switch summit-x670 shutdown when I removed 3 ports from the default vlan tag 1


switch summit-x670 shutdown when I removed 3 ports from the default vlan tag 1. I had to do a hard reset to bring it back online. Does anyone know what could have happened?

31 replies

Userlevel 7
Hello Akin,

Were you connected via console or telnet? Is there anything in the logs around the time you lost connectivity?
Hi Patrick. Thank you for your time. I was connected via ssh.
I found many of this error in the log: Port=2: No associated STP port for STP Domain tag 0 (Rate-limited)
Userlevel 7
When you lost connectivity, did you try to console into it before rebooting? Our switches don't shut down unless the power is pulled. Were there indicator lights on the switch when you went to reset it?
Userlevel 7
Could you go into a little bit more detail about the "shutdown" state....
could it be that the ssh connection was running via that port and you only lost the mgmt link ?
Userlevel 7
This is a good theory. Rebooting the switch would of reverted it back to the state where the ports were still added into the default VLAN, therefore restoring connectivity.
the ports i removed from the Default vlan, say 1,2,3 are masters in different lacp sharing group. I did not just lose connection via ssh... all servers connected to the switch, including the distribution switch it is uplinked to also did because those ports are tagged in different vlan. What I mean by "shutdown" is that connections were lost to the entire switch as soon as i effected this change << "configure vlan "Default" delete ports 1,2,3 >>
And yes, I did reboot with the last saved config and everything is back to normal. However, these ports are also back in the "Default" vlan. I was going to console in first but realized the servers connected to it have to be up 24/7. Rebooting was the fastest approach at the time.
Userlevel 7
Is this a full extreme network? if so can you provide us with the following:

"show edp ports all"
"show sharing"
No, the network is not a full extreme network. But the switch is uplinked to an extreme switch, which is the distribution switch. I see no output with the "show edp ports all" command". Here is the out put from "show sharing". So in this case, for example, i removed port 1 from the "Default" vlan.

Userlevel 7
Is port 1 the path traffic would take to get to this switch?
No. traffic would take port 3 to get to the switch. ports 3 (master) and 4 are in one lacp group as well. So i did move port 3 from the "Default" vlan as I did port 1. Thank you for your time.
Userlevel 7
Can you provide us with a "show vlan"? and a "show port 3 info detail"?
Unfortunately I cannot post those information for security reasons. What would you like to know about port 3?
Userlevel 4
Akin wrote:

Unfortunately I cannot post those information for security reasons. What would you like to know about port 3?

You could probably fade or cut private information, because you want us to help you find bugs in your config. Or ele you should reach the guy who wrote the original config
Userlevel 6
Hi Akin,

Not sure if I understood correctly, but let's say you have the following:

LACP 1 - Ports 1, 5
LACP 2 - Ports 2, 6
LACP 3 - Ports 3, 4

And you have ports 1, 2 and 3 added to vlan "default".

If you do "configure vlan default delete ports 1,2,3", then all 6 ports will be removed from vlan "default". Also if those ports are used as uplinks to reach this switch, you will "isolate" the switch.

When you add/remove a LAG master port to/from a vlan, that action will happen to all ports in the LAG.
Henrique wrote:

Hi Akin,

Not sure if I understood correctly, but let's say you have the following:

LACP 1 - Ports 1, 5
LACP 2 - Ports 2, 6
LACP 3 - Ports 3, 4

And you have ports 1, 2 and 3 added to vlan "default".

If you do "configure vlan default delete ports 1,2,3", then all 6 ports will be removed from vlan "default". Also if those ports are used as uplinks to reach this switch, you will "isolate" the switch.

When you add/remove a LAG master port to/from a vlan, that action will happen to all ports in the LAG.

Hi Henrique, you are right with the scenario and I agree all six ports would be removed from the Default vlan. However, I do not understand why this change would affect traffic from other vlans on those links. I was connected to, say vlan 599 via ssh before I was shut out. Also, different servers in various vlans were disconnected as well. What is weird to me is that I have had to remove ports from Default vlan before with no issues, even LAG ports.
Henrique wrote:

Hi Akin,

Not sure if I understood correctly, but let's say you have the following:

LACP 1 - Ports 1, 5
LACP 2 - Ports 2, 6
LACP 3 - Ports 3, 4

And you have ports 1, 2 and 3 added to vlan "default".

If you do "configure vlan default delete ports 1,2,3", then all 6 ports will be removed from vlan "default". Also if those ports are used as uplinks to reach this switch, you will "isolate" the switch.

When you add/remove a LAG master port to/from a vlan, that action will happen to all ports in the LAG.

The Default vlan (tag 1) only has ports 1,2,3 added untagged.
Userlevel 7
The IP address you are using to gain access through SSH. What VLAN is that on?
Patrick Voss wrote:

The IP address you are using to gain access through SSH. What VLAN is that on?

I was connected to, say vlan 599 via ssh before I was shut out. Also, different servers in various vlans were disconnected as well. The Default vlan (tag 1) only has ports 1,2,3 added untagged. What is weird to me is that I have had to remove ports from Default vlan before with no issues, even LAG ports.
Userlevel 7
I believe there is something we are missing here. Without seeing the configuration and VLAN information it may be hard to come to a conclusion. I would recommend reaching out to GTAC where your issue can be investigated privately. If you do open a ticket please make sure you attach a "show tech" to it so it can be evaluated.
Userlevel 6
Akin if you can't share complete configs even a show vlan default would give this group more insight as to if anything was configured on the default vlan that would have caused this problem. Also another great command to use after a problem where the gear locks up is show debug system-dump which will display a error log file if indeed a software/hardware problem caused the system to lock up
EtherMAN wrote:

Akin if you can't share complete configs even a show vlan default would give this group more insight as to if anything was configured on the default vlan that would have caused this problem. Also another great command to use after a problem where the gear locks up is show debug system-dump which will display a error log file if indeed a software/hardware problem caused the system to lock up

Here is the "show vlan default" output



and the "show debug system-dump gave this "No core dump information found on Switch". Thank you for your time.
Userlevel 6
I agree with Patrick, this issue needs further investigation and a GTAC case would be the best option here.
Userlevel 6
Hello Akin, did you have a chance to open a GTAC case?

Reply