Ran into a problem that I think I have solved, but was interested in other opinions and to pass it along.
We have 2 dsl firewall/4port switches (netgear) - commodity firewalls. We were using these to create our DMZs.
We had one of the one of the ports in firewall1 connected to firewall2. We had 2 servers in firewall2 and a server (sql server) in firewall1 as well as another switch which had all our internal users on it. I also had switch 1 connected directly to Switch2.
This was working most of the time. But everyonce in awhile, something 4 or 5 times a day, I would lose connect to my Sql Server. Others would also lose connection.
I noticed that the Nic card in the Sql Server would lose its connection light. When I rebooted Firewall2, I would then be able to connect to my Sql Server. I realized that sometimes if I waited 4 or 5 minutes it would come back by itself.
I couldn't figure out why rebooting firewall2 would allow me to connect to my sql server (I was on firewall1 as was the Sql Server), until I realized that firewall1 was connected directly to firewall2.
Firewall 2 was causing firewall1 to go down (losing power) to the ports which caused the Sql Servers' Nic card to quit working.
I think what was happening was a spantree problem. It was getting into a loop and I believe the small switches do not have the spantree algorithm in them to break the loops.
I solved the problem by adding another switch and connecting firewall1 and firewall2 to this switch. I wasn't sure if this would introduce another spantree problem, but it apparently didn't as we have had no problem in about 3 weeks.
Just thought I would pass this along if others are connecting (daising chaining) these small switches together. They really are made for small companies or home use.
This will drive you crazy if you don't realize what is happening. This of course, is just a conjecture on my part but seems to have solved the problem.
Hi there tfs, nice to see you around again!
You might be right; I've played with small switches, routers and firewalls too that, on paper, claim to support all sorts of useful things. And when you put them in they do - sort of. But they have issues and sometimes do odd things when you really try to use the facilities in a serious way. If the extra switch you added was a decent one then it might have taken over as the root bridge and is doing things properly
Re: Spantree absent in small switches
12 years 2 weeks ago #15463