Solved

Broadcast storm issue

Posted on 2014-09-18
3
421 Views
Last Modified: 2014-09-24
I am having an issue with a broadcast storm on my network. We have a Cisco ASA 5512-X, and under it is a WLC 2504 with a Netgear Prosafe Managed switch, and 4 2602 APs. For wired, we have unmanaged switches.

Internal and external traffic stops, and when using wireshark I get a bunch of Pause packets, and every so often one points to the MAC address of the Prosafe switch. STP is turned on at a level of 10.  I have also noticed a lot of ARP and NetBios requests as well.

When the storm starts, if I unplug the WLC the storm stops once the packets reach their TTL and everything comes back up. I have been unable to figure out where the problem machine lies. Anyone have any ideas?


EDIT: I just found this in wireshark, and there are 6900+ entries, one right after the other. 192.168.1.X is not a part of our network. 192.168.15.X is our internal network. Does this look like BS to you? It looks like BS to me.

2788596      17:33:44.370447000      192.168.1.2      Broadcast      ARP      60      Who has 192.168.15.1?  Tell 192.168.15.186 (duplicate use of 192.168.15.186 detected!)
0
Comment
Question by:LA_Admin
  • 2
3 Comments
 
LVL 45

Expert Comment

by:Craig Beck
ID: 40331769
If the storm stops when the WLC is disconnected I'd look at things like LAG and STP on the WLC.

How is the WLC configured to connect to the switch?  Does it use LAG, or multiple ports configured as active and backup?  Is STP configured on the WLC?  How about the switch?  What's its configuration to link the WLC?
0
 

Accepted Solution

by:
LA_Admin earned 0 total points
ID: 40333382
I found an Ethernet cable with both ends plugged into a switch that was hidden on someone desk. Loop removed, and we have been stable since.
0
 

Author Closing Comment

by:LA_Admin
ID: 40341131
This was the root cause of our issue
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we have discussed about the OS X EI Capitan and how to fix Wi-Fi issue in OS X El Capitan. We have explained how to delete system level preferences and create a new Wi-Fi location to resolve Wi-Fi issue.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question