GS1350 Loop Guard, hyper-sensitive/overdramatic?

JWSC

Hey all,

I have 2 GS1350's on my network. My network consists of approximately 20 Aruba switches, and 15 switches from other brands. I am not using STP or Broadcast storm limiting on any devices. I am not seeing any evidence of excessive broadcasts or high collisions on any of these switches.

However, with the GS1350, if I enable LoopGuard, it disables the port that is connected to my LAN.

The question is, is the being GS1350 overdramatic, or is it trying to tell me something that others aren't seeing?

Other than turning off Loop Guard (I'd like to use it), what is my next step?

Zyxel_Melen

Hi @JWSC,

The loop guard function on GS1350 uses probe packets to detect if the downlink occurs in a loop. Once GS1350 receives any probe packets it sent before, it detects there occurs a loop, so it will shut down the port with the err-disable state.

Therefore, please help check which port is under the err-disable state and the topology under that port.

JWSC

Good afternoon. I have triple checked our system and there is no loop. We have a few Zyxel switches now, all exhibiting similar behavior. I have tested a new switch by moving it another (away from where Loop Detection triggered) switch - and restricting VLANs to ensure it's not a VLAN sourced "loop". Loop Detection is not triggering presently, but we are seeing excessive broadcast packets within each Zyxel switch.

I am showing 10x the amount of broadcast packets on the switch itself, but not the upstream switch.

Example:
GS1915-8 → Aruba Switch (3 devices + connection to core switches)

Aruba device:

Another Zyxel switch:

Aruba it's connected to:

Based on these reports, it appears the Zyxel is generating it's own excessive broadcast traffic - which would have triggered (in a worst-case scenario) enough to flip the LoopGuard.

Zyxel_Melen

Hi @JWSC,

Thanks for sharing. Could you share what the tool is and how you test it?

JWSC

We are using Auvik, a well respected Network Management tool. Can you expand on your question for, 'how you test it'?

Zyxel_Melen

Hi @JWSC,

Apologize for the confusion. I thought the result was generated from a test tool.

I did a local lab with Auvik tool and my topology is Laptop - GS1915 - GS1350 - ATP800.

Below are the results from GS1915 (enabled loop guard) and GS1350 which show that the average broadcast packet is around 400 ~ 600 pkt/s.

And the Zyxel switch sends the loop guard probe packet every 2 seconds, so it might not cause the high average broadcast packet rate. In addition, the probe packet is using "LOOP" protocol.

To make sure the Zyxel switch sends many broadcast packets or not, can you help to isolate the Zyxel switch and connect with a PC to use wireshark to collect the broadcast packets? Please filter with "eth.dst == ff:ff:ff:ff:ff:ff && eth.src == <Zyxel switch's MAC address>" to check how many broadcast packets come from the Zyxel switch.

Then connect the switch back to your network and have the same check. If the number of broadcast packets does not match the report, you might need to check the definition of the average broadcast packet rate with Auvik engineer.

Zyxel_Melen

In addition, the graph still shows hundreds of broadcast packets due to the Auvik management tool. It was installed on my laptop and will send the Arp packets frequently to scan the devices.

Zyxel_Melen

Hi @JWSC,

Thanks for bringing this to our attention. After further thorough investigation, please allow me to correct my previous answer:

We confirmed that our switch is not sending out a lot of broadcast packets and it's traffic forwarding is functioning properly. However, there was a display issue on the packet counter to cause Auvik to get inaccurate values, and lead to misinterpretation. We have fixed the issue and will provide the solution in the next official firmware.

Thanks again for your input and sorry for any previous misunderstanding.