Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
2054
Views
0
Helpful
0
Comments

Error message received "%MLS-4-MOVEOVERFLOW:Too many moves, stop MLS for 5 sec" in Catalyst 5000 series switches.

TCC_2
Level 10
Level 10

‎06-22-2009 05:08 PM - edited ‎03-01-2019 04:05 PM

Core issue

Spanning-Tree Protocol (STP) loop or misconfiguration causes a Catalyst 5000 to log %MLS-4-MOVEOVERFLOW:Too many moves messages.

Resolution

Messages similar to the following are output on a Catalyst 5000 switch:

05/13/1998,08:55:10:MLS-4:Too many moves, stop MLS for 5 sec!(20000000)

05/13/1998,08:55:15:MLS-4:Resume MLS after detecting too many moves

These syslog messages indicate that the switch is relearning one or more MAC addresses on multiple ports in rapid succession. For example, on an access switch with two uplinks to the core of the network, the switch might learn a given MAC address first on one uplink and then on the other very rapidly.

Move means a MAC/VLAN in the Content Addressable Memory (CAM ) table changes its port index. Usually, this is caused by the following :

  • Misconfiguration: For example, two packet streams to two different ports (on the same VLAN) carry the same MAC address. This causes the switch to learn the same MAC/VLAN from two different ports in turns.
  • STP loops: Loops where the same frame comes and goes between ports. The switch keeps learning the same MAC/VLAN from different ports.

Troubleshooting Steps

  1. Determine the correct source (port) of the host MAC address.

    Issue the show mls notification and show looktable commands to provide the port and mac address information. Sample command output is below.

    Cat5k> (enable) show mls notification

    1: (0004e8e6-000202ce) Noti Chg TA e8e6 OI 2ce (12/15) V1
    !--- Mod/port and VLAN.
    2: (0004e8e6-000202cd) Noti Chg TA e8e6 OI 2cd (12/14) V1

    In this example, ports 12/15 and 12/14, both in VLAN 1, have the same Table Address (TA) of e8e6. To find the MAC address associated with the table address, issue the show looktable e8e6 command. Sample command output is below.

    Cat5k> (enable) show looktable e8e6
      Table address: 0xe8e6, Hash: 0x1d1c, Page: 6
      Entry Data[3-0]: 0x000002cd 0x00800108 0x0008c790 0x215d0005, Entry Map[00]
      Router-Xtag QOS SwGrp3 Port-Index
      0 0 0x0 0x2cd
      Fab AgeByte C-Mask L-Mask Static SwSc HwSc EnSc AL Trap R-Mac
      0 0x01 0x0000 0x0000 0 0 0 0 0 0 0
      MacAge Pri-In Modify Notify IPX-Sw IPX-Hw IPX-En Valid SwGrp2 Parity2
      0 0 1 0 0 0 0 1 0x0 0
      Entry-Mac-Address FID SwGrp1 Parity1
      00-08-c7-90-21-5d 1 0x0 1

  2. Identify the device(s) with this MAC address.

  3. Disconnect the port that should not be sourcing the host MAC address.

  4. Document the STP topology on a per VLAN basis and check for STP failure.

  5. Verify port-channeling configuration. An incorrect port-channel configuration may result in the host MAC address flapping error messages due to the load-balancing nature of port-channeling.

  6. Disable portfast on all the ports connecting to devices other than a PC or IP  Phone to avoid bridging loops.
Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents