I have a strange problem that I have not been able to resolve, yet.
My scenario is very simple,
One MX100 and a Netgear switch with 2 VLANS (no routing on the switch), all traffic has to pass through the MX100
On the MX100 I have two subnets relating to the VLANS on the Netgear switch, lets say VLAN 100 and VLAN 200 for clarity
VLAN 100 uses port two on the MX100
VLAN 200 uses port three on the MX100
The problem I have when all is connected is constant packet loss, after every 10-15 pings I have a few dropped packets.
With only VLAN100 connected all is well, I can ping devices on VLAN100 and the Internet without a single packet being dropped, I can do the same for VLAN200.
But not when I connect both of them at the same time.
If I use a separate switch for VLAN200 instead of two VLANs on a single switch I have no dropped packets.
Can anybody tell me what's going on as I'm rather confused. 🙂
did you check the logging on your switch?
don't know your configs and port settings but from your story it sound something related to STP or loops. you could creating one trunk link(with all your vlans) between the switch and MX, that should work.
That's exactly what I was thinking. STP is enabled on all switches, no loops detected.
I like the idea of a trunk port, I hadn't considered that as there are plenty of spare ports on the MX, I currently have the ports on the MX and the Netgear switch configured as Un-trunked ports.
However changing the setup doesn't explain the Ping drops. :-(, I like to know why something doesn't work as it should.
I will try you suggestion.
I did see that article thanks.
Packet loss in my instance always occurs at the same time, I ping google DNS, I ping an Address on VLAN 100 and VLAN 200, When packets are being dropped it occurs at the same time for all three pings.
The strange thing is that if I connect my VLAN 200 to a separate switch with nothing else connected to that switch I don't loose a single packet.
Are you using a single port on the MX running in trunk mode to deliver both VLANs?
Is there a single connection between the MX and the switch?
Port two on the MX connects to one VLAN and port three connects to the other VLAN on a single switch.
The switch is in layer 2 mode with no routing between VLAN's.
In Scenario 1 I have packet loss, in Scenario 2 I don't
A bit of additional information; I currently have an old SonicWall in the same configuration with no packet loss.
Don't connect the MX to two different VLANs on the same switch vis access ports. You are likely to have spanning tree issues.
Create a single connection using a trunk port between the two and deliver both VLANs over that trunk port.
I will try a single Trunk next week.
I have not had a problem with my existing SonicWall firewall, can't see how this can be a STP issue with separated VLAN's unless the MX100 doesn't like being connected like this to the same switch.