Bizarre connectivity problems on ProCurve switches

[icsamis]

I am having a very unusual issue with two ProCurve 4204 switches. Several, but not all of the devices connected to the switch appear to only be capable of one way communication over the network. Specifically, the machines affected can do or go anywhere on the LAN and even out the internet. However, these machines cannot be pinged, managed, rdp'd into, etc. Nor can files or unc paths be accessed.

Windows firewall is not at play here, as that service is disabled via group policy on the overwhelming majority of the internal computers here. Nor is there any other third party security software being utilized other than antivirus (which has been there forever basically) and windows defender (don't see a potential relationship).

I am inclined to believe the problem is related to the switch as I was able to rectify the problem in a couple, but not all, cases by moving the afflicted device to a different port on the opposite switch. This brought the connection back in some, but again, not all cases. I can say with confidence that is not a bad port as in the cases where moving the device to a new port did work, when the same device (or any other) is moved back to the original port it continues to function normally. That said, I have tried this procedure on other devices to no avail.

There is no intelligible pattern based on subnet, link speed, machine type, operating system, or even physical location either on the switch or in the office.

I really do not have any idea what could be going on here and some suggestions would be most helpful. Has anyone seen something like this happen before? Everything was working fine yesterday, I am at a loss for what could be causing this. I was considering rebooting the switches, but I don't know for certain that this will work.

Thank you in advance!

 

[SYQUEST]

That sounds like similar behavior I had recently with a 3Com switch, the 3C16475B, but worse. Power cycling did not really help in my case, and it involved an SFP on fiber for uplink. I ended up having 3Com send a replacement twice. Since I am not familiar with HP's switches, if it has any logging or monitor capability, you might check that for anything unusual. You might power cycle also. Can't hurt.

Sometimes I wonder about the firmware they are using on these things! In the case of 3Com's Baseline switches, I have found features that don't work, then 3Com discontinues the switch with no fix or update!

....JIM....

 

[helmethead]

Make sure the ports or what they are connecting to our not set to HALF DUPLEX. Also make sure you have auto-negaotiation set the same on both sides of the link, doesn't matter if it is enabled or disabled, as long as they match on each end. It seems like a port setting if your able to move it to another port and have it work, compare the port settings of a port that works verse one that doesn't and make sure they match.

 

[VinceWhirlwind]

Alternatively, set your ports to half-duplex and witness the resulting behaviour for yourself. You don't get one-way connectivity issues from duplex settings.

Let's analyse this:

"the machines affected can do or go anywhere on the LAN and even out the internet" means you have two-way connectivity.

"these machines cannot be pinged, managed, rdp'd into, etc" sounds exactly like a firewall issue, and not at all like anything a switch could be doing to you, unless you have multiple subnets and are confused about your routing.

If somebody came to me with this, I would take some convicing to even agree to look at it.

However this is where I would start:

Get the switch configs and an ipconfig /all from each PC.
Reproduce the problem.
Do a show arp on the "problem" PC switch.
Ping the "problem" PC from itself.
Ping the "problem" PC from the switch itself.
Ping the "problem" PC from a distant switch.
Ping the "problem" PC from a PC on the same/different switches.
Do a sh arp and arp -a on each of the pingers to confirm they are all getting the correct MAC address of the target PC, or no MAC at all.