New WS-8-150-AC - Does not Set MAC table correctly

[rdsoutar]

First I've seen the issues reported with release 1.5.5 and I think this issue could also be related. I have not seen it mentioned so I want to make sure it's being looked at.

I assume if I look at the MAC Table port by port that it should be listing those MACs "attached" to that port. That is necessary for a switch to work properly as far as I know.

I was having tons of problems with devices not responding and even full subnets unavailable. I tried the update to 1.5.6, but that did not change this issue.
When I looked at the MAC table using the utility (Which is great to have) I saw that it was all mixed up. I have specific subnets connected to certain ports, so I know which MAC's and associated IP addresses should be on each port. Some were right, and some were wrong. Rebooting does not correct.
It seems to be building it wrong from the start.

I don't think its due to a memory leak since it looks built that way.
My guess is that the table is being built from all traffic seen on a port, not just traffic entering the port from "outside".
Internal traffic belongs to a different port so should not be added as it exits the port. If that was being counted it would explain what I was seeing.

The particular network has trafic between ports not just going to the internet. But thats the beauty of a switch, traffic can rout direct - if the MAC list is correct.

As it is the behavior of the switch was bizarre and I kept thinking there was something wrong with the router or the sectors, etc. Ends up all the problems where with a brand new switch.

I had to remove the switch so it will be difficult to duplicate the issue. I had major Oil Company clients screaming so I can't just plug it back in.
There were probably 150 devices connected through 3 sectors and 2 Pt to Pt hops and over half were unreachable.

This seems like a major design error to me.
Thanks,
Rich

[Dave]

Stephen will look at this....and get back to you.;

[Stephen]

Hello rdsoutar, could you give me a bit more specific data about the network topology?

I attempted to see if I could find any error's in the MAC table by creating 4 VLANs, 1 for management on port 1 the other 3 each with 3 devices talking to eachother in a round robin ping I scripted, VLANS were:

1: port 1 (management)
10: ports: [2-4, untagged]
12: ports [5-7, untagged]
24: ports [8-10: untagged]

networks addresses for the devices in their respecitve VLANS:
192.168.10.2->192.168.10.4
192.168.12.2->192.168.12.4
192.168.24.2->192.168.24.4

(omitting the management device because it was only used to analyze the switch)

The table I saw conformed to what I would have expected.
Obviously your network is more complex, but if there is a fundamental problem I would expect to see if even on a smaller network.

My guess is that the table is being built from all traffic seen on a port, not just traffic entering the port from "outside".

From what I observed, only ingress traffic was considered and only the src mac address was being used on the ports. If both ingress and egress traffic was being used to add mac address's to the table. I should have seen the mac table continuously moving devices around different ports.

I know you can't recreate it due to constraints for your clients, but could you provide a suggestion of what configuration I might do locally that may help expose this potential issue?

[rdsoutar]

Stephen,
It is a bit more complicated.

What I have is a tower with 3 sectors and 3 Pt to Pts.

There is a router with the Backhaul P2P connected to port 1, and a local connection to the tower owner on port 2, the switch was on port 3 with the 3 sectors and 2 P2P connected to the switch.

There are no VLANs defined on the switch.
Each Sector has a /24 defined on it for equipment. So I know which port these IP's are on for sure.
There was one DHCP /24 service defined for customers. These could be on any sector but not the P2P connections.
Each Sector has 8-12 customer antennas plus a router per customer connected with DHCP.

There is also some Static Public IP's defined. A few customer use a static instead of DHCP on the sectors.
The P2P connects are to 2 large Oil company sites. They have a few Static Public 's defined.
They also have a private static/24 network defined to connect equipment. It was originally split into 3 subnets, one per sector so we have some idea of which port this should be on. One of these subnets was also used with the 2 P2P connections since I originally had a Toughswitch connecting 1 sector and the 2 P2p connections.

All of these IP ranges were on the one router port which connected to the switch.

The MACs/IPs which were mostly confused were the Private ranges. What is significant here is that there is one IP which is a server that all the others talk to . So they are polling for data from a centralized master. This traffic can go right between the ports of the switch without having to be routed. This is what a switch is supposed to be able to do, right?

Many of these devices were unreachable. For the most part, typical customers who just were accessing the internet, go through the router, and they seemed to be on the correct port. It just seemed like the traffic between ports on the switch ended up with MAC addresses assigned to the wrong ports.

I wished I had taken a picture of the table. I know it will be hard to duplicate!

BTW - I put the Toughswitch back in and everything cleared up.

I would look at the logic used to build the MAC Table. There has to be an error in there.
Does this clarify or confuse you more?
Thanks!

[mike99]

This really need a schema and the config of the netonix. The're probably something wrong in the setup but it's hard to help with so few informations.

It's easy to say the problem is a device bug because it didn't behavior as you expected but you must also take into account that the're ten of thousand, if not hundred of thousands, of Netonix running without any MAC table issues and since MAC table is at the core of the swtich, it's not the kind of bugs to go unnoticed.

[rdsoutar]

I understand its tough to reproduce, but how can my config influence how the Router builds a mac table?
I have sets of devices connected to ports.

There are no routers connected to the ports with problems.

I replace the switch with a different one that then works.

So yes I understand that the MAC table is at the definition of how the switch works.
Our first ever Netonix switch has this problem.

Makes us question how these can work for people.

Is it possible for me to exchange the switch for one in a different batch not originally loaded with 1.5.5?
Like an older one?

Thanks

[Stephen]

It would probably be easier to just load the older firmware's yourself if you want.

Check here to find older ones:
firmware/archive/

I wouldn't recommend going below 1.5.3

The information you provided is enough for me to make a mock network to try and emulate parts of this.
But I have not had any success reproducing it so far.