General discussion

Locked

NIC or Switch

By IT cowgirl ·
One computer had issue with dropped packets trying to access servers on the LAN. Change NIC. Next day 3 more had same issue. Change NICs. Next day 5 more had same issue. Change 4 NICs. But on the last machine, just changed the NIC MAC and it works OK. Different hardware/OS/NICs on all. Users on different floor switches. Only core switch is common to all. No routing because all are on same VLAN.

This has gone on for 10 days. No reocurrance on the new NICs, just new users every day...

Ideas?

This conversation is currently closed to new comments.

10 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by NZ_Justice In reply to NIC or Switch

Packets are dropped when they are blocked by firewalls.

The switch firewall could be blocking the packets.

Win XP service pack 2 limit's TCP/IP connection attempts to ten to solve this go here http://www.lvllord.de/ more info here http://www.lvllord.de/?lang=en&url=tools

Try running "lan gard". It is free for thirty days but only allows you to scan up to ten computers (Shareware limit, It is unlimited if you purchase a license).

It could be cable degradation or faulty UTP cables.

Zonelabs zone alarm also blocks lan connections.

If you are using win2k3 server with service pack on this has a firewall witch will block packets. Turn the windows firewall off.

You could also look in the event viewer of the servers. If Linux server use what ever error logging technique that you have. It might help you decipher what the problem is.

You could also run a program like ethereal and monitor the network to get a picture of what is going on.

Collapse -

by IT cowgirl In reply to

No firewalls set inside the lan or on machines. Changing the NIC or the MAC on the NIC resolves issue... No servers showing any errors, only effected about 11 client machines now. I ran some ethereal sniffing this evening, will run another tomorrow with normal traffic. No chance to review the tracings yet. How can changing the MAC on the NIC make a difference if nothing is blocking on the lan?

Collapse -

by Toivo Talikka In reply to NIC or Switch

Do your switches have management interfaces? The statistics could reveal some idiosyncracies between the performance of different ports.

If a different MAC address made all the difference, the new address was perhaps placed in a different memory location in the RAM of the switch. If there is an intermittent problem in the switch, you may have to replace the floor switch first, unless the statistics point elsewhere.

Collapse -

by IT cowgirl In reply to

Not sure what context you mean by management interfaces... I am using rhereal to sniff packets through the latest machine with the issue and through the switch itself by using a machine plugged into a port set to monitoring and sniffing through that interface. I only have access to the core switch, none of the 20 or so floor switches which hang off the core switch. I would think if it was a switch ram issue then the same thing would happen again, and it has not yet done so. It is only spreading to more machines...

Collapse -

by robo_dev In reply to NIC or Switch

If changing the mac address fixes it, that would indicate that the forwarding database of one or more ethernet switches is not getting refreshed appropriately. This could happen due to hardware failure, a topology error, or some other issue such as excessive traffic. A restart of the switches will clear the forwarding database, although this should be happening automatically whenever a new device connects to the network and on a timed interval as well.

Typically when a switch port establishes link, the forwarding database is cleared. So sometimes just plug/unplug user connection will help. I've seen issues where if you plug into another port at the switch, errors with the fdb go away.

Make sure that there are no topology errors such a user hub plugged into two switch ports (this wreaks havoc with the switch forwarding database). The management interface of the switch might indicate other problems like excessive CRC errors on ports due to speed negotiation errors (nic connects at 100/half duplex, switch port is at 100/full duplex). Some devices, such as Wireless LAN access points and clients, can also make ethernet switch forwarding databases go haywire since these devices tend to like to hold onto mac addresses even when a client device has been turned off, or gone to sleep.

Collapse -

by IT cowgirl In reply to

We have bpdu guard on all the ports on the floor switches. We tried unpluging and replgging and it did clear the database and updated the device information. We also tried other ports. But the issues remained.

Collapse -

by hozcanhan In reply to NIC or Switch

Diana , in your comments you pointed & insisted on Mac Address "change" solves the issue . You have a sort of mac address ( Layer 1 ) level filtering or management activated in your switch . But stating that you are changing mac addresses means you are utilizing one of those dangerous toys manipulating ( creating dummy mac ad ) mac addresses . Well there you are you must have messed up with that piece of software or management choice . Remove all restriction or enabled mac address definitions .

Collapse -

by IT cowgirl In reply to

We did try this but the issues still existed.

Collapse -

by IT cowgirl In reply to NIC or Switch

OK, we spent several hours onsite last night tracing packets from the core switch to a "bad machine" and the troublesome mail server which kept dropping packets too.
We finally tracked down through another switch that the "dropped" packets were in fact being relayed back to the core switch through the fiber which was being received by the core switch but not being "switched" to the correct port. We rebooted the switch and the issue remained. We switched over to the other sup module and instantly overthing began to work perfectly!

Bad sup module. Must have been having intermittent issues for awhile but had not yet died. Imagine that!

Thanks so much for all your suggestions!! Great mids think alike!

Collapse -

by IT cowgirl In reply to NIC or Switch

This question was closed by the author

Back to Networks Forum
10 total posts (Page 1 of 1)  

Related Discussions

Related Forums