Periodically the internet is unreachable on my network, sometimes for 30+ minutes. After testing a direct connection to our modem, I realized this was not a problem with our ISP but the network itself.
What I've tried:
- I can ping the firewall.
- Restarting the firewall fixes the connection.
- Disconnecting the firewall from the switch fixes the connection.
- When I connect my computer directly to the firewall, I still cannot get out, but when I disconnect the firewall from the switch, I don't have any problems.
What should my next steps be for troubleshooting this? I know how to use Wireshark, but I'm a bit of a noob and don't know what to look for. I did notice while the internet was working that one of my switches was putting out a lot of ARP requests compared to the others, asking for the same IPs over and over. I'm not sure if this is normal or not, though. Also, the switch keeps sending Spanning Tree packets that say "Topology Change Notification" in Wireshark.
Reading a few similar questions on SO it sounds like I might have a loop somewhere in the network causing all the ARP requests. I'm not sure why it would be just the one switch sending them out so much, though, stead of all three on our network. I don't see any obvious looping in our setup, but I'm not sure how to rule this out, either.
Update
Network diagram:
Modem — Firewall — Switch — (multiple connections to other computers and switches on the network)
Best Answer
I ended up changing the network topology by connecting the firewall to a different switch. The odd ARP traffic has stopped, and we haven't had any internet outages for the last 48 hours. I'm not sure why, but hopefully that fixed it!