+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
Wireless Networks Thread, Stop looping effects caused by interconnection... in Technical; Hi, We have unmanaged switches with gigabit uplink ports in our classrooms. The uplink ports from the classrooms are connected ...
  1. #1

    Join Date
    Feb 2007
    Posts
    12
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Stop looping effects caused by interconnection...

    Hi,

    We have unmanaged switches with gigabit uplink ports in our classrooms. The uplink ports from the classrooms are connected to a plain gigabit switch again connected to the servers.

    Now and then the pupils amuse themselves by interconnecting two wall network jacks together with a cable. This initiates a looping effect which almost chokes all network traffic.

    A good managed gigabit switch will probably have features which stop such unwanted 'loop' traffic spreading across its ports. In that case the problem wil only occur in the affected classroom.

    Which 'feature' do I look for with managed switches to avoid having problems with such looping effects?

    Does it also exist more advanced switches which can send error messages to an administrator when such a loop problem is detected?

    Thanks for comments and help on this issue

    regards

    johanny

  2. #2
    ChrisC's Avatar
    Join Date
    Mar 2006
    Location
    Dorset
    Posts
    767
    Thank Post
    2
    Thanked 1 Time in 1 Post
    Rep Power
    19

    Re: Stop looping effects caused by interconnection...

    Make sure it mentions STP (spanning tree protocol) in the specifications.

    Cisco catalyst express 500's have worked a treat for that here!

    If you can get managed switches in the classrooms aswell, that will mean just the looped port will be effected.

    Chris

  3. #3

    Join Date
    Feb 2007
    Posts
    12
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: Stop looping effects caused by interconnection...

    Thanks Chris,

    I see that DLink and Linksys also have managed switches with the feature you mention. Would these 'budget' boxes also be an alternative or should we buy the RR right from the beginning??

    How do I configure the spanning tree stuff, is it purely a config on-off switch switch-wide..?

    As of the classroom switches they are already purchased so we'll have to live with them for some years. However it's easy to find out from the simultaneous blinking from switch LEDs at the classroom switch and check just the cables in that room.

    regards

    johnny

  4. #4

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,658
    Thank Post
    858
    Thanked 646 Times in 429 Posts
    Rep Power
    498

    Re: Stop looping effects caused by interconnection...

    Our school gets a lot of looping - and I'm not convinced the Cisco switches have STP (or they do but aren't enabled) - though our LEA assure us that its on..

    THe only solution I have now is to disconnect all used wall sockets.

    Also on the look out for "locks" that can be fitted over wall sockets to stop cables being removed and/or inserted... though would need a fair few of them me thinks

  5. #5
    ChrisC's Avatar
    Join Date
    Mar 2006
    Location
    Dorset
    Posts
    767
    Thank Post
    2
    Thanked 1 Time in 1 Post
    Rep Power
    19

    Re: Stop looping effects caused by interconnection...

    @Gatt
    Ddo you know what model ciscos they are? not all of them have stp, and if the LEA says its on, ask them to provide proof, screenshot of the cisco dashboard would help!
    So if you've traced a loopback to a specific connection, does it not only effect the area it's connected to, or bring down the whole network?

    @Johnny
    Generally managed switches have some sort of interface, cisco call theirs the dashboard, which means it generally is a config option and very easy to enable/disable.
    But to be honest, why would you want to disable? As a standard they generally auto to have it enabled.

    The dashboard also shows up in a nice big warning that there's an STP violation and will tell you what port it's on.

    Chris

  6. #6

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,590
    Thank Post
    109
    Thanked 762 Times in 593 Posts
    Rep Power
    180

    Re: Stop looping effects caused by interconnection...

    hp procurve managed switches also have stp and are considered to be a more than suitable equivalent to cisco gear if you want to cut costs.

    stp is a simple on/off on these too.

  7. #7

    Join Date
    Jan 2007
    Posts
    66
    Thank Post
    2
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: Stop looping effects caused by interconnection...

    As above, STP is the key to what you want. Look at the HP ProCurve 2650. It has 2 uplink ports to daisy-chain switches, and both ports have the option of using either copper or fibre. The console is okay and will tell you what you want to know. And they come wih a lifetime warranty.

