Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
292
Views
0
Helpful
1
Replies

re-learn the PC MAC issue

lineup
Level 1
Level 1

‎12-16-2017 12:53 PM - edited ‎03-05-2019 09:39 AM

Hi Guys,

 

I'm facing something interesting here.


The situation is the following: I have MITEL IP phones in the whole building and some people that moves from desk to meeting rooms and back to desk (lots of meeting). If a person connects her laptop to an IP phone (in the meeting room), and after the meeting this person then comes back to her desk (and connects her laptop in the PC-port from an IP phone), then we got an issue: the laptop simply doesn't work.

 

Taking a look at the mac-address table from the switch, we could conclude that the IP phone from the meeting room keeps informing the laptop mac-address through the switch port, therefore when the person connects the laptop in her desk, the switch learns the mac from two different ports, causing a flapping.

 

We realized that turning off the IP phone from the meeting room solves the problem - but, it's not indeed a good option.

 

How can we make switch to provide re-learn the PC MAC ? 

 

Thanks!

 

Numan

Labels:
0 Helpful
1 Reply 1

Peter Paluch
Cisco Employee
Cisco Employee

‎12-17-2017 12:54 PM

Hi Numan,

Ordinarily, if a PC (or a laptop) with its MAC address moves between two ports of a switch, the switch will not treat this as flapping outright - it will merely learn the latest location of the PC based on which port was the last one to receive a frame sourced from the PC's MAC address.

You have mentioned an address flap - that would, however, mean that the switch is seeing a frame from the same source MAC address coming through different ports for a certain period of time. I find this hard to believe: It would mean that the IP phone continued to send out frames sourced from the PC even after the PC has been disconnected from the phone and connected elsewhere. Do you actually have an evidence, such as logging messages, that would prove that the issue at hand is a true MAC address flap (meaning "rapid learning of the same MAC address across multiple ports")?

I am considering a different possibility: Are you perhaps using Port Security? With Port Security, even a dynamically-learned MAC address would be kept learned on a port and not learned on a different port until it expired from the first one - but it won't expire from there unless the expiry of dynamic secure addresses is explicitly configured, or the whole port goes down. This would, in a sense, match the behavior you have described.

Should that be the case, one of the solutions would be not to use Port Security for the data VLAN where the PCs communicate; another solution would be to cut down the aging time of dynamic secure MAC addresses to a reasonable value, say, 1 minute.

If this scenario is not applicable, we will need to know more about your switches - what is their exact type and IOS version? Also, would it be possible to share their configuration (except for sensitive data), and an example of a MAC address table output that shows the address to be "tied" to the interface with the IP phone, instead of having moved over to the proper interface?

Thanks!

Best regards,
Peter

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card