Connection to Switch Drops Packets But Hub Works

There are a few possibilities, but I'm going to go with autonegotiation failure. The device is probably choosing half-duplex even though the switch is choosing full-duplex.

If the switches are configurable:

1) If they have an 'auto' setting, try that first.

2) DO NOT set the switches duplex (and especially do not set full- duplex) unless you can also set the devices the same! It is a serious mistake to hard-set the duplex on only one end of an Ethernet link (except in *very* limited circumstances).

3) If the switches have no 'auto' setting, either set them to 'half- duplex' or set both the switch and the device to 'full-duplex'. (Most likely, your device will choose half-duplex if it cannot negotiation.)

4) If possible, manually confirm that both ends have the same duplex setting.

DS

This was a good guess, but it didn't solve the problem. I can configure the ethernet adapter on the host computer as any of:

10BT Half 10BT Full 100BT Half 100BT Full Autosense

and I get more or less equally unreliable effects, packets getting dropped.

As soon as I connect the host to a hub the problem goes away.

I tried to use an aggregating tap to look at the traffic, but sure enough you connect the host to the aggregating tap and the problem goes away again.

So definitely it looks like some kind of compatibility issue between the adapter and the switch, but very strange that I cannot get it to work at any fixed configuration.

Please don't top-post. Quote & respond preserves context and facilitates editing to avoid excessive length.

In comp.dcom.lans.ethernet Will wrote in part:

Same cabling? A real hub? Must be old. 10 or 100?

Some old switches were only designed for input from hubs. Not that that _should_ make any difference. I would suggest a fried port, but I think you've tried two switches.

-- Robert

My own rule and tastes are to post inline when there are multiple points to respond to which each require a separate context to be established. When you are making a single reply to the entire thread, I don't see how it helps anyone to force them to read a very long thread that precedes the response unless they choose to do so.

In keeping with the above rule, this post keeps responses inline.

Same cabling.

Hub is a Netgear 8 port autosensing 10/100 hub. Nice little boxes for what you pay for them. It's maybe seven years old?

We tried two different adapters on the affected host with the same result on each. What is interesting is that the problem follows the specific host.

There are maybe 15 other computers on the same switches, and those don't appear to have this issue.

The computer is old, and the configuration on it is well worn (and we suspect possibly infected by Trojan), so probably it would be best to rebuild to newer hardware.

In comp.dcom.lans.ethernet Will wrote in part:

Not completely unreasonable, but such posts should usually be trimmed and then the relevant bits followed by the single comment. That way it's clear what you're responding to. Otherwise, the post risks being in the "me-too" category.

Most people will skip quoted material unless they are unfamiliar with the thread.

Wierder than wierd. Could there be a driver problem? Have you tried a different cable?

Trojans are _very_ bad. Many of them exploit network connections and may do things that confuse the OS's network stack. This could easily result in slowness. The extra hop in your "hub" might be enough time (100 us?) to improve OS handling.

-- Robert

While this may not be relevant to the specific problem you are having, please note that an "autosensing 10/100 hub" is not a "real hub" in the sense that I believe Robert Redelmeier meant. A 10/100 hub is TWO hubs, one a 10 Mb/s repeater, and the other a 100 Mb/s repeater, interconnected by a two-port bridge/switch. The autosense circuitry connects attached devices to the appropriate repeater based on the speed capability of the device.

-- Rich Seifert Networks and Communications Consulting 21885 Bear Creek Way (408) 395-5700 Los Gatos, CA 95033 (408) 228-0803 FAX

Send replies to: usenet at richseifert dot com

Then it's probably a bad port or bad cable. It could be a bad adapter too, though it's hard to imagine what adapter problem would cause this particular set of symptoms. Perhaps some component (probably on the Ethernet card) is just slightly out of tolerance and some hardware can take it and some can't, though it's hard to imagine how this would affect 10Mbps and 100Mbps equally.

You're in the "really weird" category. Good luck.

DS

Rich Seifert wrote: (snip)

I would have said one hub containing a 10Mb/s repeater, a 100Mb/s repeater, and a two port bridge. That is, hub being the physical device and repeater being the logical device.

-- glen

So given the lack of good physical explanations at this point, and especially given the fact that the affected host has the problem follow around to different network adapters with totally different network drivers, maybe a Trojan is a worthwhile consideration here. A rootkit virus that inspects and operates on each packet coming in or out introduces some latency, and it might be miswritten to drop a packet it should not be dropping. And it shouldn't surprise anyone that the kind of person who writes such antisocial code might not be very competent at the task, hence dropped packets in the right conditions.

The computer needed to be retired anyway, so that's its fate.