Skip to comments.*Vanity* Can I really bring down the entire network if I plug in a LAN switch? *Vanity*
Posted on 04/16/2013 1:42:32 PM PDT by dangerdoc
Question for network guys.
I needed another LAN connection, and there are no more installed at my site. I called the lan guy, they told me I needed to call out of state to the corporate headquarter to get an order and I can expect it in 6 weeks. I mentioned getting buying a switch and using it while we are waiting and he about had a cow. He said I could bring down the entire corporate network.
Is this even posible? If it is, what is to keep somebody from wandering around with a LAN switch and randomly bringing down networks at any unsecure LAN plug?
Unsecured access points are dangerous.
But I've seen your posts, and I don't think you are quite smart enough or cook enough for that kind of world ending havoc. :)
Oh hell yes man! Don’t do it,
And yes, a bad piece of network hardware can bring down a network.
You probably mean a hub, not a switch, but one never knows. The problem your network admin is probably worried about is creating a loop, which you could do by plugging a cable from one port into another. Its a concern with large switches. He’s just not happy about losing control of his topology. I don’t blame him. Once hubs are added, they rarely go away.
Not a network guy, but I’ve plugged in switches to two different corporate networks without any problems.
On the other hand, it sounds like you’ve been warned by your network guys not to do so. Is waiting 6 weeks worth your job? Or can you have management expedite it so you don’t have to wait 6 weeks.
If your branch office switch is configured with VLANs (used for network segment isolation and/or QoS) and/or does port aggregation, then introducing a plain vanilla el-cheapo switch or even an unconfigured managed switch could gank your local network.
Find out what the deal is first.
“Enterprise class” switches really can’t be mixed with “consumer class” switches (at least not without some configuration changes.)
Depending on how your network is designed, you may need to set up a switch with “trunking,” “Quality of Service,” and “virtual LANs.” It can be extremely complex.
While it’s unlikely to take down the entire network, it is possible, and quite possible to knock a branch of the network off. I have seen it happen on more than one occassion, but they were all with specific configurations.
And everything is at least 100MB/sec now. It's a brave new world.
Who sells hubs these days?
Probably Linksys, belkin, Dlink, and others. AFAIK hubs just lack the IP table and have fewer broadcasts.
Haha fewer = a lot more!
I hope you guys are right. It would be great if hubs no longer were being produced. I’ve been out of ops purchases for a few years, so it’s possible!
Installing a router on the network WILL bring the whole thing down if the router is giving DHCP IP leases. I mean, instant down with a difficult restoration.
I do NOT allow anyone in my environments to do any such thing. I actually found that someone had a cell phone app that handed out DHCP leases to guest networks that it was attached too as well. That took me hours to find.
Thread needs pic of kid with fork and electrical outlet.
Yes. Friend of mine did it to his place of work just a few weeks ago.
Why would a guy named “dangerdoc” be intimidated by a lowly IT person?
Don’t fear, I am going to wait for the installers. I just had no idea how fragile the networks were. Seems like a real problem if you have disgruntled workers.
I got that name because I kept ending up in the hospital after doing “fun” stuff. I may be dangerous, but only to myself.
That’s what I was thinking.
Long answer, it introduces an unmanaged security threat vector. I've also seen those @#%$#%@ little 5-port switches start jabbering and take down an edge switch. 48 people, all looking for my head. And since the 5-port is unmanaged, they're dammed hard to find.
IT really, really doesn't want to be a PITA (well, there's always one power-tripping idiot in every crowd, but setting that one aside....). We just want to keep the infrastructure up and working, and keep people from yelling at us, as much as possible.
Trouble is, when there's a problem, the overall user base doesn't want to hear "Well, dangerdoc plugged in a spare switch six months ago, and it just failed and took your network down, and it took us a couple of hours to find it because the guy dangerdoc talked to quit 4 weeks ago, so that's why you missed your bid on EBay...." They just know there's a problem and it's IT's responsibility to fix it. Right Now, Or Else. So, even though your request may be eminently reasonable, it's better to say "No", follow procedure, and head off potential long-term problems, than to adapt an "Anything goes" posture.
