that may indicate a
    switch issue.


    Are you going to post your switch config?
     
    mh, Apr 27, 2004
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.