Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Broadcast storm issue

Posted on 2014-09-18
3
Medium Priority
?
442 Views
Last Modified: 2014-09-24
I am having an issue with a broadcast storm on my network. We have a Cisco ASA 5512-X, and under it is a WLC 2504 with a Netgear Prosafe Managed switch, and 4 2602 APs. For wired, we have unmanaged switches.

Internal and external traffic stops, and when using wireshark I get a bunch of Pause packets, and every so often one points to the MAC address of the Prosafe switch. STP is turned on at a level of 10.  I have also noticed a lot of ARP and NetBios requests as well.

When the storm starts, if I unplug the WLC the storm stops once the packets reach their TTL and everything comes back up. I have been unable to figure out where the problem machine lies. Anyone have any ideas?


EDIT: I just found this in wireshark, and there are 6900+ entries, one right after the other. 192.168.1.X is not a part of our network. 192.168.15.X is our internal network. Does this look like BS to you? It looks like BS to me.

2788596      17:33:44.370447000      192.168.1.2      Broadcast      ARP      60      Who has 192.168.15.1?  Tell 192.168.15.186 (duplicate use of 192.168.15.186 detected!)
0
Comment
Question by:LA_Admin
  • 2
3 Comments
 
LVL 47

Expert Comment

by:Craig Beck
ID: 40331769
If the storm stops when the WLC is disconnected I'd look at things like LAG and STP on the WLC.

How is the WLC configured to connect to the switch?  Does it use LAG, or multiple ports configured as active and backup?  Is STP configured on the WLC?  How about the switch?  What's its configuration to link the WLC?
0
 

Accepted Solution

by:
LA_Admin earned 0 total points
ID: 40333382
I found an Ethernet cable with both ends plugged into a switch that was hidden on someone desk. Loop removed, and we have been stable since.
0
 

Author Closing Comment

by:LA_Admin
ID: 40341131
This was the root cause of our issue
0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is a step by step guide on how to create a basic PTP link using Ubiquiti airOS devices. This guide can be used on the following Ubiquiti AirMAX devices. Nanostation, Bullets, AirBridge, Nanobeam, NanoBridge to name a few. Please review …
In this article, we’ll look at how to deploy ProxySQL.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question