I won't even get into the discussion..."Well, DANGERDOC has one of these, so I want one, too!!!! Now! Or I'm telling your boss's boss's boss!! (who, in all likelihood, will say "yes" to the current PITA standing in front of him, just to make it go away so he can get back to thinking about important things, like golf. Besides, he doesn't need to fix stuff, that's what he pays people to do for him...)". I've dealt with toddlers that are more rational than some users.
/rant off. Hope that answered your question.
The second answer (greatwolf) is probably what you need.
See post 8, 18, and 20 for most probable cause but a defective hub will also do it. So short answer is “yes” it can take down a network.
What’s a LAN? I’m assuming from the conversation that the N stands for network, but...
I can offer one anecdote. I set up a network at work using Netgear 5 port hubs to connect about 6 pcs over 4 buildings to a cetral host with a work order database. The database kept dropping packets and having to be reclaimed from the previous day’s backup.
I finally replaced the Netgear switches with Cisco Small Buisness models and have not had an issue since.
But if you REALLY want fun, try defective wiring.
Didn’t Cisco buy Netgear? I dunno, I try to keep the “consumer” stuff out of my workplace as much as possible.
Go ahead. It is an old one I borrowed from a friend when I was in grade school. (A long time ago)
Local Area Network
Cisco bought Linksys...
They bought Linksys.
Then use a hub (/s)
What ya got to lose?
In my former job, this is the point where the sysadmins apply the LART.
We had some weasel hang a linux box off an open CAT5 connection and then started assigining random IP addresses to the thing.
First users’ prints spewed into oblivion. An hour later the helpdesk got dozens of calls because people couldn’t log in. Half an hour after that, thousands of web pages vanished. Sysadmins really hate finding random equipment attached to the network.
Lucky for you, your sysadmin was never a BOFH.
Hope this helps,
 If you have to ask...
You shouldn’t have access to the LAN infrastructure in the first place. If you plugged a lan switch into your local desktop port, it would either work or it wouldn’t, depending on if it’s MAC address/IP restricted.
Recently, I dealt with a user whose IT nickname was "Veruca" (if you've seen Willy Wonka, you know the character. If not, google is your friend....). I was removing an old server from the data center when I ran into her in the hall.
She asked, "What's that?". Inwardly wincing, I said "An old server, we're removing it and putting it in storage."
She said, "Well, is it more powerful than the desktop that I have? It's certainly BIGGER!" "I suppose so."
She said, "Well, I want it. If it's faster, I want it. And don't give me an argument like last time, or I'm going to Alan!" Alan is the CIO, he knows that we refer to her as "Veruca", and why. She's gone over my head so many times that I need a lifejacket to go into her office....
Fair enough. I set up the server in her office that evening after she left (she doesn't like us working on her stuff during the day because she does IMPORTANT things, and my time after 5:00 isn't important...), and emailed her asking to schedule a time to move all of her data over to the new equipment. I also turned the server on, and set the BIOS so that it couldn't be powered off, unless it was unplugged.
At this point, it should be noted that the server in question is about the size of a small file cabinet, and runs loud enough to make normal conversation difficult, if not impossible.
Strangely enough, she decided not to keep it. Took me a couple of days to get around to picking it up, though. :-)
Users like "Veruca" are the exception, not the norm. Thankfully. But they keep us from working with the people that we'd really like to see and help, like yourself. ;-)
Good luck with your IT guys!
Right next to the pressure cookers.
What you need is your own 4G wireless internet hotspot... that way you can run your own pirate WIFI network and bypass all that corporate network baloney. No reason to let your eBay’in be dependent on those IT jackboots. </big-grin>
The better the network the more likely it will cause a shutdown. The most likely result would be your port being turned off. It would be poor topological design to interconnect managed switches with unmanned switches. Depending on the level of security on your network it could trigger an attack alert that could cause a forced shutdown of your network. Just in case while most smoke from electronic failures tends to white in nature. This is not a good sign. Networks devices run on smoke and tiny mirrors and once the smoke is let out you can’t get it back in and the device fails.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.