LA_Admin
asked on
Broadcast storm issue
I am having an issue with a broadcast storm on my network. We have a Cisco ASA 5512-X, and under it is a WLC 2504 with a Netgear Prosafe Managed switch, and 4 2602 APs. For wired, we have unmanaged switches.
Internal and external traffic stops, and when using wireshark I get a bunch of Pause packets, and every so often one points to the MAC address of the Prosafe switch. STP is turned on at a level of 10. I have also noticed a lot of ARP and NetBios requests as well.
When the storm starts, if I unplug the WLC the storm stops once the packets reach their TTL and everything comes back up. I have been unable to figure out where the problem machine lies. Anyone have any ideas?
EDIT: I just found this in wireshark, and there are 6900+ entries, one right after the other. 192.168.1.X is not a part of our network. 192.168.15.X is our internal network. Does this look like BS to you? It looks like BS to me.
2788596 17:33:44.370447000 192.168.1.2 Broadcast ARP 60 Who has 192.168.15.1? Tell 192.168.15.186 (duplicate use of 192.168.15.186 detected!)
Internal and external traffic stops, and when using wireshark I get a bunch of Pause packets, and every so often one points to the MAC address of the Prosafe switch. STP is turned on at a level of 10. I have also noticed a lot of ARP and NetBios requests as well.
When the storm starts, if I unplug the WLC the storm stops once the packets reach their TTL and everything comes back up. I have been unable to figure out where the problem machine lies. Anyone have any ideas?
EDIT: I just found this in wireshark, and there are 6900+ entries, one right after the other. 192.168.1.X is not a part of our network. 192.168.15.X is our internal network. Does this look like BS to you? It looks like BS to me.
2788596 17:33:44.370447000 192.168.1.2 Broadcast ARP 60 Who has 192.168.15.1? Tell 192.168.15.186 (duplicate use of 192.168.15.186 detected!)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This was the root cause of our issue
How is the WLC configured to connect to the switch? Does it use LAG, or multiple ports configured as active and backup? Is STP configured on the WLC? How about the switch? What's its configuration to link the WLC?