Ping Timeouts

Discussion in 'Cisco' started by Ed Muller, Oct 31, 2003.

  Ed Muller

    Ed Muller Guest

    I have an unusual problem that I can't seem to pintpoint. Devices on
    the LAN are occassionally losing their connection to other devices,
    randomly. All clients have the latest antivirus, there is a scanmail
    on the exchange server and no spyware that I have found running on any
    PCs. Originally clients were connected through a HP 2324 switch to
    each other. After switching out the HP for another HP, the issue
    continued. I am now in the process of replacing the HP with a catalyst
    2924. This serves only the local VLAN (which previously did not have a
    VLAN assigned except after reaching another catalyst). General design
    is below:

    printers, mgmt via catalyst
    servers & clients via HP 2324 no IP
    end of local network
    catalyst - VLAN 102 (and other VLANS)
    dotq trunk
    2600 router

    The first device in the list (HP 2324) is being replaced with a
    catalyst so I can better diagnose the problem (catalyst IP No other VLANS are experiencing any difficulties.

    Clients/printers currently connected to the new catalyst,
    are able to ping other devices on the catalyst without timeouts, but
    still timeout on occassion to devices on the HP switch (connected via
    FastE to the catalyst), and vice versa. I have turned on broadcast
    filtering and have seen no errors of any kind on the interfaces
    themselves. The only SH PROC CPU on the switch which
    appear to be higher than average are Broadcast Storms (4%) and Port
    Status Proc (13%).

    What can cause timeouts to devices randomly that is not already
    accounted for?
    What are the best practices for determining the cause?
    What sniffer might best help to trace the cause?
    Can this be generated by a bad NIC on one of the PCs?

    Thanks for any assistance,
    Ed Muller
    Ed Muller, Oct 31, 2003
  2. :I have an unusual problem that I can't seem to pintpoint. Devices on
    :the LAN are occassionally losing their connection to other devices,

    :printers, mgmt via catalyst
    :servers & clients via HP 2324 no IP
    :end of local network
    :catalyst - VLAN 102 (and other VLANS)
    :dotq trunk
    :2600 router

    When I look at the IP addresses involved, I'm left wondering
    whether some of those catalysts are the same device but different
    VLAN? If you were to turn all of your VLANs off, would some of
    the links you show get disabled because of STP ?

    If you have multiple VLANs running off your router to a switch
    that distributes the VLANs via port-based VLANs, with more than
    one of those port-based VLANs plugged into the same second switch,
    then you would have to worry about whether each of the VLANs
    has a unique MAC, and if not then how your switches are going
    to react when it sees the same MAC on multiple ports in the
    context of different VLANs.

    At least some of the Cisco routers use the same MAC for each
    VLAN [the 5500+RSM does; I don't have others handy to check.]
    Some switches assume MACs are globally unique, so if they
    receive a packet with the same MAC on a different port, they
    will update the internal MAC/port association, ignoring the VLAN
    boundary. Things don't work too well after that :(
    Walter Roberson, Nov 3, 2003
