The only downside to spanning-tree is that while it is in discovery mode, the ports block. This amounts to about 30 seconds where no traffic will go through a port while it discovers loops and disables ports that would cause them. Again on Cisco switches, you can set portfast on ports that you KNOW will only have client computers to eliminate this blocking period. Those are the ports where you would also want to BDPUguard. ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Rob Moore Sent: Tuesday, April 01, 2008 3:21 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: OT: Diagnosing a network problem This particular switch was just a dime store desktop switch. But I guess you're talking about the switch it was plugged into, right? It's an HP. I will look at it to see if spanning tree is on or off. I'm not much of a switch guy. What are the implications of turning Spanning Tree on (assuming it is off)? Thanks, Rob From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Mayo, Bill Sent: Tuesday, April 01, 2008 2:01 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: OT: Diagnosing a network problem It sounds like he created a loop, but I am surprised that spanning-tree didn't kick in and solve the problem (after a minute or so, at least). I would make sure than spanning-tree has not been disabled on the switch. On Cisco switches at least, you can also turn on BDPUguard to prevent any switches from being connected to a port that you don't intend. When that is enabled on a port, it will listen for BDPUs, which are indicative of a switch (with spanning-tree) being attached. It will then shut down the switch port, preventing potential loops as well as sneaky end-users. Bill Mayo ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Rob Moore Sent: Tuesday, April 01, 2008 1:48 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] OT: Diagnosing a network problem Hello all- This morning I had a weird experience. Everything was going along normally, when suddenly network traffic came to crawl or stopped all together. I did some frantic work in the server room and localized the problem in some ways, but still couldn't figure out what was going on. Then I thought, "Well, the only thing I know that has changed in the last few minutes is that another IT guy added a switch down the hall." (We are in the middle of a building renovation and switches are occasionally being added or subtracted in various places to accommodate swing space while the construction is going on.) I went and checked the switch. Turns out amongst the cables that were coiled up ready for the swing space desks there was also an identical-looking patch cable coiled up with them. (Because this is temporary swing space, there is no patch panel.) When the guy plugged all the workstation cables into the temporary switch, he also plugged in both ends of the patch cable to the same switch. (As I said, the patch cable was coiled up with the other cables so it was not obvious that he had done something wrong.) Judging by the activity lights on the switch, this loop caused a lot of traffic to go out on the network. Anyway, that got me to thinking, what if someone did this with a little desktop switch and we didn't know about it? Is there a way to figure out what and where the problem is? Sorry for the off-topic post, but it is vaguely related (network stuff). And this group is never shy about giving out opinions! Meanwhile, I've been telling folks the outage was just my idea of a good April Fool's Day joke. J Thanks, Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Rob Moore Network Manager 215-241-7870 Help Desk: 800-500-AFSC