cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
507
Views
4
Helpful
3
Replies

No Ip accounting, nor mac address on 6500 Hybrid mode

djcastaldo
Level 1
Level 1

I have a 6500 running disk0:s72033-ipservicesk9_wan-mz.122-18.SXE2.bin - when I turn IP accounting on on any vlan or port, I get very little(like 1 packet in a week though they are very active Vlans or ports). Also, I've noticed that there is no mac associated with a connected port if its not in the correct Vlan(which becomes difficult for remote locations, when your doc is all messed up :) ). Anybody else have this issue? Are there other commands besides show IP accounting when I want to see conversations? Other commands besides show mac-address table for macs? thanks!

3 Replies 3

Bobby Thekkekandam
Cisco Employee
Cisco Employee

Hi,

The reason you are seeing so little traffic from show ip accounting is because the command only counts traffic being sent to the route processor to be routed when there is no hardware entry. Because the 6500 does L3 forwarding in hardware, you will not see much traffic with "show ip accounting"

The only suggestion i can offer for tracking ip flows and such, would be to use NDE.

More on NDE here:

http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a008007e6f0.html

As for the mac address issue, the switch should learn the mac address regardless of whether it is in the "correct" vlan or not unless you are using some form of MAC based authentication. Can you provide some more detail on this problem?

HTH,

Bobby

*Please rate helpful posts.

I have some netflow stuff already,but,I didn't want to have to log into somewhere else to look at conversations, especially while troubleshooting...

As for the mac addresses - I have 2 ports connected to the switch (for instance)

Gi8/43 connected 721 full 100 10/100/1000BaseT

Gi8/44 connected 721 a-full a-100 10/100/1000BaseT

Where you can see they are connected,

but, if you do a

show mac-address-table int g8/43

Legend: * - primary entry

age - seconds since last seen

n/a - not available

vlan mac address type learn age ports

------+----------------+--------+-----+----------+--------------------------

No entries present.

If I initiate traffic from this host I MAY see an arp, but, taking the port down/up doesnt do it - this is a remote switch - so if you don't know whats plugged in there, its kinda difficult to guess which server it is to generate traffic from.

Thanks!

Hi,

The main thing here is that MAC address learning requires receiving a frame from the connecting device where it will learn the MAC address from the src address field in the frame. If the switch does not receive any such frames, such as a DHCP request, for example, then the switch cannot learn the MAC address.

If the connecting device is a switch as you describe, the same thing applies. If it's a Cisco switch, then it should be sending out CDP frames (unless CDP is disabled), which will trigger MAC learning.

Can you confirm that the connecting device is indeed sending traffic to the port?

-Bobby

Review Cisco Networking for a $25 gift card