Solved

SG300-10 10-Port Gigabit Managed Switch packet loss and reduced bandwidth, layer 2

Posted on 2016-10-18
12
68 Views
Last Modified: 2016-11-21
Hi,


We use SG300 to deliver internet layer 2 connections for our customers but have discovered a problem.
It occour when there is more than 1 customer connected to the SG300, each on separate lan ports and separate vlans
Each port is configured with the customers speed by shaping bw per port.
Lets say the customer on port 1 has 11Mbit shaped speed, and the customer on port 2 has 12Mbit shaped.
Uplink is gigabit.

When one of the customers, lets say on port 1 uses more then the bandwith shaped on port then i get packet loss to the management ip of the SG300, and the customer on port 2 is suffering from very slow internet and packet loss too.

Anyone have a solution to this?
sg300.docx
0
Comment
Question by:TAFJORDMIMER
  • 5
  • 3
  • 2
  • +1
12 Comments
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 41849345
What is the overall network topology around this switch?
1
 
LVL 45

Expert Comment

by:Craig Beck
ID: 41851013
Can you show the CPU stats from the switch while the problem is occurring?
1
 

Author Comment

by:TAFJORDMIMER
ID: 41851739
cpu stats are normal
we notice packet drops only when one of the customer uses more than their bandwith limit.
Lets say the customer on lan port 1 with 11Mbit bw shaping uses 14Mbit then we notice paket drop against the management vlan 4 ip address to the svitsj, and the customer on port 2 is affected also with slow internett and web pages loading slow.
network.png
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 45

Assisted Solution

by:Craig Beck
Craig Beck earned 125 total points (awarded by participants)
ID: 41851777
I don't think that switch is up to it if I'm honest.

As a test, if you configure both ports to be 10/half, then ask each customer to max their link, does it do the same?
0
 
LVL 39

Accepted Solution

by:
Aaron Tomosky earned 250 total points (awarded by participants)
ID: 41852227
Have you tried increasing the burst size?
https://supportforums.cisco.com/discussion/11792586/cisco-sg300-vlan-rate-limit

More information how rate limit can cause dropped packets
http://www.cisco.com/c/en/us/support/docs/quality-of-service-qos/qos-policing/19645-policevsshape.html

Personally I've had much better success with multitenant sharing internet config a in a firewall, with specific experience with sonicwall.
1
 
LVL 25

Assisted Solution

by:masnrock
masnrock earned 125 total points (awarded by participants)
ID: 41868510
I've had similar experience to Aaron in that regard. Either get a better switch, or move the duties to the firewall.

I've used SG300-10 units for Layer 3 duties, but it was only for one organization. Works alright, but nothing impressive. Took some work to get it working right. The bandwidth controls did not really seem to work the way that they should, so I gave up on it. I had initially configured everything right, didn't work. Had to blow out everything, upgrade the firmware, then configure all over again (using backup and restore did not work, as it left me with the same issue).

I've also used one for Layer 2 duties from an ISP connection, been a mixed bag. Definitely took some work to get it working correctly. I had to deal with the ISP (Cox in that instance) because somehow a public IP was getting associated with it, even though the switch had a static local IP, and they had to grant the use of an extra IP.

But I would also ask if you updated the switch to the latest firmware. I have had issues with all sorts of functions within the SG300-10 switch itself that forced me to reset the switch to factory settings, update the firmware, then configure again. That was literally the only way that some things ended up working correctly. (Updating the firmware before the reset to factory is fine as well, but don't expect to be able to have the firmware upgrade along fix issues)
0
 

Author Comment

by:TAFJORDMIMER
ID: 41869676
Thanks for your answer.
We have aproximately 2000 units of  SG300 in our isp network for our company cutomers and never had issues except this bandwith problem.
I dont understand why high traffic up to the bandwith limit set on one lan port should affect the other lan port.

I found a setting on the system summary menu and click on lan port where the settings to open port are. Its called protected port enable setting. I dont know if that should be on or off.
0
 

Author Comment

by:TAFJORDMIMER
ID: 41869681
We have tryed firmware and boot code upgrade but it have no effect on this problem
0
 
LVL 25

Expert Comment

by:masnrock
ID: 41869768
Did you reset the switch to factory settings, then configure it again from scratch after the upgrades? Like I had mentioned, you have to do it that way to notice any benefit from the upgrades.
0
 

Author Comment

by:TAFJORDMIMER
ID: 41869775
No, we havent tried reset, but will try that too in a while to see if it helps
thanks again
0
 

Author Comment

by:TAFJORDMIMER
ID: 41892823
I have discovered one or two more things to try.
One is Enable "TCP Congestion Avoidance" under Quality of Service Menu

The other is mentioned before and is a setting direct on port setting and is called Enable "Protected Port"

Hopefully this will solve it but i dont know yet since i have little deep info about what those settings really do on layer 2.
0
 
LVL 25

Expert Comment

by:masnrock
ID: 41895619
Advised that switch is not up to the job
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VoIP and Data on single switch, with SonicWall 6 71
small, multi network, problem 3 100
traffic flow without STP 9 54
Advise on connecting 3 switches via fibre 4 53
I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
Before I go to far, let's explain HA (High Availability) and why you should consider it.  High availability is the mechanism used to provide redundancy to any service at the same site and appears as a single service to the users of that service.  As…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question