Network problem

The link between SITE A-C6509B (4/48) and SITE B-C6509A (G3/48) is a 100Mbit/s LAN Extension Service circuit.  As a result of problems being experienced with traffic running on this link, a test VLAN was created with ID 2000.  This VLAN only exists in these two switches, and only on this one link.  The subnet created on this VLAN (172.20.1.0/24) is not included in any routing protocol, and only exists on this VLAN.
 
172.20.1.2 SITE B-C6509A -> G3/48 -> LES circuit -> G4/48 -> SITE A-C6509B 172.20.1.1
 
If the link is configured with just VLAN 2000, pinging both ways between the two nodes on 172.20.1.0/24 works fine.  It also works if you have VLANs 1 and 2000.  However, if you add further VLANs, the following behaviour is exhibited:
 
An extended ping (10000 packets) from 172.20.1.2 (on SITE B-C6509A) to 172.20.1.1 (on SITE A-C6509B) fails.  However, the ARP table is completed correctly for 172.20.1.2.  Also, the mac address table is showing the mac address for 172.20.1.2 in VLAN2000 correctly via G3/48.  The same is true at the other end of the link - the arp and mac tables for 172.20.1.2 are completed correctly.  After a while, the mac address table times out at both ends, even with the continued ping attempts.
Whilst the extended ping is failing, issuing "ping 172.20.1.2" from SITE A-C6509B not only works, but it causes a few hundred pings in the opposite direction to succeed.
OSPF is the routing protocol

 
 

The-link-between-SITE-A.doc
andrewsmith950Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Istvan KalmarHead of IT Security Division Commented:
HI,

What showing the spanning-tree on the vlan 2000?
0
andrewsmith950Author Commented:
Site B-C6509A#sh spanning-tree vlan 2000

VLAN2000
  Spanning tree enabled protocol rstp
  Root ID    Priority    34768
             Address     001a.30b3.8000
             Cost        3
             Port        1665 (Port-channel1)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    34768  (priority 32768 sys-id-ext 2000)
             Address     001b.8f4e.2000
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- -----------------------------
Gi3/48              Desg FWD 30        128.304  P2p
Po1                 Root FWD 3         128.1665 P2p


Site A-C6509B#sh spanning-tree vlan 2000

VLAN2000
  Spanning tree enabled protocol rstp
  Root ID    Priority    34768
             Address     001a.30b3.8000
             Cost        22
             Port        432 (GigabitEthernet4/48)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    34768  (priority 32768 sys-id-ext 2000)
             Address     001b.9090.b000
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- ------------------------
Gi4/48              Root FWD 19        128.432  P2p
Po1                 Desg FWD 3         128.1665 P2p
0
Don JohnstonInstructorCommented:
Are any of your switches CatOS? If so, are you using GVRP? If you are, you'll need to set the port registration to the IOS switches to "fixed registration".
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

andrewsmith950Author Commented:
No we are using IOS

C6509A#sh vers
Cisco IOS Software, s72033_rp Software (s72033_rp-ADVIPSERVICESK9_WAN-M), Versio
n 12.2(33)SXH3, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Thu 24-Jul-08 19:18 by prod_rel_team

ROM: System Bootstrap, Version 12.2(17r)S4, RELEASE SOFTWARE (fc1)
0
andrewsmith950Author Commented:
I just noticed the interface has an STP cost of 30 on it.
Could this be the problem?
It is probably the reason why we keep getting routing loops


interface GigabitEthernet4/47
 description LES-Connection
 switchport
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1,10-12,2000
 switchport mode trunk
 logging event link-status
 speed 100
 duplex full
 wrr-queue bandwidth 20 100 200
 priority-queue queue-limit 5
 wrr-queue queue-limit 65 15 15
 wrr-queue random-detect min-threshold 1 70 100 100 100 100 100 100 100
 wrr-queue random-detect min-threshold 2 70 100 100 100 100 100 100 100
 wrr-queue random-detect min-threshold 3 40 40 50 50 60 60 70 70
 wrr-queue random-detect max-threshold 1 100 100 100 100 100 100 100 100
 wrr-queue random-detect max-threshold 2 100 100 100 100 100 100 100 100
 wrr-queue random-detect max-threshold 3 70 70 80 80 90 90 100 100
 wrr-queue cos-map 2 1 1 2
 wrr-queue cos-map 3 5 3 4
 wrr-queue cos-map 3 7 6 7
 rcv-queue threshold 1 50 50 60 60 100 100 100 100
 rcv-queue threshold 2 60 80 100 100 100 100 100 100
 rcv-queue cos-map 1 1 0
 rcv-queue cos-map 1 2 1
 rcv-queue cos-map 1 3 2
 rcv-queue cos-map 1 4 3
 rcv-queue cos-map 2 1 4
 rcv-queue cos-map 2 2 5
 rcv-queue cos-map 2 3 6
 rcv-queue cos-map 2 4 7
 mls qos trust dscp
 auto qos voip trust
 spanning-tree cost 30
0
andrewsmith950Author Commented:
Just tested by removing the cost and the problem still exists
0
andrewsmith950Author Commented:
The problem was vlans having their own instances of Spanning tree due to VTP pruning. And OSPF using multipath load balancing and some routes coming to dead ends. Also all HSRP groups were in default group 0.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.