Hi guys
Looking for a bit of help here. Just as a quick note, I'm based in the UK and our customer is based in the US so I've got no physical access to anything and the tech on site isn't too clued up on networking.
So they've recently upped the bandwidth on their backup circuit, this is through Spectrum. The old router they had in place (no idea what this was) didn't have enough throughput so they sent a new one out. Since then we've had the WAN link on their switch stack constantly shutting itself down due to BPDU guard.
So the topology goes failover pair of ASAs > L2 vlan in core stack > Spectrum router
I found out that the tech also had some crappy home router doing wifi plugged into this link, and also a PC direct on to the internet. I figured that there was some loop between here and the stp packets were coming from elsewhere, so I had him go in over the weekend and pull everything out apart from the connection to the switch.
No dice, still seeing bpdu packets.
On a call today I've gone through the settings on the Spectrum router and everything is pretty basic there, don't think we were supposed to be able to access it but it has the wonderfully secure login credentials of admin/admin.
After looking everywhere I decided to do a packet capture on this PC he's got connected in directly, and lo and behold STP packets initiating from the Spectrum router.
I can't get the exact model of this Spectrum router remotely, but by searching the MAC I've found that it's a Sagemcom of some sort, and a bit of googling on these has shown that some of them do participate in spanning-tree (annoyingly labelled as a 'routing protocol')
I can't see any reason why it's doing this, I've stuck a workaround on the port telling it to use bpdufilter instead of bpduguard so everything's up, but I'm a bit annoyed that there isn't any way to turn this off.
We did have a call with a Spectrum tech but he was completely useless, he could just about tell us that the router was on and wouldn't put us through to anyone more qualified.
Next step is to email Spectrum account manager and see if we can get a different router, but not really much hope there as I think there's a good chance they'll just send out the same model.
Thanks
No comments:
Post a Comment