cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Port STP change designated→disabled; Port status change old: 1Gfdx, new: down

Highlighted
Getting noticed

Re: Port STP change designated→disabled; Port status change old: 1Gfdx, new: down

I will listen in on this ..

 

We see these A LOT!! (like a zillion times a day) and I should be much mistaken if all the cables/plugs were faulty everywhere in the installation ..

 

Any news ?

 

(SW: MS 11.30)

Highlighted
A model citizen

Re: Port STP change designated→disabled; Port status change old: 1Gfdx, new: down

I have got the same issue on different LANs with MS225 switches with MS 11.30 software. But only on client-ports not on uplink ports. First I thought it´s an power saving issue on the clients. Apple Mac do have the most issues.

 

regards

Highlighted
Getting noticed

Re: Port STP change designated→disabled; Port status change old: 1Gfdx, new: down

Hi @redsector ..

I only have AP's connected to the ports doing this ..

No issues on uplink ports as well as You observe ..

Will be interesting to hear what the Engineers say ?

Highlighted
A model citizen

Re: Port STP change designated→disabled; Port status change old: 1Gfdx, new: down

Accesspoints from Cisco (classic) and Cisco Meraki (MR32, MR33, MR34, MR42, MR42E, MR52, MR45) are stable connected (trunk) to my Meraki network ports (software MS11.30). Also the uplink ports (to Cisco classic and to Merak) are stable.

Only clients (access) from Dell and Apple are having this issue.

Highlighted
Getting noticed

Re: Port STP change designated→disabled; Port status change old: 1Gfdx, new: down

This really sounds the same as the MAC flap issue on 11.x.

Or the MAC flap issue is the same as this.

 

If it's the MAC flap issue then the STP messages are just a byproduct of the port going down.  If this is a separate and distinct issue with the BPDUs as someone mentioned then the STP messages are relevant.

 

I can say that, when I went to 11.22 my Cisco IP phones were going offline like crazy.  I have Cisco 3905s and 8811s, also ATA-190s for analog bridge.

 

The MR34 and MR52 access points that I have were stable throughout the issues.

Highlighted
A model citizen

Re: Port STP change designated→disabled; Port status change old: 1Gfdx, new: down

No issues with Avaya IP-phones.

 

Highlighted
Conversationalist

Re: Port STP change designated→disabled; Port status change old: 1Gfdx, new: down

I had to call support by phone to get someone to move the case forward. The phone tech said that he noticed 97% cpu usage on my core switch. I wish they expose that info in the portal, all I can see as far as health for the switch is  a nice green "Healthy", meanwhile CPU is at 97% and ports are flapping in the logs. He thinks the CPU might be causing ports to go down and then generating the UDLD and STP alerts. He asked me to update to the latest (11.30) which I did this morning, but still see the same flapping in the logs, and I am waiting to a support tech to tell me what the CPU looks like now. He also cannot explain what he is seeing and thought it might be a performance bug (hence he asked me to upgrade). 

To clarify, in the logs the ports that are flapping are the 16 ports that connect 3 switches to my root switch and they are only alerting from the perspective of the other 3 switches, the root switch sees no issues with the his end of those 16 connections (its own 16 ports). There are another 8 ports that connect 2 of those switches to the secondary root switch, but those are disabled (correctly) by STP and are not seen flapping in the logs. These ports are aggregated what I usually see in the logs is that a few of the individual ports alarm about becoming unidirectional (alert by UDLD, no enforcement, means BPDU packets only going in one direction), and then back to bidirectional right away. Then I see STP cycle the entire aggregate port between root, alternate or disabled. This is constantly happening on the logs, but I only see a measurable outage when lots of UDLD alerts appear together.

Highlighted
Building a reputation

Re: Port STP change designated→disabled; Port status change old: 1Gfdx, new: down

^

I'd be interesting in seeing if that high CPU continues, and that does seem like it could cause the port flap issue.

 

I wish we could see that in the dashboard.

Highlighted
Conversationalist

Re: Port STP change designated→disabled; Port status change old: 1Gfdx, new: down

According to the tech CPU was still high so he disabled some DNS inspection:

 

"I did notice a spike in the CPU after the update as well. I have disabled DNS and MDNS inspection on the core switch " SW1A "since we had noticed an unusual amount of DNS traffic during the pcaps taken on the switch."

 

I am seeing less of the UDLD alerts, but the 3-4 alerts from the last few days have caused network blips and alerts to come out at the same time. I do still see a ton of STP alerts about it changing the aggregate ports that interconnect the 4 switches, something like 4-25 times per hour with no alerts about network issues. 

