Microsoft TermServer NLB unicast flood problem

Similar Messages

• Unicast Flooding on Nexus 5020 with ESXi 5 vMotion

  We recently began testing VMware ESXi 5.0 on our production network.  After observing some heavy discards (3-10 million at times) on the 10G uplinks FROM our core 6509s TO the Nexus 5Ks we began some investigation.  We started by capturing traffic on vPCs from the Nexus 5K to the 6509s.  We found a tremendous amount of unicast vMotion traffic transmitting from the 6509s to the Nexus 5Ks.  Unicast vMotion traffic should never touch the 6509s core switches since it is layer two traffic.  We found that our problem was two fold.  Problem number one was the fact that on the ESXi 5 test cluster we had vMotion and the management vm kernel nics in the same subnet.  This is a known issue in which ESXi replies back using the management virtual mac address instead of the vMotion virtual mac address.  Therefore the switch never learns the vMotion virtual mac address thus flooding all of the vMotion traffic.  We fixed problem number 1 by creating a new subnet for the vMotion vm kernel nics and we also created a new isolated vlan across the Nexus 5Ks that does not extend to the cores, modifying the vDistributed switch port group as necessary.  To verify that the vMotion traffic was no longer flooding we captured traffic locally on the N5K, not using SPAN but simply eves dropping on the vMotion VLAN as an access port.  The testing procedure involved watching the CAM table on the 5K, waiting for the vMotion mac addresses to age out then starting a vMotion from one host to another.  Doing this process we were able to consistently capture flooded vMotion traffic onto our spectator host doing the captures.  The difference from problem 1 was that the flooding did not include all of the vMotion conversation as before but when vMotioning 1-2 servers we saw anywhere from 10ms to 1 full second of flooding then it would stop.  The amount of flooding varied but greatly depended on whether the traffic traversed the vPC between the 5Ks or not.  We were able to make the flooding much worse by forcing the traffic across the vPC between the N5Ks.
  Has anyone else observed this behavior with N5Ks or VMware on another switching platform?
  We were able to eliminate the vMotion flooding by pinging both vMotion hosts before beginning the vMotion. It seems that if VMware would setup a ping to verify connectivity between the vMotion hosts before starting the vMotion it would eliminate the flooding.
  A brief description of the network..
  Two 6509 core switches with layer 2 down to two Nexus 5020 running NX-OS version 5.0(3)N2(2b) using 2232PP FEX for top-of-rack.  For testing purposes each ESXi host is dual-homed with one 10G link (CNA) to each N5K through the FEX.  VMware is using vDistributed switch with a test port-group defined for the ESXi 5 boxes.
  For curiosities sake we also observed packet captures from ESX 4.1 where we saw similar unicast flooding although it was near not as many packets as in ESXi 5.
  We have a case open with TAC and VMware to track down the issue but were curious if anyone else has observed similar behavior or had any thoughts.
  Thanks
  Cody

  Essentially the fix was to (a) turn off mac aging on the vmotion vlan on the 5K, (b) remove the L3 addressing from the vmotion vlan by not extending it to the 6K, and for good measure we (c) dedicated 2x10G ports per server just for multi-nic vmotion. These three measures did the trick.

• Sup7L-E unicast flooding:ARP refreshes but MAC doesnot

  I have two 4507 switches configured HSRP, 45-1 is the active gateway of vlan2. Last week we found vlan2 was sufferring unicast flooding which was explainded by case#8 at this link
  http://www.cisco.com/c/en/us/support/docs/ip/hot-standby-router-protocol-hsrp/10583-62.html?referring_site=smartnavRD#t8. Then I changed the mac aging-time to 4 hours as the link suggests.
  The problem seemed resolved. But after 20 hours, the problem reoccurred. I checked the ARP table and MAC table, the ARP entry of the IP address whitch caused the flooding updated 3 minutes ago. But there was no MAC entry for  the MAC address of this IP address!!! I pinged this IP address from 45-2 so the entry was established. After the weekend, I check the switches this morning, it reoccurred again.
  In my opinion, the MAC entry must update as soon as the ARP entry updates,  then how could this happened again and again after the MAC aging-time was changed the same with ARP timeout?
  Is there same case?Could anyone help?
  The engines are SUP7L-E and the IOS is cat4500e-universalk9.SPA.03.04.00.SG.151-2.SG. TAC found no bugs by now.

