A USG5300 Interface Generates Error Bits

Issue Description
Before the cutover, the customer uses firewalls of another vendor, and intranet users can normally access the Internet then. After the cutover, the customer uses the USG5320. Then intranet users complain that the Internet access speed is low and even Web pages cannot be opened sometimes.
Alarm Information
Handling Process

1.          Perform a local loopback test. The test finds no packet loss or bit error. This indicates that the USG device is normal.

2.          Change the duplex mode and rate of the GE interface of the USG5300 for multiple times. When both the duplex mode and rate are negotiation, the interface state is automatically negotiated to 100M/FULL state.

3.          Run the reset counters interface command to clear the counts. Then view the Internet interface information of the USG5300. No error bit is generated, and the user Internet access speed becomes normal.

Root Cause

1.          Check the Internet interface configuration on the USG5300. The interface rate is 100M, and the duplex mode is negotiation. The configuration complies with the customer's requirements.

2.          Run the display interface command to view the interface statistic information, and find that the duplex mode changes to harf-duplex and that the interface generates a lot of error bits. Manually change the duplex mode to full-duplex. The number of error bits is still increasing. So, it is suspected that the USG5300 device is defective or that the fault is caused by a compatibility problem.

When a Huawei Symantec product connects to a product of a peer vendor, automatic negotiation succeeds sometimes, such as this case, and fails sometimes, for example, in a Shanghai project, A GE interface of a Huawei 9303 switch connects to a GE interface on a Cisco switch. Automatic negotiation fails in this case. The fault persists after the interface state is manually changed to 1000M/FULL on one or both ends. When the state of the GE interface on the Huawei switch is manually set to 100M/FULL and the GE interface on the Cisco switch uses automatic negotiation, the fault is rectified. The state of both interfaces is 100M/FULL. When you encounter such a problem, adjust the interface parameters for multiple times. If this still not work, connect a third-party device for link negotiation.