Tuesday, November 21, 2017

Firewall to switch LACP link issues - drops ping every 30 seconds

We have a FortiGate 100D connected to a pair of stacked Netgear M4300s via LACP. Two ports on the firewall -> Cat 6 cables -> one port in each Netgear.

I noticed "occasional" network hiccups and started troubleshooting.

I can ping the firewall IP (say 192.168.1.1) from the outside and lose no pings. I can ping the switch IP (say 192.168.1.2) from the inside and lose no pings. Pinging 192.168.1.2 from 192.168.168.1.1 (and the reverse) at 1 second intervals results in a ping timeout every 30 seconds.

A vendor has suggested starting further troubleshooting by changing cables, but I won't be able to do that until next week.

Ninja Edit: The LACP settings are the defaults on both devices. This didn't get noticed until it was in production, so I don't want to just start throwing settings at that... :End Ninja Edit

Any suggestions on where to start looking for the cause? From what I can tell it is exactly every 30 seconds which is leading me towards some sort of negotiation occurring at that interval.

Edit: I also see a pause in RDP sessions and other transfers every 30 seconds which coincides with dropped ping. This is where I first noticed the issue.



No comments:

Post a Comment