Solved

What would be the cause of this?

Posted on 2009-05-12
2
190 Views
Last Modified: 2013-11-09
I've been working on a networking problem where multiple workstations have a brief interruption in their network connection, (as indicated by a timeout on a ping -t.)  To make a long story short, I was watching wireshark when this happened and I was wondering if someone could point me in the right direction as to what would cause this.

I was using wireshark on a laptop plugged into my switch.  The switch is managed and I had port mirroring from one of my network printers ports so that I could monitor traffic going to the port belonging to the printer.  The reason I chose the printers port on the switch is because when this anomaly  happens the printer will usually not respond to  pings for 30 sec to 1 min.  So I wanted to see if a jabbering nic someplace is causing it.

What is strange about this, (and I attached a screenshot of the wireshark capture while this was happening,) is that the printers static ip is 192.168.1.145.

If you notice in the screenshot, ( at time of 1140,) i'm sniffing traffic destined for 192.168.1.39, (which is a time card program kiosk at my facility.)  Wny was the printer at 192.168.1.145 receiving traffic destined for 192.168.1.39?  

Is this a bad switch?  A bad nic in the server that transmitted the packet? Is it something else entirely.  Any help would be appreciated.
WsharkCapture.jpg
0
Comment
Question by:FASP
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 10

Accepted Solution

by:
lanboyo earned 500 total points
ID: 24366949
A switch that has not learned the destination port for a particular mac address will send packets destined for that mac address out all ports in the vlan in which it was received.

So as the mac-addresses time out of the vlan table they will need to be sent to all interfaces.
0
 
LVL 10

Expert Comment

by:lanboyo
ID: 24367223
Now if this is simultaneous to the timeouts then you might have a problem. Usually I suspect spanning tree topology changes for this type of thing.....

The mac-address timeout is usually set for 300 seconds, you can increase it if you get a lot of this.

mac address-table aging-time 600

 makes it 10 minutes.

What really might be occuring is that the link between the switch that .39 is on and the switch that the server.firstaidandsaf is on went down or into blocking mode and the network is color storming the packet  out all interfaces except the one it came in on, and your switch is doing the same.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VLAN CONFIGURATION 2 62
802.1x and RDP Issues 6 79
Password recovery 2950 is Deleting configuration Why 8 40
VMware:  Virtual switches and multiple NICs 9 56
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question