 

I also noticed that there is already a new version 11.31 thought it doesnt list this particular issue, here are the release notes:

 

Alerts

  • MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)
  • MS 11.31 is identical to MS 11.30 for all models EXCEPT the MS390

Additions

  • Support for MS125, MS355, and MS450 Series switches
  • Support for MS390 Series Switches
  • Support port bounce AVP for RADIUS CoA (Cisco:Avpair="subscriber:command=bounce-host-port")
  • Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)
  • Event logging for errors with ECMP routes
  • Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic
  • Improve stability during high inbound PIM Register load on MS350/355/410/425/450 series switches
  • STP BPDU inter-arrival monitoring
  • CoPP hardening for DNS, MDNS snooping on MS210/225/250/350/355/410/420/425/450 series switches

Bug fixes

  • MS390 switches do not support port mirroring

Known issues

  • MS390 series switches Max MTU is limited to 9198 bytes
  • MS390 series switches do not display stackport connectivity status in dashboard
  • MS390 series switches will not display packet details in the DHCP Servers page
  • MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages
  • Rebooting a single switch in an MS390 stack will reboot the entire stack
  • LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name
  • MS390 series switches will not display the advertising router ID for OSPF
  • MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface
  • MS390 series switches do not support the multicast routing livetool
  • Stacked MS390 series switches do not report traffic/client analytics correctly in all cases
  • MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy
  • Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function
  • MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)
  • MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS testing, RADIus Accounting Change of Authorization, QoS, Power Supply State, PoE power status/usage,
  • ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)
  • SM Sentry does not support Windows based clients (predates MS 10.x)
  • MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)
  • MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)
Building a reputation

Re: Port STP change designated→disabled; Port status change old: 1Gfdx, new: down

Have you updated to 11.31?  Have you noticed any change if so?

Highlighted
New here

Re: Port STP change designated→disabled; Port status change old: 1Gfdx, new: down

Any chance you have found a solution with Meraki yet? We seem to be having the same issue within our organization as well. Meraki Support is telling us we have bad cables, but we have already ruled that out as a possibility. 

 

Our next step is going to be replacing it with a regular Cisco switch and see if the problem persist. 

----------------------------------------------------------------

Feb 14 10:25:02 Port STP change
Port 14 designated→disabled
Feb 14 10:25:02 Port status change
port: 14, old: 1Gfdx, new: down
Feb 14 10:14:41 Port STP change
Port 8 disabled→designated
Feb 14 10:14:41 Port status change
port: 8, old: down, new: 1Gfdx
Feb 14 10:14:37 Port STP change
Port 8 designated→disabled
Feb 14 10:14:37 Port status change
port: 8, old: 1Gfdx, new: down
Feb 14 10:14:32 Port STP change
Port 8 disabled→designated
Feb 14 10:14:32 Port status change
port: 8, old: down, new: 1Gfdx
Feb 14 10:14:29 Port STP change
Port 8 designated→disabled
Feb 14 10:14:29 Port status change
port: 8, old: 100fdx, new: down
Feb 14 10:14:25 Port STP change
Port 8 disabled→designated
Feb 14 10:14:25 Port status change
port: 8, old: down, new: 100fdx
Highlighted
Conversationalist

Re: Port STP change designated→disabled; Port status change old: 1Gfdx, new: down

I did update to 11.31 this morning, but the STP flapping continues. Noticed this upgrade did not reboot the switches, and did not show a progress bar on the local GUI of each switch as it usually does. Also, nothing on the logs about the firmware upgrade. I really wish Meraki would make the logs more useful.

 

Meraki tech suggested the follwing

  • Disable bonded nics in our Cistrix xenservers. We had about 4 hosts with bonded nics (active-active) going to multiple switches. This causes a VM's mac to flap quickly between those nics when the host rebalances the traffic. It pins mac address hashes to each nix so that each VM is always on the same nic, but if traffic is too much on one nic, it rebalances all connections every 30 mins. I dont see why this would cause STP flapping since none of these VMs or hosts are talking STP and the ports that are STP-flapping are not any of these ports where the bonded nics were. But Citrix does warn that bonded nics should go to the same switch because some switches cannot tolerate the mac flapping during rebalancing and so I changed the bond type to active-passive, where only 1 nic is used, and I disabled the switch ports for all but 1 nic on each of those servers. The STP flapping continued, though I dont see anymore UDLD alerts (for the last 3 days).
  • Re-created the aggregate groups. The 4 switches I have are not stacked, they are connected to each other with 4-8 cables each which are aggregated. Those aggregate ports are what I see being flapped by STP currently about every hr or so. The tech wants me to de-aggregate the groups and aggregate them again. I have not tried this yet.
Highlighted
Getting noticed

Re: Port STP change designated→disabled; Port status change old: 1Gfdx, new: down

Hi @Matttt   -.-

 

We still see lots of these ..
And we also tried the new switch sw, but reverted, since it did no good in the matter.

 

It seems that uplinks/trunks and workstation links are affected and not selective 😉
All switch-types are affected.

 

It bursts 10-15 entries in the log in each occurance.

Highlighted
A model citizen

Re: Port STP change designated→disabled; Port status change old: 1Gfdx, new: down

We have got MS220 and MS225 switches with MS11.31 software. No uplinks are affected (to Cisco "classic" and Maraki). Only HP-inkjets, Apple computers and Dell notebooks with dockingstations are affected.

Highlighted
Getting noticed

Re: Port STP change designated→disabled; Port status change old: 1Gfdx, new: down

Agree..

Seems "workstations" only ..

Highlighted
Here to help

Re: Port STP change designated→disabled; Port status change old: 1Gfdx, new: down

Screen Shot 2020-02-18 at 8.36.00 AM.png

This is the response we received when I was having the issue back in the Summer.The issue eventually stopped without me making any changes to our network or the firmware. Seems to me they have yet to find the bug that's causing all the problems everyone is experiencing. 

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.