  I can't speak for other Cisco L3 devices at this point but the experience I am having shows that the ARP table entry is having the age reset to zero for every packet that passes through that MSFC destined for the host in question. When the table doesn't have an entry we can send a ping to that host from another host on a different VLAN. The MSFC will send an ARP request to which the destination host will reply. This will put an entry in the ARP table with an age of zero. It will also generally update the mac-address-table along the path we are concerned with. I can monitor the age of the ARP entry and before it ages out (4 hours by default) send another ping packet. At that point I can show the entry in the ARP table and it has reset the age back to zero.
  In an HSRP configuration, if the standby HSRP MSFC is the one receiving the packet that is destined for the host he will refresh his ARP table entry from the ARP reply sent from the host and send the packet on its merry way. However, when the host replies to the packet itself he will send that packet to the active HSRP MSFC on the other switch and not to the standby HSRP MSFC. If you continue with the ping packets then the ARP table entry on the standby HSRP MSFC continuously gets reset to zero but the mac-address-table entry will eventually age out because that switch is never seeing any return traffic from the host.
  I would agree with you that it should only reset with an ARP reply and I think that would be in accordance with RFC standards. That is not the behavior we are seeing however. We're continuing in the lab to test and observe to make sure we completely understand the behavior we are seeing but so far that seems to be the case.
  Thanks,
  Tyler

• Outlook 2016 getting crashed and throws an alert message as "microsoft outlook has encountered a problem and needs to close.

  Hi,
  Today i installed Microsoft Office 2016 preview for my Mac OS X 10.10 Yosemite. Word, Excel and Powerpoint applications are working without any problem. However, Outlook getting crashed and throws an alert message as "microsoft outlook has encountered a problem and needs to close.", it's happens always, when i launch outlook. please suggest me, how can i comet from this issue.
  Thanks in advance,
  Suresh Balakrishnan.

  Go to the Microsoft site for help. These forums are not offering support for MS products, especially not for beta products.

• How can I stop syncing error message: "Microsoft Word has encountered a problem and needs to close"

  On my Mac I am endlessly receiving this message: "Microsoft Word has encountered a problem and needs to close" it relates to the sync which between Calendars (iCal and Entourage) .
  The error messages were coming up every 5 SECONDS and were impossible to deal with. They stated there was a 'Blame Module' which wasEntourageCore
    I have been unable to find any idea how to resolve this.
  Please can anyone describe what they have done to sort this?
  I am using MS Office 2008.
  Turning off the sync between the two calendars was not the answer, as the messages continued. So I have temporarily disabled the sync between iCal/Entourage and my iPad.  This has prevented the error message, but obviously means I must enter diary dates manually on iPad which is the whole point of the sync!
    I haven't found a way to sync between iCal and iPad - this would be a possible work-round. But I'd be so grateful to know how to resolve the sync error.

  On my Mac I am endlessly receiving this message: "Microsoft Word has encountered a problem and needs to close" it relates to the sync which between Calendars (iCal and Entourage) .
  The error messages were coming up every 5 SECONDS and were impossible to deal with. They stated there was a 'Blame Module' which wasEntourageCore
    I have been unable to find any idea how to resolve this.
  Please can anyone describe what they have done to sort this?
  I am using MS Office 2008.
  Turning off the sync between the two calendars was not the answer, as the messages continued. So I have temporarily disabled the sync between iCal/Entourage and my iPad.  This has prevented the error message, but obviously means I must enter diary dates manually on iPad which is the whole point of the sync!
    I haven't found a way to sync between iCal and iPad - this would be a possible work-round. But I'd be so grateful to know how to resolve the sync error.

• Microsoft Excel has encountered a problem and needs to close

  I've been using Microsoft Office 2008 for a long time and just this week I'm getting the below message:
  "Microsoft Excel has encountered a problem and needs to close. Sorry for the inconvenience."
  I can't open it at all. Word works fine.
  I've deleted com.microsoft etc. in Preferences but the problem still persists.
  Any help would be greatly appreciated : )

  Than you for your help.
  Yes, it works fine when logged into another user account. That's a relief, although not for my Accounts department : )
  What do you suggest knowing that I've already tried deleting the preferences files
  Thanks

• Adobe Digital Ed 4.0 will not open -- gets a Microsoft error message "encountered a problem and needs to close"

  Does not open.
  Instead Microsoft error message "encounters a problem and needs to close".
  I have already tried the uninstall & reinstall "solution".
  What else can I do.  I have a paid for document I would like to read.
  Thanks.

  Hi ynotcookit
  Please make sure that antivirus has been disabled...
  Check the .net framework installed on the machine and update it, if required
  Also, Let us know the exact OS that you're using?
  Thanks,
  Mandeep

• "Microsoft Office has encountered a problem with licensing and will need to close. If this problem persists, uninstall and reinstall your product."

