How to find possible network loop ?

Posted on 2006-03-23
Last Modified: 2013-12-07

I am using on my network the McAffe e250 Webshield appliance, that device is set as trasnparent bridge.Most of the time works fine but some times kills the Internet traffic because it is going to the 100% processor usage .

Talking with McAfee support they told me that the appliance is configured correctly and they told me also that the source of the problem is a NETWORK LOOP .

What could be causing a network loop ? How can I detect a network loop ?

Any ideas ?

Question by:gzarate
    LVL 8

    Accepted Solution

    There are several options. The easies would be turn on debugging nd see where the loops startis. assuming you have that capabiltity on the device.
    LVL 17

    Assisted Solution

    What could be causing a network loop ?
    In my understanding a network loop is when you direct or indirect connect 2 ports on a switch.
    Analog to placing microfone in front of loudspeeker. Where signal also is amplified until saturation.

    You can protect against a network loop by using managed sw.'s with Spanning Tree Protocol enabeled (in case of loop condition STP will break up network)
    LVL 14

    Assisted Solution

    You might as well tell the McAfee guys that they have a hole in their webshield because all the bits are going thru.  
    The McAfee explaination seems as hokey as my statement.  

    The generic statement of a network loop implies that the topology has at least 2 paths that data can traverse in such a manner that your packets are forever travelling in a circular motion.  In this case, it would cause something more than the McAfee e250 Webshield appliance to register 100% processor usage.  In the classic sense, it would grind at least that portion of the network to slow down to a grind or halt as it continually re-processes data packets.

    On the serious side, you may want to check the logs on that appliance to determine what it is processing when this issue occurs.  

    Otherwise if I guess correctly; you will only have this issue when the McAfee appliance is operating, otherwise minus the concerns of virus and trojans in its many forms , your network works normally.    Hence no network loop.  I suspect that the appliance probably gets stuck on certain pieces of data that passes thru it and the CPU is forever processing invalid data.

    I would either suggest that you call McAfee support and request another tech to investigate the McAfee appliance.

    LVL 4

    Assisted Solution

    If McAfee or whoever insists on blaming a network loop, then physically remove some wires until there are no switching loops. (If this is possible)

    But you know, those "network loops" don't heal themselves just like the microphones in jburgaard's example don't quiet down until the problem is fixed. So if you have a "sometimes" condition, it is probably not a network loop.

    But take out a few wires to physically eliminate all loops. Then if the same thing happens, call back the vendor and tell him his device has a problem.

    Alternatively, you can just turn on STP (it's on by default probably) and trace the network for blocked ports and such. But in this case,t he vendor will still claim that you have a network loop.

    LVL 7

    Assisted Solution


    If a network look were the cause then you wouldnt just be losing Internet connection, your entire network would crash.  You can verify this by seeing if computers can ping each other or reach server applications or whatever else your network does.

    A network loop seems like the easy answer from Mcaffe to me.  It is possible though that your Mcaffee device is getting hammered with some kind of traffic, whether it be some kind of attack or a faulty device.
    LVL 26

    Assisted Solution

    by:Leon Fester
    Network loops can cause strange behaviour, yes.  Can cause connectivety failure, yes, however this is entirely dependant on the switches. All managed switches should be able to continue to operate when there is a network loop, traffic however is just aggregated since all broadcast traffic is being sent across your network at least twice. On an unmanaged Switch/Hub, this activities can also result in a broadcast storm, and network failover.

    Unplugging the cables and testing is best(if not only) way to trace the source.

    Just last week I had to trace a network loop, didn't know it at the time, but it was a loop and 1 cable had both ends plugged into the switch.

    To make tracing easier, I'd suggest that you connect a laptop/single machine directly into the switch. Then run Ethereal and enable the realtime update of the log window. Remove all cables and then insert them individually. Ethereal will quickly identify the connected machine, by IP and Netbios name. If you get link activity but no traffic then you've probably found your loop.

    Author Comment

    I have not ever used ethereal , is that a command or a program ?
    LVL 7

    Expert Comment

    Ethereal is an excellent packet captureing program:

    I use it daily, if you are a network admin, it will be your best friend.  Its all GUI based with windows, so you have nothing to worry about.  It may take a day or two to get used to it, but I highly recommend you start.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    Network ports are the threads that hold network communication together. They are an essential part of networking that can be easily ignore or misunderstood, my goals is to show those who don't have a strong network foundation how network ports opera…
    Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now