How to handle the occurrence of a loop on a cisco Switch

Network Environment:

Two cisco 4006 switches are connected to each other through two fiber module 1/1-2, and then connected to other network devices or hosts.

Fault symptom:

The cpu usage of the cisco 4006 switch is too high, and the service is interrupted and cannot be normally performed. The switch log collection information is as follows:

2007 May 24 03:55:40 %SYS-4-P2_WARN: 1/Host 00:02:fd:06:d0:b0 is flapping between port 1/2 and port 1/1 2007 May 24 03:55:42 %SYS-4-P2_WARN: 1/Host 00:04:de:17:28:20 is flapping between port 1/2 and port 4/45 2007 May 24 03:55:44 %SYS-4-P2_WARN: 1/Host 00:00:0c:07:ac:01 is flapping between port 1/2 and port 4/47 2007 May 24 03:55:45 %SYS-4-P2_WARN: 1/Host 00:05:9a:20:78:20 is flapping between port 1/2 and port 4/47 2007 May 24 03:55:48 %SYS-4-P2_WARN: 1/Host 00:02:fd:06:d0:b0 is flapping between port 1/1 and port 1/2 2007 May 24 03:55:49 %SYS-4-P2_WARN: 1/Host 00:11:25:19:c3:c2 is flapping between port 1/2 and port 4/13 2007 May 24 03:55:53 %PAGP-5-PORTFROMSTPort 4/45 left bridge port 4/45 2007 May 24 03:55:54 %SYS-4-P2_WARN: 1/Host 00:06:29:ec:aa:f2 is flapping between port 1/2 and port 4/37 2007 May 24 03:55:54 %SYS-4-P2_WARN: 1/Host 00:10:5c:c5:6a:ca is flapping between port 1/1 and port 4/7 2007 May 24 03:55:54 %SYS-4-P2_WARN: 1/Host 00:09:6b:f5:0f:33 is flapping between port 1/1 and port 4/13 2007 May 24 03:55:54 %SYS-4-P2_WARN: 1/Host 00:10:5c:45:6a:ca is flapping between port 1/2 and port 1/1 2007 May 24 03:55:54 %SYS-4-P2_WARN: 1/Host 00:16:ec:7b:6c:b4 is flapping between port 1/1 and port 1/2 2007 May 24 03:55:55 %SYS-4-P2_WARN: 1/Host 00:10:5c:c5:6a:ca is flapping between port 1/1 and port 4/7

Cause analysis:

A loop occurs between two cisco 4006 switches, which invalidates the STP algorithm and causes a broadcast storm on the network.

Procedure:

1. First, two cisco4006 switches were restarted (in fact, two IBM minicomputers were connected to the network through HACMP for dual-host, because dual-host protection for shared resources, the shutdown command is issued to the standby machine. The correct method is to disable a switch or stop the hacmp of the standby machine before closing the two switches.) After the switch is started, the cpu usage decreases, the business can be normally carried out;

2. Next, check whether a loop exists in the network based on the port mentioned in the error message. After checking, there is a loop between two 4006 servers and there is no other loop. The check results of each command are normal. The commands used include: show spantree active, show trunk, show config, show vlan, show port, etc.

3. Use a port image to capture packets through the switch and check whether there are any suspicious arp packets or arp viruses that cause loops in the network. No results are found. The command used is set span. The tool used is sniffer.

4. Considering the cisco STP algorithm bug, I decided to make a change to the configuration between the two switches and make the two 1/1-2 fiber ports into a channel, then we are working on trunk, which not only ensures the connection redundancy between the two switches, but also eliminates the loop. The command used is:

set port channel 1/1-2 53 set port channel 1/1-2 mode on

After the two sides are completed, view the status through show portchannel, where 4006-2 is notconnect, and 4006-1 on the other is errdisable; execute the command: setport 1/1-2 enable on 4006-1; view the status through show port channel, the status on both sides is connected;

Set trunk on one of the vswitches:

set trunk 1/1-2 on 1

Use the show trunk command to check that the status is normal;

Use show spantree active to check whether it is normal:

4006-2> (enable) show spantree VLAN 1 Spanning tree enabled Spanning tree type ieee Designated Root 00-05-32-db-b0-00 Designated Root Priority 32768 Designated Root Cost 3 Designated Root Port 1/1-2 (agPort 13/1) Root Max Age 20 sec Hello Time 2 sec Forward Delay 15 sec Bridge ID MAC ADDR 00-05-32-db-b4-00 Bridge ID Priority 32768 Bridge Max Age 20 sec Hello Time 2 sec Forward Delay 15 sec Port Vlan Port-State Cost Prio Portfast Channel_id ------------------------ ---- ------------- --------- ---- -------- ---------- 1/1-2 1 forwarding 3 32 disabled 769

In this way, during STP computing, 1/1-2 will be considered as a port for computing, thus eliminating the loop.