cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Who Me Too'd this topic

VIP Advocate

A lot of Mac ... moved from interface1 to interface2 messages

Hi

We have the following setup:

A catalyst6500 12.2(33)SXI6 with a FWSM 3.2(18) and an ASA5585 8.4.3(9) connected, plus the same a second time with HSRP on the catalyst and Active/Standby on both firewalls. 

The FWSM and ASA have both several Contextes configured, all in transparent mode. Each Context has a Bridge Group configured with two vlans, on the firewall called inside and outside.

Since we have some first Context on the new ASA we have some short outages of all network traffic a few times a day. After searching through the firewall logs, I discovered at exactly that time an Event 412001 with the mac address of the SVI of the Catalyst. This always takes 30 seconds on the ASA. First the mac is moved from outside (where it should be) to inside and then after 30 seconds back to outside.

After I've found that, I also checked the FWSM logs and actually also found this error. The only difference was that the FWSM takes under 1 second to move the mac twice. Thus the users and systems doesn't register this issue.

I'm open for ideas now. I've tried now to set the mac-address-table timeout to 720 minutes on the ASA, just to see if that helps.

Some other information:

- the SVI on the Cat exist only for the outside (it's HSRP IP is the clients primary gateway)

- the SVI is in this example 1140

- the outside on the ASA is bound to vlan 1140, the inside to vlan 140

- vlan 1140 is only known to the Catalyst in the rest of the network

Here an output of the catalyst:

6509R-1250#sh mac add | inc 0000.0c07.ac00  !!!!!!!output filtered for only vlan 140 and 1140, Po100 is the connection to ASA

   140  0000.0c07.ac00   dynamic  Yes          5   Po100

* 1140  0000.0c07.ac00    static  No           -   Router

Anybody any ideas?

I hope I didn't forget anything....

Thanks,

Patrick

Everyone's tags (3)
Who Me Too'd this topic