  8. #8

    john's Avatar
    Join Date
    Sep 2005
    Location
    London
    Posts
    10,517
    Thank Post
    1,494
    Thanked 1,050 Times in 919 Posts
    Rep Power
    302

    Re: Stop looping effects caused by interconnection...

    Netgears also have STP on them, the Smart Stacking Switches I use have it on.

  9. #9

    Join Date
    Feb 2007
    Posts
    12
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: Stop looping effects caused by interconnection...

    Hi again,

    To test this I got hold of a D-Link DGS-1216T managed gigabit switch which actually has STP built in. The STP was disabled by default, however when I enabled it, the config utility suggested the following default values:
    Bridge priority: 0-64k: 32768
    Bridge max age 6-40: 20
    Bridge hello time 1-10: 2
    Bridge forward delay 4-30: 15

    In addition each port has the following default settings (haven't touched these either):
    Path Cost: 10
    Priority: 128

    However with these default settings a loop link between two ports at one of the (unmanaged) classroom switches connected to this DGS1216T still gives me looping traffic clogging up my whole network.

    Can I alter the DGS1216T's STP settings to isolate the problem to not spread to other ports on this switch, OR won't this STP protection work when the loop is actually between ports at an unmanaged switch with its uplink port connected to the DGS1216T box with STP enabled...?

    Thanks for comments on this again ;-)

    best regards johnny

  10. #10

    m25man's Avatar
    Join Date
    Oct 2005
    Location
    Romford, Essex
    Posts
    1,624
    Thank Post
    49
    Thanked 451 Times in 334 Posts
    Rep Power
    137

    Re: Stop looping effects caused by interconnection...

    A standard packet is addressed explicitly from source to destination MAC address.
    By adding the STP information to each packet as it arrives fron client into switch the system can identify if a packet has already been seen passing thru said switch.
    If a packet arrives into a switch with an STP header indicating that it has indeed already passed thru the device the packet can be ignored.
    STP is by design intended to be used for OSPF routing and redundant loop operations.
    Many installations create loops between backbone switches on purpose to provide fail-over.
    The STP protects the loop, when a switch or a link fails the loop ensures that packets flow the long way round....

    Cheap switches simply do not have enough resources to handle this type of abuse and turning on STP on a cheap switch will only result in the switch cpu running at 100% tying to cope with the STP load.

    I guess what I am trying to say is that STP was not designed to handle locally induced loops on a single switch created by 14yr old cyber terrorists.
    In most cases STP has to be worked into a network design for a specific purpose.

    Turning STP on, on each and every switch on the network can help, but could add enough packet overhead to cause a noticable drop off in everyday performance on some badly configured or overtaxed networks.

    I would look into Broadcast Storm Control if your switch supports it, many have this feature built in and in addition use a program like NMAP or Ethereal to monitor your network in realtime.
    Remember that a broadcast packet will propogate to every switched port in a common subnet regardless of your STP settings and whilst any single node broadcasts, all your other traffic will be waiting it's turn to send!

    If you really want to isolate this behaviour only true sub-netting and vlan routing your switch segments will resolve the issue, using L3 design techniques.

    This way when a kid next loops out your wall sockets only the room connected to that switch dies (closely followed by the kid that did it!)

  11. #11

    Join Date
    Feb 2007
    Posts
    12
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: Stop looping effects caused by interconnection...

    Thanks Geoff,

    So a properly configured L3 switch using VLANs is the only way to go...?

    You mention BSC, but if this in your opinion isn't sufficient either, I'll go for a L3 solution.

    Does the L3 solution only require a L3 main distribution switch (to each of the non-administered classroom switches) or do we need to replace all the classroom switches to support VLANs too..?

    Does anyone here have any links to example config for such a scenario using a not too expensive L3 switch? (iow not with a top-of-the-line Cisco box)

    regards

    Johnny

  12. #12
    ICTNUT's Avatar
    Join Date
    Jul 2005
    Location
    Hereford
    Posts
    1,419
    Thank Post
    196
    Thanked 249 Times in 122 Posts
    Rep Power
    62

    Re: Stop looping effects caused by interconnection...

    If you want to remain with gigabiit connectivity we use NetGear GSM 7224 Layer 2 Managed switch in all our classrooms 24 ports @ 10/100/1000 and 4 SFP fibre ports on them too. Has Spnning Tree Protocol and Storm Control not a bad bit of kit for around £250 - £280 depending where you go.

    Our flat domain is configured into 3 VLANS right down to classroom level i.e. VLAN 1 Servers and backbone, VLAN2 Admin, VLAN3 Curriculum

  13. #13

    m25man's Avatar
    Join Date
    Oct 2005
    Location
    Romford, Essex
    Posts
    1,624
    Thank Post
    49
    Thanked 451 Times in 334 Posts
    Rep Power
    137

    Re: Stop looping effects caused by interconnection...

    Here is as good a place to start as any,

    http://www.cisco.com/univercd/cc/td/...h_c/xcvlan.htm

    There are 3 types of VLAN:- Port based, MAC based and Protocol based.

    ICTNUT's suggestion uses purely a simple port based VLAN using 802.1q tagging to propogate VLAN membership throughout the segment.

    This restricts broadcast and multicast to VLan members.

    In ICTNUTS design all VLAN1 servers see each other and I guess VLANs 2&3 whilst VLANs 2 & 3 do not see each other.

    This type of VLAN satisfies certain security requirements but a broadcast packet will still propogate to all ports that happen to belong to the same VLAN so a Broadcast Storm started in a classroom will still flood all of the Curriculum VLAN and Server VLAN ports.

    Which brings us back to L3 Routed Subnets.
    Much more complicated and probably way to overkill for most school lans but as you should by now understand probably the only way to safely quarantine unauthorised loops.

    I have not tried this but, I will when I have the chance, that's using port based authentication.
    By assigning a specific device either through MAC or Radius to a specific switch port the connecting equipment would need to be authenticated before the switch will pass any significant traffic for it.
    So if a kid tried to loop out two ports the connection would not be authenticated, therefore no traffic could pass.
    An interesting theory, maybe someone else here has tried it.

    Port based Auth or Radius mechanisms are used widely in secure environments to prevent casual plugin abuse. Uni Campuses, Police and Government Agencies use them extensively. I can't see why it wouldn't work - I will let you know.

  14. #14

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,658
    Thank Post
    858
    Thanked 646 Times in 429 Posts
    Rep Power
    498

    Re: Stop looping effects caused by interconnection...

    This is our problem - even though STP is enabled on the Cisco switches (if LEA are to be believed) a Broadcast Storm still affects all VLANs
    (we have at least 3 that I know about - Curric, Admin & VOiP - with poss an LEA Admin VLAN too). So if one kid loops a port in one classroom in one of the buildings, then the effect is that all Pupil PCs, Servers, Staff PCs and VOiP phones lose network comms

    We are still looking for an effective counter-measure for this - and on eof those would be the ability to manage the switches ourselves without going to the LEA for it

  15. #15

    Join Date
    Feb 2007
    Posts
    12
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: Stop looping effects caused by interconnection...

    Quote Originally Posted by Gatt
    We are still looking for an effective counter-measure for this - and on eof those would be the ability to manage the switches ourselves without going to the LEA for it
    Hmmm, does this mean that we currently have *no* reliable solution to avoid these situations?

    /johnny

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Movie Maker 2 effects missing
    By mark in forum Windows
    Replies: 5
    Last Post: 30th March 2010, 11:08 PM
  2. Replies: 0
    Last Post: 28th November 2007, 03:09 PM
  3. Looping Builds on HP machines
    By ndavies in forum Network and Classroom Management
    Replies: 5
    Last Post: 20th November 2007, 03:42 PM
  4. GPO effects on Vista
    By Gatt in forum Windows Vista
    Replies: 8
    Last Post: 6th June 2006, 11:50 PM
  5. Rebooting looping Win Xp Machines
    By nuttygeek in forum Windows
    Replies: 16
    Last Post: 8th February 2006, 07:30 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •