Spanning Tree and Routing gets killed by Desktop switch

Hello all,

I run a network where three different lan:s are used. Between the buildings at every site the traffic flows through tagged ports in layer-2 switches. (ASCII-art and switchmodels below) When traffic need to go somewhere outside that site a layer-3 switch routes it onto a carrier network kept separated from the three other vlan:s.

Enabled spanning-tree on all switches to kill off nasty loops.

So far so good.

Then some student connected a simple desktop-switch and made a loop within that little switch. Somehow the spanning tree did not work correctly in that situation. The entire student-vlan stopped dead. While searching for what was going on, the administration people started complaining too; They could reach the local servers, but remote servers and internet was unreachable.

Set up lab to study things a little closer.

Found out that when one of the vlan:s was looping, the other vlan:s worked within that site, but routing soon stopped in the layer-3 switch. The very second i disconnected the offending desktop-switch everything went back to normal again.

Any ideas how to stop this from happening and keep the routing going? The admin-network Must Always Be Reachable, so I dont like the idea that some lousy desktop-switch can wreak such havoc...

TIA

------------

layer-2 switches are D-Link DES-3526 layer-3 switches are D-Link DES-3326S, DGS-3324SR, DGS-3312SR

vlan-10: link-net that connect all sites togehter. vlan-110: students vlan-120: administration vlan-130: public hotspots etc.

(carrier network) | | vlan-10 | __|_________________ | | | switch-1 (layer 3) | |____________________| | | | tagged link with vlans-110,120,130 | ________________|___ | | | switch-2 (layer 2) | |____________________| | | | | | | | | 110 120 130 | | tagged link with vlans-110,120,130

Reply to
nntp chip
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.