Major network outages at Xerox, after staff installed beta versions of Microsoft XP, have been linked to a well-known bug in Cisco's most widely deployed Lan switch.
As previously reported, Xerox has warned all its 50,000 US employees not to install Windows XP beta on company computers after the firm's networks suffered three network outages which were directly linked to use of the operating system. Any installed versions of XP was to be removed immediately, staff were advised in a company wide email.
Xerox said the problem was hardware-related but wouldn't say which of its suppliers was involved.
However emails from Register readers and sources in Redmond have revealed that Xerox's Windows XP installation almost certainly fell foul of a bug involving Cisco's Catalyst 5000 family of Lan switches.
Windows XP, unlike Windows 2000, leaves 802.1p/802.1q tagging enabled by default. This is an issue because CatOS software prior to 6.2.1 for the Catalyst 5000/5500 will forward 802.1x frames on all ports including spanning tree blocking ports, resulting in a layer 2 multicast storm.
The upshot of this is that a user can bring down an entire switch network by just connecting a Windows XP (Whistler) workstation to their network, if a 5000 series Lan switch is in place.
The issue does not arise in any other Cisco Lan switches (including Catalyst 2900XL, 3500XL, 2948G, 4000 or 6000 switches) because these devices will drop the frame when it arrives at a blocked port.
There are technical workarounds to the issue (including updating software on the Cisco switch), which are discussed in greater detail here. However this misses the wider point that Xerox experienced its network failure because of a rather obvious problem involving the next version of the world's most widely used operating system and the planet's most deployed Lan switch.
Is there any wonder why people get cynical about IT? ®