Solved

Changing VLANs

Posted on 2006-07-14
8
1,035 Views
Last Modified: 2012-06-21
I have a small network (5 24 port cisco 3550s).  Currently I am experiancing a lot of network congestion on one of the switches which I will be taking care of this weekend.  Howerver, while researching this problem I noticed it causing other problems.  Namely it is mucking up Spanning Tree Protocol.

When i did my research in to STP I found many articles saying that it was a bad thing to leave all the swtich ports in VLAN1 as this would add traffic to the cpu and could cause a loss of BPDU's which would break STP.  My busiest swiitch is reporting RTD-1-ADDR_FLAP messages (lots of them) I am guessing that STP is being effected by the HIGH network traffic.

So my question is should I move all my switch ports to another VLAN?  And how hard is this?  We do not use VLAN's here and I really do not see a need for them here except for cases like this.  The other thing mentioned is that with the newer IOS's you can remove VLAN1 (some how).  I do have the newest IOS installed on all my switches so I should be able to do this too.  Is this a good solution or is moving every thing to another VLAN better?

Thanks,
Louis
0
Comment
Question by:louisbohm
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 160 total points
ID: 17111169
I really don't see any need to move anything out of vlan1. You've only got 5 switches so there really should not be any STp issues. How do you have them connected?
Make sure you rule out any duplex mismatches. Use the gui to watch for interface error counters. If you see any interfaces with lots of errors or lots of collisions, then you know you have a duplex mismatch with whatever is attached to that port. You can enable portfast on all ports that have only hosts.
0
 
LVL 1

Assisted Solution

by:applesmash
applesmash earned 160 total points
ID: 17111469
Also, be sure to verify something on the VLAN is not hogging bandwidth. On one occasion I have had two Virus infecteded laptops slow a 48 Port Vlan to a crawl.
Are you using very bandwidth intensive programs? are there certain connections with solid collision lights? If so disconnect and see if things clear up.

As far as switching a port to a different VLAN, there is a ton a of reading on cisco's site.
When consoled in,

switch>en
***Create the VLAN***
***shows what vlan IDs are already used***
switch# Sh VLAN
switch(vlan)# vlan database
switch(vlan)# vlan *
switch(vlan)# exit
***Move the ports to the new VLAN***
switch# config t
switch# int FA0/#
switch# switchport access vlan *
switch# exit

(where # = the switchport)
(Where * = the vlan to move to)
Dont forget to save your config! (switch#wr)

GL

-Dave

0
 
LVL 25

Accepted Solution

by:
Ron Malmstead earned 180 total points
ID: 17111676
TURN OFF spanning tree protocol.

Especially if you are on a small network.

VLAN1, basically means.....your entire network, since you don't have any other VLANs.  To answer that....no you can't remove it.

STP sux bigtime.
0
Business Impact of IT Communications

What are the business impacts of how well businesses communicate during an IT incident? Targeting, speed, and transparency all matter. Find out more in this infographic.

 
LVL 1

Author Comment

by:louisbohm
ID: 17120981
OK... You all have good comments and suggestions.  However, I do like the one about turning off STP.  Since I do not need it (small network and one vlan) why have the extra packets on the wire...

But how do I turn it off??????  I did some searches and did not find the answer.

Louis
0
 
LVL 1

Expert Comment

by:applesmash
ID: 17122233
Before you think of turning STP off take warning that one of it's main functions is to detect and prevent Loops in your network. The Flapping you mentioned happens when a loop is detected. If you turn off STP and there is a loop that it is preventing...then your network will "break".

Take a good hard look at how your network is wired and try to eliminate and loops to resolve the problem before turning this off.

to view the status of spanning tree in enable mode do: sh spanning

For the sake of you users turn this off after-hours.

in config t mode simply type: no span

to view the status of spanning tree in enable mode do: sh spanning

If you don't like the delay in a connection becoming active, you can always use the portfast spanning tree option on ports you are sure will never cause a loop (such as end-user PCs)


0
 
LVL 1

Author Comment

by:louisbohm
ID: 17123069
I had to do some network work this weekend and on of the things I did do was reboot all my switches.  When they came up I did not get that flapping message.  And even now I am not seeing it.  So maybe there was a eccessive amount of traffic causing this problem and not a loop.

As long as I do not see a problem I will not touch STP.

Louis
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 17126386
>As long as I do not see a problem I will not touch STP.
Good idea!

Keeping fingers crossed!!!
0
 
LVL 1

Author Comment

by:louisbohm
ID: 17130381
Thanks every one for your help.

Louis
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question