Finding an ethernet loop?

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
Hey Everyone,

  Wondering if anyone can tell me what methods they use to find a
Ethernet loop in a large network.  Recently the company that I work
for is having issues with users plugging both ends of the Ethernet
cables in the same switch creating a loop.  Is there an easy and quick
way to isolate and find this loop given a large corporate network?



Re: Finding an ethernet loop?
Jeff Lundstrom wrote:
Quoted text here. Click to load it

A large company would certainly use managed switches with STP enabled.

Re: Finding an ethernet loop?

Quoted text here. Click to load it

Enable STP so all ports send STP BPDUs, and on all except the interconnection
ports, enable the feature to immediately block the port when such a BPDU is
received.  When that happens, syslog messages should be generated giving you
the relevant port number.  When you see one of those, get out your approved
baseball bat equivalent, and visit that switch/port.

best regards

Re: Finding an ethernet loop?
Quoted text here. Click to load it

other posters mention spanning tree - i dont like network designs that
depend on spanning tree since it doesnt "fail soft", but using it to
minimise the effect of errors makes things much more stable in the long run.

You may need "port fast" turned on, so that the port start up delay doesnt
cause other issues, and running spanning tree on links between switches and
routers may degrade the convergence time in your network - you need to check
it doesnt break something important.

or turn on "port security" or equivalent on all end user device ports, and
limit the port to "x" MAC addresses.
(x = 1 for simple ports, 2 or 3 if you daisy chain IP phones). Dont bother
making the port lock to the 1st MAC.

Also limits the effect of rogue wireless access points, but not someone
adding a SOHO router.

this assumes users can only get at the cabling to desks and so on - if they
can plug into unused ports and alter cabling, then you have another issue.

it helps to actually lock wiring closets, use a ID carded access, and / or
set up a motion detect camera - it is amazing how the number of "no one
moved the cable" problems goes down when people think you might be able to
tell who did it.......
Quoted text here. Click to load it
Regards - replace xyz with ntl

Re: Finding an ethernet loop?
Quoted text here. Click to load it

Thanks everyone for this information!

Site Timeline