4 Replies Latest reply: May 24, 2011 1:22 AM by GERTA RSS

    Flapping between ports of a switch

    GERTA

      Hi,

       

      I have a problem with flapping mac addresses between ports of a switch. This Mac address is of an interface of 7200 Router-Backbone, which has subinterfaces in different Vlans. I dont understand why it gives flapping in a remote switch and it shows mac-address of the interface of the router.

      For example: The loggs at the remote switch:

      Host 0008.a4e9.e019 in vlan 179 is flapping between port Po1 and port Gi1/0/26

       

      This Mac 0008.a4e9.e019 is at the interface gig0/3.1 of the 7200-Router, and in this interface i have configured a subinterface Vlan 179.

       

      Might be the interface of router with problems???

       

       

      Thnx,

       

      Gerta

        • 1. Re: Flapping between ports of a switch
          Shahid Mushtaq

          Dear Gerta,

           

          I have seen the issue some days ago and investigated lot about it. The issue more likely is with the Switch side and not backbone side.

           

          In my scenario the Cisco 4006 (hmmm) is connected to Blade Servers Rack which contains over 50 Virtual machines. When I track the flapping address then came to know this belongs to one Virtual Host in Server Rack. However the rack was not having the problem as I discovered later.

           

          To investigate more I configure the Syslog on Cisco Switch which was giving me idea and history to help me that when and where is the problem. The logs indicated which port is common in each log and point me to the specific port. There was D-link switch conneted which was causing the problem.

           

          However the issue can be something elase as the lan card of any pc connected to that port. When lan card learns the MAC addresses on the network, it get mad and start saying the learned mac address belongs to me.

           

          The other things to look are invalid configuration of spanning tree, Etherchannel etc.

           

          I hope this would help you.

           

          Regards,

           

          Shahid (Bxperts)

          • 2. Re: Flapping between ports of a switch
            GERTA

            thanks a lot for your answer.

             

            I did track the mac-address according the logs, and one side ended up to the right router and the other side ended up at a zyxel switch. Maybe the problem is at this zyxel switch??? because the ethernetchannel is configured in a part of the path to the end zyxel switch.

            Anyway, if the problem is at the zyxel switch, what can i do to prevent the switch zyxel pretending this mac is mine??

            • 3. Re: Flapping between ports of a switch
              Shahid Mushtaq

              Gerta,

               

              You can enable the port security on Cisco Switch to limmit the number of mac-address. You can visit the switch location and see how many devices are connected or otherwise can get the list of mac address learned on that port from the Cisco Switch or you use a tool like from Solarwinds "Switch Port Mapper". They do provide a demo for few days. After getting the number of mac address enable the port security on the port that if the number of mac-address increased on the port then block the port for 5 minutes or so make it error disable until you enable it.

               

              This way the Cisco Switch will not get mac address flooding error and their will be no high CPU usage. This can be solution to make your life easir until you figure out more.

               

              Regards,

               

              Shahid

              • 4. Re: Flapping between ports of a switch
                GERTA

                I think the problem might be at port-channel that i have configured:

                 

                interface GigabitEthernet0/13

                port-type nni

                switchport trunk allowed vlan 1-55,57-4094

                switchport mode trunk

                channel-group 1 mode on

                no ip igmp snooping tcn flood

                 

                interface GigabitEthernet0/15

                port-type nni

                switchport trunk allowed vlan 1-55,57-4094

                switchport mode trunk

                channel-group 1 mode on

                no ip igmp snooping tcn flood

                 

                interface Port-channel1

                port-type nni

                switchport trunk allowed vlan 1-55,57-4094

                switchport mode trunk

                spanning-tree mst 0-15 cost 15000

                no ip igmp snooping tcn flood

                 

                port-channel load-balance dst-mac

                 

                 

                 

                Have i missed sth, or did it wrong?

                 

                gerta