Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
40545
Views
11
Helpful
6
Replies

can't clear mac address table from interface

Go to solution
Bruno Dinis
Level 1
Level 1

‎02-18-2015 10:08 AM - edited ‎03-07-2019 10:44 PM

hello all.

I'm facing a problem, and i've also tried to workaround but not sucessfully.

 

I've got a polycom phone on the swich. When I connect a laptop on that port, the mac address is learned by the switch and keep the mac address even if I disconnect the ethernet cable from that port and if I try to connect the same laptop on other port on the same switch I've got errdisable error in the last connected port. Although I was figuring out what's wrong and seems that the mac address is kept for some reason in the first port.

 

sw02#show mac address-table interface f0/19
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
 60   3c07.5417.9069   STATIC      Fa0/19 
 80    0004.f21e.afa7    STATIC      Fa0/19 

 

this is a 2960, Version 12.2(44r)SE4

with a Polycom SoundPoint IP 330 connected on vlan 80

 

I was searching to clear the mac address table on that interface but the IOS version didn't give me the static option

sw02#clear mac address-table ?
  dynamic       dynamic entry type
  move          move keyword
  notification  Clear MAC notification Global Counters

 

As there's no dynamic entries on that interface the mac addresses remain on the f0/19 interface.

 

I've tried with other switches and with other laptops and is the same errdisable status.

sw02#show run int f0/19

interface FastEthernet0/19
 description VoIP
 switchport access vlan 60
 switchport mode access
 switchport nonegotiate
 switchport voice vlan 80
 switchport port-security maximum 5
 switchport port-security
 no snmp trap link-status
 ip dhcp snooping limit rate 100
end


any thought?

 

 

 

 

 

 

 

 

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
julijime
Cisco Employee
Cisco Employee

‎02-18-2015 07:55 PM

Hi Dinis,

 

The "clear mac address-table" command won't help here as these MACs are being learned by the port-security feature. If you want to clear them try the following command:

#clear port-security all interface [interface]

 

HTH

 

Julio

View solution in original post

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Bruno Dinis

‎02-19-2015 05:15 AM

I don't understand why your mac addresses are appearing as static because that should only be for mac addresses you have configured manually.

You haven't done that so those entries in your mac address table should be dynamic.

Because those entries are showing as static try this command -

"switchport port-security aging static time <no of mins>"

Jon

View solution in original post

0 Helpful
6 Replies 6

Go to solution
julijime
Cisco Employee
Cisco Employee

‎02-18-2015 07:55 PM

Hi Dinis,

 

The "clear mac address-table" command won't help here as these MACs are being learned by the port-security feature. If you want to clear them try the following command:

#clear port-security all interface [interface]

 

HTH

 

Julio

Go to solution
Bruno Dinis
Level 1
Level 1
In response to julijime

‎02-19-2015 03:46 AM

Hi Julio.

That command worked fine. Tks

Although as soon as I connect the laptop behind a VoIP phone with port-security enabled, the MAC Address of the laptop is kept in the interface mac address table even if I disconnect the laptop from the port, even if I wait 10minutes, 1 hour, 1 day.. 

So I was unable to reconnect the laptop on the same switch because the switch already learned the mac address in the first port. It's only working when I manually clear the mac address from the port, but I guess the switch should learn and forget the connected mac addresses dynamically..

 

I can't understand why this is happening.

 

 

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Bruno Dinis

‎02-19-2015 05:15 AM

I don't understand why your mac addresses are appearing as static because that should only be for mac addresses you have configured manually.

You haven't done that so those entries in your mac address table should be dynamic.

Because those entries are showing as static try this command -

"switchport port-security aging static time <no of mins>"

Jon

0 Helpful

Go to solution
Bruno Dinis
Level 1
Level 1
In response to Jon Marshall

‎02-19-2015 08:11 AM

the mac addresses are not manually configured.

yes, that's my point. when I disconnect the ethernet cable the mac addresses are not flushed from the mac table.

Although I don't understand why the mac addresses are kept in the interface, if I force the interface aging time to 1 min, the problem don't occur anymore.

I was reviewing the switch config and I've got ports with aging time 0 (that learn and flush the mac addresses dynamically) and I've got ports with aging time 1 (that learn and flush the mac addresses at the end of 60 seconds)


The problem is solved although I need to investigate this issue in other switch models and with other voip phones.

Tks Jon and Julio

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Bruno Dinis

‎02-19-2015 05:25 AM

Can you just confirm you have not manually configured those mac addresses ?

If you haven't then you shouldn't need to do anything because those mac addresses should be dynamically learnt in which case when you disconnect the device they should be flushed from the mac address table.

So you wouldn't need to set the aging time.

The aging time is only needed for static entries and when you want to time out mac entries even though a device is not being disconnected.

Jon

Go to solution
smithy14975
Level 1
Level 1

‎05-25-2017 10:59 AM

The phone has a little switch in it and is holding the mac.  Reboot the phone

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card