  Hi Guys!I am not it pro. but i need your HELP.Pls my microsoft Word and Excel starter were working fine, but after playing with my laptop, downloading , removing smth , i cannot open them proper anymore, cos this message comes up:
  “Microsoft Office has encountered a problem with licensing and will need to close. If this problem persists, uninstall and reinstall your product.”What can i do to make it work fine back? plssss need Help! thank u i n advance!!!!!!

  I faced similar challenge. Re-installation did not solve the problem due to unsuccessful un-installation of ‘Microsoft Click to run 2010’. The following steps worked for me. Please use your discretion to try and see if it works for you too..
  1 Uninstall Microsoft office Starter 2010. If
  ‘MS click to run 2010’ doesn't get uninstalled use  Microsoft fix it tool meant for installing and uninstalling programmes, to uninstall the same.       
  2 Download ‘Microsoft Office Starter 2010’ from internet.      
  3 Before launching, right click the executable file and click the 'properties'. Go to
  ‘compatability’ tab and choose appropriate 'compatibility mode' as per your OS. Tick the check box to use admin privilege under
  privilege level section.
  4 Launch the executable to install Microsoft Office Starter 2010 afresh. It should go through four steps during installation now. Complete the steps and enjoy. Thanks !

• Unicast Flood impact

  Hi All,
  I was interested in knowing the impact of unicast flooding in network. In a situation where the mac table entries timeout earlier than the arp cache entries and all traffic for those hosts are unicast flooded in that vlan, will this kind of unicast flood forwarding be handled by the ASIC or will it be punted to the CPU causing the CPU util to rise ?
  Thanks in Advance 
  Regards
  Umesh

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  I believe the blocking will also be done in hardware.  One possible hardware performance issue that flooding might cause, the switch has to replicate the packet to multiple ports.  Depending on the switch architecture, this might cause some issues.
  For example, the original 3560/3750 series has a 32 Mbps fabric.  Suppose a one gig ingress stream enters one of a 3560G's gig ports.  If the stream is replicated to all the other ports, at ingress, just that one stream might create more than 40 Gbps of egress traffic that needs to transit the fabric.

• ARP unicasts flooding vlan

  Hello,
  I hope I'm presenting this correctly and to the right group.  I have an unusual problem involving ARP.  Specifically, I'm seeing flooded throughout a VLAN in our network an ARP unicast (not broadcast), asking "Who has 10.25.2.74?" and "Tell 10.25.2.9", with both the source and destination mac addresses in the packets.  In other words, 10.25.2.9 is asking a question it already has the answer for:  10.25.2.74's mac address. 
  Noteworthy here is that 10.25.2.74 is a virtual IP address -- representing a couple of Exchange servers -- for which I have entered a routine static arp command on all routers, i.e. "arp n.n.n.n nnnn.nnnn.nnnn.nnnn ARPA".  Maybe this is a problem with the device sending out the unicasts (a Backup Exec server).  But I thought I'd ask if there is something on the Cisco side that I can configure to alleviate this.
  Thank you for any feedback.
  R. Pastor

  I was going to give a hopefully more informative reply after hearing from Symantec tech support, but they havent' figured it out yet.  In this situation, the problem is not a general one related to the clustered (Exchange) servers with the virtual mac, but instead is isololated to one server trying to reach the virtual IP.  After disabling services, etcon that 10.128.0.9 server, I could say it was a problem with Symantec BackUp exec.  Then, I disabled email alerts in that program and the problem abated.  The significant point is that their email alerts actually work OK.  So it's not like they're not getting to the SMTP server.  But after trying to reach the server once, and even after all backup jobs are completed, the backup Exec service keeps flooding the network with crippling "unicast" ARPS -- no one knows why.  In Symantec's defense, this may turn out to be a Microsoft problem -- for anyone trying to reach their SMTP servers over NLB's virtual NIC... ..... this is why I got into networking in the first place -- to get away from dealing with all application layer weirdness..
  I'll update you when I get an answer, or better resolution.  Thanks.
  Rick

• Microsoft word has encountered a problem and needs to close. We are sorry for the inconvenience

  After installing Mavericks, I get this same error box for each of the MS Office 2008 apps.  "Microsoft [word,excel/etc] has encountered a problem and needs to close. We are sorry for the inconvenience."   I've tried to open in a test user account and same thing happens.  Any ideas?  I don't really want to splurge for a new version.  Thanks.

