Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Valery2021-04-19 09:16:11
Computer networks
Valery, 2021-04-19 09:16:11

Why do LAN freezes occur?

Hello! Input data:

  1. Building - 4 floors, 24 PCs, 8 cash desks ( KKT Atol 30f + Verifone VX520 )
  2. There is a Mikrotik RB4011iGS + 5HacQ2HnD router, VPN L2TP is up on it
  3. There are two D-Link DGS-1210-52 - switch communication throughout the building
  4. Three subnets 192.168.0.0/24 - telephony, 192.168.1.0/24 - PC, 192.168.2.0/24 - Video surveillance
  5. 8 "servers" of which: only 2 on server hardware, 2 ESXi with virtulka, 2 terminal servers (Win Server 2008 R2)
  6. PBX on FreePBX 15 virtual machine
  7. 2 GSM gateways: GoIP8 and 4


Now the question itself to connoisseurs:
From time to time, for no reason, the network starts to lag terribly:
  1. Acquiring starts to lag ( error Z3 ),
  2. Two terminal servers, then CCPs start to lag
  3. The network speed drops.

After 2-3 days, the problem disappears, and most often disappears until the next month or for 2-3 weeks.
The number of working PCs and employees is unchanged. The load is the same +/- 10%.
On monitoring of ports - the special tin is not revealed.

At the moment, VLANs have not yet been made because it is necessary to physically separate the subnets on the floors (there are unmanaged switches on the floors).

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

7 answer(s)
Report
K
kolossradosskiy, 2021-04-19
@kolossradosskiy

Without traffic analysis wireshark'om only guessing. I bet on red for a long line, some port starts to flood spontaneously and puts the network.

Report
D
Dimonchik, 2021-04-19
@dimonchik2013

Building - 4 floors, 24 PCs, 8 cash registers (KKT Atol 30f + Verifone VX520)
There is a Mikrotik RB4011iGS + 5HacQ2HnD router, VPN L2TP is raised on it
There are two D-Link DGS-1210-52 - they switch communications throughout the building
Three subnets 192.168. 0.0/24 - telephony, 192.168.1.0/24 - PC, 192.168.2.0/24 - Video surveillance
8 "servers" of which: only 2 on the server hardware, 2 ESXi with virtulka, 2 terminal servers (Win Server 2008 R2)
PBX on virtualka FreePBX 15
2 GSM gateways: GoIP8 and 4

it's all uninteresting
On monitoring of ports - the special tin is not revealed.

and this too, well, except that thanks for indicating the qualifications,
you start from here:
https://www.dlink.ru/ru/faq/59/257.html
https://wiki.merionet.ru/seti/4/vysokaya-zagruzka -...
the switches have a processor , this is very clearly visible on the switch with a cooling fan and the
qBittorent client on the host (it does not rest on disk-type restrictions)
ports) source, deal with the source

Report
T
Talyan, 2021-04-19
@flapflapjack

At the moment no VLANs have been made

Do it first.
I would do this:
Put all the vlans on my port (well, since you don’t have them, then why do you need a managed switch at all?)
I looked at suspicious traffic on my computer with tcpdump or wireshark. Usually someone is raging in one vlan, but since you have no division, everyone suffers.
I sin most of all on video surveillance.

Report
A
AntHTML, 2021-04-19
@anthtml

First of all, to VLANs, if possible, I would separate cash desks and video surveillance to different physical networks (switches), so that they would be united only by uplinks already on Mikrotik. Because These are systems that are critical to real-time and the simpler they are organized, the better. well, either to separate access vlans on one switch.
Then I would already look where the lags are in computer networks

Report
A
Alexey Cheremisin, 2021-04-19
@leahch

1) The faster you break it into VLANs, the easier it will be.
2) Immediately do dhcp-snooping to get rid of left ip addresses, left DHCP servers and other problems with left addressing.
3) block multicast or at least limit it.
4) install a normal DCHP server
5) Use arpwatch, arpalert or arpon to analyze ip-address spoofing
6) radically - set up 802.1x authorization

Report
O
Oleg Volkov, 2021-04-19
@voleg4u

Some switch is overheating.

Report
A
Alexey, 2021-04-20
@Protosuv

In practice, there was a problem "no Internet". This is how users see it. They called to figure it out, but before that people bought Mikrotik hEXs + CRS326 (before that they had a garland of unmanaged switches). So, after setting up all this economy, the first thing we did was split the network into 3 vlans, dividing departments and limiting speeds using Queues. The culprit quickly emerged - a D-Link DSL-500T forgotten in a closed room on which there was a DHCP server looking into one of the vlans.
Often helps in the search (if possible in your conditions) - turning off different network segments in order to understand where the source of the problem is. But usually it's very easy when all switches are manageable, when not - physically disconnecting the uplink to a certain subnet.
In general, colleagues have already painted everything above.

Similar questions
T
Timur Tuchkovenko2011-07-02 13:29:03
Accounting for non-computer equipment? 3Reply
G
Gennady Knyazkin2015-10-16 18:38:41
How to solve the problem with connecting to the Internet on Linux (Zyxel keenetic + megafon modem m150-2)? 2Reply
T
Tupic1232020-04-26 16:08:41
What for an error at a raising of the network interface? 1Reply
S
slik2011-07-23 15:32:33
Does the provider have the right to store and use personal data after termination of the contract? 4Reply
J
jajabin2020-04-26 18:58:38
How to share connections using iptables? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question