Unsolved
This post is more than 5 years old
18 Posts
0
1008
April 29th, 2020 21:00
Ethernet connection dropouts
All.
We have been experiencing random dropouts between ethernet clients (dell laptops and desktops on Windows 10) and our switches (N2000 series on 6.5.4.4 firmware). Most times they reconnect, but sometimes they don't, requiring IT support to go and unplug the ethernet and then plug it back in. Sometimes clients do not connect at all first thing in the morning.
Each time we have logs similar to the following:
<189> Apr 30 10:46:22 swi-upad-01-1 TRAPMGR[trapTask]: traputil.c(721) 13009 %% NOTE Gi1/0/40 is transitioned from the Learning state to the Forwarding state in instance 0 <189> Apr 30 10:46:19 swi-upad-01-1 TRAPMGR[trapTask]: traputil.c(721) 13008 %% NOTE Gi1/0/40 is transitioned from the Forwarding state to the Blocking state in instance 0 <189> Apr 30 10:46:19 swi-upad-01-1 DOT1X[dot1xTask]: dot1x_radius.c(1594) 13007 %% NOTE Client D8:9E:F3:24:F7:C9 authenticated successfully using default port PVID on the port Gi1/0/40. <189> Apr 30 10:46:19 swi-upad-01-1 TRAPMGR[trapTask]: traputil.c(721) 13006 %% NOTE Gi1/0/40 status is authorized <190> Apr 30 10:46:19 swi-upad-01-1 RADIUS[radius_task]: radius.c(307) 13004 %% INFO RADIUS: Received an unsupported value (2) in the attribute:service-type(6). Supported values are 'Login', 'Admin' and 'Call Check'. Ignoring the unsupported value. Recommend changing the radius server settings with supported service-t ype. <190> Apr 30 10:46:19 swi-upad-01-1 RADIUS[radius_task]: radius.c(2313) 13003 %% INFO RADIUS: MS attribute type =26 <190> Apr 30 10:46:19 swi-upad-01-1 RADIUS[radius_task]: radius.c(2313) 13002 %% INFO RADIUS: MS attribute type =10 <190> Apr 30 10:46:19 swi-upad-01-1 RADIUS[radius_task]: radius.c(2313) 13001 %% INFO RADIUS: MS attribute type =15 <190> Apr 30 10:46:19 swi-upad-01-1 RADIUS[radius_task]: radius.c(2313) 13000 %% INFO RADIUS: MS attribute type =14 <189> Apr 30 10:46:19 swi-upad-01-1 TRAPMGR[trapTask]: traputil.c(721) 12999 %% NOTE Link Up: Gi1/0/40 <189> Apr 30 10:46:19 swi-upad-01-1 TRAPMGR[trapTask]: traputil.c(721) 12998 %% NOTE Gi1/0/40 status is Unauthorized <189> Apr 30 10:46:16 swi-upad-01-1 TRAPMGR[trapTask]: traputil.c(721) 12996 %% NOTE Gi1/0/40 is transitioned from the Forwarding state to the Blocking state in instance 0 <189> Apr 30 10:46:16 swi-upad-01-1 TRAPMGR[trapTask]: traputil.c(721) 12995 %% NOTE Link on Gi1/0/40 is failed <189> Apr 30 10:46:16 swi-upad-01-1 TRAPMGR[trapTask]: traputil.c(721) 12994 %% NOTE Link Down: Gi1/0/40 <189> Apr 30 10:46:16 swi-upad-01-1 TRAPMGR[trapTask]: traputil.c(721) 12993 %% NOTE Gi1/0/40 status is Unauthorized <189> Apr 30 10:46:16 swi-upad-01-1 TRAPMGR[trapTask]: traputil.c(721) 12991 %% NOTE Gi1/0/40 status is Unauthorized
As you can see, we have 802.1x set up, with pretty much default values. Reauth is not enabled. Radius is set to update every 5 minutes. Also STP is enabled (the default I think) with no customisations.
I have copied the interface statistics below:
Interface Name................................. Gi1/0/40 SOC Hardware Info.............................. BCM56340_A0 Link Status.................................... Up /None Keepalive Enabled.............................. FALSE Err-disable Cause.............................. None VLAN Membership Mode........................... Access Mode VLAN Membership................................ 140 MTU Size....................................... 1518 Port Mode [Duplex]............................. Full Port Speed..................................... 1000 Link Debounce Flaps............................ 0 Auto-Negotation Status......................... Auto Burned In MAC Address.......................... E4F0.0433.1CD2 L3 MAC Address................................. E4F0.0433.1CD5 Sample Load Interval........................... 300 Received Input Rate Bits/Sec................... 519856 Received Input Rate Packets/Sec................ 256 Transmitted Input Rate Bits/Sec................ 752640 Transmitted Input Rate Packets/Sec : .......... 277 Total frames received without errors........... 35153647 Unicast frames received........................ 35128268 Multicast frames received...................... 8729 Broadcast frames received...................... 16650 Total frames received with MAC errors.......... 0 Jabbers received............................... 0 Fragments/Undersize received................... 0 Alignment errors............................... 0 FCS errors..................................... 0 Overruns....................................... 0 Total received frames not forwarded............ 240 Total frames transmitted successfully.......... 39697339 Unicast frames transmitted..................... 37135924 Multicast frames transmitted................... 1828369 Broadcast frames transmitted................... 733046 Transmit frames discarded...................... 2924 Total transmit errors.......................... 0 Total transmit frames discarded................ 2924 Single collision frames........................ 0 Multiple collision frames...................... 0 Excessive collision frames..................... 0
Output of show dot1x interface gi1/0/40
Administrative Mode............... Enabled
Dynamic VLAN Creation Mode........ Disabled
VLAN Assignment Mode.............. Enabled
Monitor Mode...................... Disabled
Port Admin Mode Oper Mode Reauth Reauth
Control Period
--------- ------------------ ----------------------- -------- ----------
Gi1/0/40 auto Authorized FALSE 3600
User Name...................................... DOMAIN\UserName
Quiet Period................................... 60
Transmit Period................................ 30
Maximum Request-Identities..................... 2
Maximum Requests............................... 2
Max Users...................................... 64
VLAN Assigned.................................. 140
Supplicant Timeout............................. 30
Guest-vlan Timeout............................. 90
Server Timeout (secs).......................... 30
MAB mode (configured).......................... Disabled
MAB mode (operational)......................... Disabled
MAB Protocol................................... EAP
Authentication Server Dead action for Voice.... None
Authenticator PAE State........................ Authenticated
Backend Authentication State................... Idle
Thanks for reading, and please let me know if you want any more information. I appreciate any feedback.
Jacob
No Events found!
DELL-Josh Cr
Moderator
•
9.6K Posts
•
42.2K Points
0
April 30th, 2020 09:00
Hi,
Try increasing the timeout value for dot1x.
JacobDegeling
18 Posts
0
April 30th, 2020 23:00
Thanks for that, I will give it a try. I assume you mean the supplicant timeout?
Jacob
DELL-Josh Cr
Moderator
•
9.6K Posts
•
42.2K Points
0
May 1st, 2020 09:00
Right.