  Have you installed all of the available updaters for Office 2008? In each of the apps use the Help ➙ Check for Updates menu option.
  Then be sure to run Disk Utility and repair disk permissions.

• Microsoft word notebook layout Saving Problems

  Hi
  I'm having problems with my microsoft word where in notebook layout it won't allow me to save when the ending is docx, which is the usual saving ending. It allows me to save publisher and normal blank word documents, however not the notebook layout. I'm using Snow Leopard and word 2011, have done the updates, and it's the update version of 14.2.3. When i took it to Apple they couldn't help me besides telling me that maybe i have a corrupted file on my laptop and that i should make a new user and transfer my files over. However, if there is a corrupted file then it would just go onto the new user and it also doesn't allow me to prevent it, if the saving problems happen again.
  Has anyone seen this or does anyone know how to fix this problem? Could it be a virus or a corrupted file? And if it's a corrupted file how do i find it to delete it?
  Thanks if anyone could help.

  http://answers.microsoft.com/en-us/mac/forum/macword

• N97 Flash Flood problem (white light in photo)

  The most annoying thing about N97 is that when you slide the camera cover every time it scratches the camera area and in short period it could result a permanent scratch which causes the part of the flash to enter into the camera causing a flash flooding in the picture taken.
  i also had the same problem and i solved it
  so i like to share it with everyone 
  please see the video here 

  I had the camera cover and GPS Antenna replaced on my N97 a year ago under warranty, it was a known issue and should be done free of charge !
  If I have helped at all, a click on the White Star is always appreciated :
  you can also help others by marking 'accept as solution' 

• Microsoft web site (safety scanner) problem but works in Safari

  When I go to the site "https://www.microsoft.com/security/scanner/en-us/default.aspx" with Either Firefox 18.0.8 ESR Or TOR version of Firefox it gos into a loop where I continually see the rotating icon. It never displays anything on the screen and always continues to show the rotating circle. But on the same workstation it works with Safari.

  Hello,
  '''Try Firefox Safe Mode''' to see if the problem goes away. Safe Mode is a troubleshooting mode, which disables most add-ons.
  ''(If you're not using it, switch to the Default theme.)''
  * On Windows you can open Firefox 4.0+ in Safe Mode by holding the '''Shift''' key when you open the Firefox desktop or Start menu shortcut.
  * On Mac you can open Firefox 4.0+ in Safe Mode by holding the '''option''' key while starting Firefox.
  * On Linux you can open Firefox 4.0+ in Safe Mode by quitting Firefox and then going to your Terminal and running: firefox -safe-mode (you may need to specify the Firefox installation path e.g. /usr/lib/firefox)
  * Or open the Help menu and click on the '''Restart with Add-ons Disabled...''' menu item while Firefox is running.
  [[Image:FirefoxSafeMode|width=520]]
  ''Once you get the pop-up, just select "'Start in Safe Mode"''
  [[Image:Safe Mode Fx 15 - Win]]
  '''''If the issue is not present in Firefox Safe Mode''''', your problem is probably caused by an extension, and you need to figure out which one. Please follow the [[Troubleshooting extensions and themes]] article for that.
  ''To exit the Firefox Safe Mode, just close Firefox and wait a few seconds before opening Firefox for normal use again.''
  ''When you figure out what's causing your issues, please let us know. It might help other users who have the same problem.''
  Thank you.

• EAP-TLS + CA MICROSOFT + ACS 3.2 APPLIANCE = Problem

  I have a Wireless Lan platform composed by equipment Access Points Cisco 1100 with ACS 3,1 and CA Microsoft.The security scheme is EAP-TLS (certificates).This architecture was completely functional. The problem took place when replacing the ACS 3,1 by the ACS 3,2 APPLIANCE, for which new certificates they were emitted by the CA of the infrastructure. The problem appears when a wireless client tries to connect to the wireless network,without obtaining the objective ,being in a state of "trying to authenticate" in networks adapters, in addition the ACS Logs appear the following message "NAS duplicated authentication attempt".
  If somebody knows the reason of this problem, can be contacted to my mail ([email protected]).

  A hint i could give you that in such a scenario you need an Trusted boundary between the ACS Appliance and the MS AD/PDC. This we be realized trough an PC/Host who is a regitered member or user of the AD/PDC. This relay Computer then communicates with the MS CA. The SW that Cisco Provides is the Cisco Secure ACS Agent. Hope this helps as we found the same problem in leap authentication as the ACS Appliance could not be set into a AD/PDC Domain. This has to be realized trough this smal piece of SW installed on an PC/Host etc. wich is a active AD/PDC Member.