Results 1 to 2 of 2
  1. #1
    Join Date
    May 2009
    Location
    SC
    Posts
    2,185
    Post Likes

    PSA; Cisco SDA and DNA default settings break broadcasts and BACnet discovery

    This was posted to an internal user group but could potentially impact many of us;

    Quote Originally Posted by Josh Leonhart, Control Service Co.
    Here's what I've got that I shared with our group:

    Affected Cisco switches: (so far…)
    3850
    3650
    93xx
    94xx

    Based on testing, “Multicast support” has to be enabled in their setup for our ports/equipment, which is not on by default. This also requires something called “L2 flooding”. There are issues with this feature until the follow firmware revision:
    Fabric controllers: 1.3 (Which runs 16.11.1c on border controller switches)

    The above probably makes no sense. It doesn’t to me either. I’m providing the information hoping it will make sense to the networking teams you may encounter. But the important takeaway is if a customer is using the above mentioned Cisco Catalyst switches (the new “SD-access” setup), they’ll need to move to this firmware/code (16.11.1c) or later in order for our equipment to work, then enable multicast support.

    Potential side effects you may see if this is NOT in place:
    • Network points not passing between LGRs/G5s (OA, runfor, requests, ect) even with routers on the same network subnet
    • LGR/G5 dropping offline and not coming after power cycle or download


    Cisco updates aren’t a single linear progression like Windows or our module drivers. Customers choose a level of how close to the newest they’re willing to tolerate. Something like Stable / Release Candidate / Beta kinda thing, but serious fixes are merged into older stuff also. Therefor, it may be some time before this fix makes it into the mainstream stuff our customers may be seeing or more importantly implementing.
    To me it seems like the "L2 flooding" being disabled by default is definitely a contributing factor.

    https://community.cisco.com/t5/netwo...g/ta-p/3943916
    Cisco SD-Access fabric provides many optimizations to improve unicast traffic flow, and to reduce the unnecessary flooding of data such as broadcasts. But, for some traffic and applications, it may be desirable to enable broadcast forwarding within the fabric. By default, this is disabled in the Cisco SD-Access architecture. If broadcast, Link local multicast and Arp flooding is required, it must be specifically enabled on a per-subnet basis using Layer 2 flooding feature.
    This feature being off by default sounds like it will break a bunch of things. I know on one such network the IT guy commented camera discovery didn't work either.

  2. Likes crab master liked this post.
  3. #2
    Join Date
    Sep 2007
    Location
    Kenilworth NJ
    Posts
    1,905
    Post Likes
    Thanks MaxBurn.
    This is the sort of thing one promptly forgets until one is 90 minutes in the head vs wall exercise and then it suddenly comes back to you... I think I read something about Cisco switches....
    Very helpful.
    Hmmmm....smells like numbatwo to me.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Contracting Business
HPAC Engineering
EC&M
CONTRACTOR