What would be the cause of this?
I've been working on a networking problem where multiple workstations have a brief interruption in their network connection, (as indicated by a timeout on a ping -t.) To make a long story short, I was watching wireshark when this happened and I was wondering if someone could point me in the right direction as to what would cause this.
I was using wireshark on a laptop plugged into my switch. The switch is managed and I had port mirroring from one of my network printers ports so that I could monitor traffic going to the port belonging to the printer. The reason I chose the printers port on the switch is because when this anomaly happens the printer will usually not respond to pings for 30 sec to 1 min. So I wanted to see if a jabbering nic someplace is causing it.
What is strange about this, (and I attached a screenshot of the wireshark capture while this was happening,) is that the printers static ip is 192.168.1.145.
If you notice in the screenshot, ( at time of 1140,) i'm sniffing traffic destined for 192.168.1.39, (which is a time card program kiosk at my facility.) Wny was the printer at 192.168.1.145 receiving traffic destined for 192.168.1.39?
Is this a bad switch? A bad nic in the server that transmitted the packet? Is it something else entirely. Any help would be appreciated.
WsharkCapture.jpg
I was using wireshark on a laptop plugged into my switch. The switch is managed and I had port mirroring from one of my network printers ports so that I could monitor traffic going to the port belonging to the printer. The reason I chose the printers port on the switch is because when this anomaly happens the printer will usually not respond to pings for 30 sec to 1 min. So I wanted to see if a jabbering nic someplace is causing it.
What is strange about this, (and I attached a screenshot of the wireshark capture while this was happening,) is that the printers static ip is 192.168.1.145.
If you notice in the screenshot, ( at time of 1140,) i'm sniffing traffic destined for 192.168.1.39, (which is a time card program kiosk at my facility.) Wny was the printer at 192.168.1.145 receiving traffic destined for 192.168.1.39?
Is this a bad switch? A bad nic in the server that transmitted the packet? Is it something else entirely. Any help would be appreciated.
WsharkCapture.jpg
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The mac-address timeout is usually set for 300 seconds, you can increase it if you get a lot of this.
mac address-table aging-time 600
makes it 10 minutes.
What really might be occuring is that the link between the switch that .39 is on and the switch that the server.firstaidandsaf is on went down or into blocking mode and the network is color storming the packet out all interfaces except the one it came in on, and your switch is doing the same.