Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
625
Views
0
Helpful
5
Replies

Need help on mac address flapping

kiran_8095
Level 1
Level 1

‎07-30-2013 06:12 AM - edited ‎03-04-2019 08:36 PM

Hi All,

We have strange situations with users connecting devices having same MAC address to the switch port, basically the end device don't have any burned-in Mac address & the users assign same MAC address before connecting to the network.  This results in L2 Loop & the switch CPU goes high (99 %). I want to know if we can configure the switch, so that the port disables if same MAC address is learned from multiple ports. Network setup is as below

(4503) --> access switches (2960).

Regards,

Kiran                 

Labels:
0 Helpful
5 Replies 5

Leo Laohoo
Hall of Fame
Hall of Fame

‎07-30-2013 03:58 PM

Can you please post the "sh logs"?

0 Helpful

kiran_8095
Level 1
Level 1
In response to Leo Laohoo

‎07-30-2013 10:31 PM

Hi Leo,

Please find the show log

Jul 31 10:17:35: %C4K_EBM-4-HOSTFLAPPING: Host 00:A1:2B:C3:4D:E5 in vlan 218 is flapping between port Gi3/36 and port Gi3/8

Jul 31 10:23:04: %C4K_EBM-4-HOSTFLAPPING: Host 00:A1:2B:C3:4D:E5 in vlan 218 is flapping between port Gi3/36 and port Gi3/8

Jul 31 10:23:04: %C4K_EBM-4-HOSTFLAPPING: Host 00:1C:C3:00:8D:C8 in vlan 218 is flapping between port Gi3/36 and port Gi3/8

Jul 31 10:27:31: %C4K_EBM-4-HOSTFLAPPING: Host 00:00:00:09:70:38 in vlan 215 is flapping between port Gi3/4 and port Gi2/15

Jul 31 10:27:59: %C4K_EBM-4-HOSTFLAPPING: Host 00:00:00:09:70:38 in vlan 215 is flapping between port Gi3/4 and port Gi2/15

Jul 31 10:28:13: %C4K_EBM-4-HOSTFLAPPING: Host 00:0C:29:60:5A:C1 in vlan 198 is flapping between port Gi2/14 and port Gi3/27

Jul 31 10:28:13: %C4K_EBM-4-HOSTFLAPPING: Host 00:25:90:4B:89:48 in vlan 198 is flapping between port Gi2/14 and port Gi3/27

Jul 31 10:28:13: %C4K_EBM-4-HOSTFLAPPING: Host 00:1B:21:D2:ED:73 in vlan 198 is flapping between port Gi2/14 and port Gi3/27

Jul 31 10:28:13: %C4K_EBM-4-HOSTFLAPPING: Host 00:1B:21:D2:ED:72 in vlan 198 is flapping between port Gi2/14 and port Gi3/27

Jul 31 10:28:13: %C4K_EBM-4-HOSTFLAPPING: Host 00:1B:21:D2:ED:71 in vlan 198 is flapping between port Gi2/14 and port Gi3/27

Jul 31 10:33:36: %C4K_EBM-4-HOSTFLAPPING: Host 00:00:00:09:70:38 in vlan 215 is flapping between port Gi2/15 and port Gi3/4

Jul 31 10:34:45: %C4K_EBM-4-HOSTFLAPPING: Host 00:00:00:09:70:38 in vlan 215 is flapping between port Gi3/4 and port Gi2/15

Jul 31 10:17:35: %C4K_EBM-4-HOSTFLAPPING: Host 00:A1:2B:C3:4D:E5 in vlan 218 is flapping between port Gi3/36 and port Gi3/8

Jul 31 10:23:04: %C4K_EBM-4-HOSTFLAPPING: Host 00:A1:2B:C3:4D:E5 in vlan 218 is flapping between port Gi3/36 and port Gi3/8

Jul 31 10:23:04: %C4K_EBM-4-HOSTFLAPPING: Host 00:1C:C3:00:8D:C8 in vlan 218 is flapping between port Gi3/36 and port Gi3/8

Jul 31 10:27:31: %C4K_EBM-4-HOSTFLAPPING: Host 00:00:00:09:70:38 in vlan 215 is flapping between port Gi3/4 and port Gi2/15

Jul 31 10:27:59: %C4K_EBM-4-HOSTFLAPPING: Host 00:00:00:09:70:38 in vlan 215 is flapping between port Gi3/4 and port Gi2/15

Jul 31 10:28:13: %C4K_EBM-4-HOSTFLAPPING: Host 00:0C:29:60:5A:C1 in vlan 198 is flapping between port Gi2/14 and port Gi3/27

Jul 31 10:28:13: %C4K_EBM-4-HOSTFLAPPING: Host 00:25:90:4B:89:48 in vlan 198 is flapping between port Gi2/14 and port Gi3/27

Jul 31 10:28:13: %C4K_EBM-4-HOSTFLAPPING: Host 00:1B:21:D2:ED:73 in vlan 198 is flapping between port Gi2/14 and port Gi3/27

Jul 31 10:28:13: %C4K_EBM-4-HOSTFLAPPING: Host 00:1B:21:D2:ED:72 in vlan 198 is flapping between port Gi2/14 and port Gi3/27

Jul 31 10:28:13: %C4K_EBM-4-HOSTFLAPPING: Host 00:1B:21:D2:ED:71 in vlan 198 is flapping between port Gi2/14 and port Gi3/27

Jul 31 10:33:36: %C4K_EBM-4-HOSTFLAPPING: Host 00:00:00:09:70:38 in vlan 215 is flapping between port Gi2/15 and port Gi3/4

Jul 31 10:34:45: %C4K_EBM-4-HOSTFLAPPING: Host 00:00:00:09:70:38 in vlan 215 is flapping between port Gi3/4 and port Gi2/15

Note: Gi2/14, Gi2/15, Gi3/4, Gi3/36 are connected to cisco 2960 switches.

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to kiran_8095

‎07-30-2013 10:37 PM

It sounds like you have a loop happening.  Do you have Etherchannel configured?

0 Helpful

kiran_8095
Level 1
Level 1
In response to Leo Laohoo

‎07-30-2013 11:23 PM

No. All access switches are configured as Trunk on the interface connected to 4503.

0 Helpful

Joseph Nelson
Level 1
Level 1
In response to kiran_8095

‎08-05-2013 12:01 PM

Hi Kiran,

Is the user-defined MAC address guaranteed to be the same everytime the user device is connected? Do users move there devices between access switches often (e.g. daily)?

If the host will not change physical ports and the MACs will remain the same, you can use port-security on the access switches. In particular you can use sticky-mac's feature to ensure the first MAC seen on the user port is the only authorized MAC on the port.

A reference can be found here:

http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_55_se/configuration/guide/swtrafc.html#wp1038501

You may need a few pieces:

  • Set maximum MACs (default = 1 )
  • Set violation mode to shutdown

In this situation, the first MAC seen is authorized, the second MAC seen will err-disable the port.

HTH

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card