06-23-2024 07:34 AM
Dear All,
On Cisco 6500 Sup2T Version 15.5(1)SY10
I have a continuous logging entry like these:
Jun 23 16:17:22.450 ITAS: %SISF-SW1-6-ENTRY_CHANGED: Entry changed A=FE80::D0C6:F08C:BCA0:CEAB V=91 I=Po59 P=0005 M=
Jun 23 16:17:22.450 ITAS: %SISF-SW1-6-ENTRY_CHANGED: Entry changed A=FE80::6906:A16D:A745:FC4 V=91 I=Po59 P=0005 M=
Jun 23 16:17:22.454 ITAS: %SISF-SW1-6-ENTRY_DELETED: Entry deleted A=FE80::F72C:AB21:D859:2B93 V=3 I=Po19 P=0005 M=
Jun 23 16:17:22.454 ITAS: %SISF-SW1-6-ENTRY_DELETED: Entry deleted A=2001:B07:A96:4AEE:1CF7:D45A:90CA:E714 V=3 I=Po12 P=0005 M=
Jun 23 16:17:22.454 ITAS: %SISF-SW1-6-ENTRY_DELETED: Entry deleted A=FE80::7FAF:BF79:19F4:EC25 V=3 I=Po12 P=0005 M=
Someone can help me to understand why SISF is logging these messages?
I' d like to disable these kind of message.
I have checked the Cisco Docs:
%SISF-6-ENTRY_CHANGED : Entry changed [chars]
Explanation An entry was changed in the binding table
Recommended Action This is an informationnal message
06-23-2024 09:30 AM
- Review this thread : https://community.cisco.com/t5/wireless/what-is-causing-these-errors-to-be-written-to-error-log/td-p/2877908
M.
06-25-2024 12:11 AM
Hi Marce,
The informational message log:
%SISF-SW1-6-ENTRY_CHANGED:
Is on a Cisco Catalyst 6500 sup2t. The link tat you suggest me is about a wlc 5508. I am sorry but I don' t understand, could you explain me?
Bye,
JF
06-25-2024 09:39 AM
- The basic principles concerning the explanations remain the same , are you using ipv6 , if not disable it ,
M.
06-26-2024 12:47 AM
Hi Marce,
I think I found the cause that triggered the logging,
The device-tracking feature was activated on the trunk links from the Cores to the distribution switches.
This happened last Sunday, when we attempted to migrate one of the distribution racks from IPDT to SISF.
The Core used the default policy for device tracking:
DT-PROGRAMMATIC configuration policy:
security-level glean
device-role node <----------------------incorrect can only be used on ports towards the user
gleaning from Neighbor Discovery
gleaning from DHCP
gleaning from ARP
gleaning from DHCP4
NOT gleaning from protocol unkn
limit address-count for IPv4 for mac 1 <- wrong can only be used on ports towards the user
tracking enable <-------------------- tracking is also enabled on switch to switch trunk links, this causes logging
I created a new policy for trunked ports by disabling device trunking:
device-tracking policy TRUNK_PORTS
trusted-port <-
security-level glean
device-role switch <-now it is set to switch
no dhcp6 protocol
no protocol arp
no dhcp4 protocol
no udp protocol
tracking disabled <- Now it is set to disabled
To do this, apply it on all links to the distribution switches. The log has stopped.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide