MAC address of IP phone in two vlans - Page 2

Wassim Aouadi · ‎09-06-2010

Hi,

do you have any idea about why I see the MAC address of an IP phone in both access vlan and voice vlan? vlan 11 is my access vlan, and vlan 2222 is my voice vlan.

here's the config:

Current configuration : 247 bytes
!
interface FastEthernet1/0/12
switchport access vlan 11
switchport mode access
switchport voice vlan 2222
priority-queue out
mls qos trust cos
spanning-tree portfast
spanning-tree bpduguard enable
end

TNSWACCS01A1#sh mac address-table interface fa1/0/12
Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
11    0024.8154.2aca    DYNAMIC     Fa1/0/12
11    9caf.caff.5a8c    DYNAMIC     Fa1/0/12
2222    9caf.caff.5a8c    DYNAMIC     Fa1/0/12
Total Mac Addresses for this criterion: 3

Eduardo Leon Dominguez · ‎06-21-2012

Hello all,

We have the same issue. We have updated the switch WS-C2960S-24TS-L to 12.2(58)SE2 but all of the IP Phones appear in both vlans (Access & voice):

SWTSOROP01#show mac address-table interface gigabitEthernet 1/0/4

Mac Address Table

-------------------------------------------

Vlan Mac Address Type Ports

---- ----------- -------- -----

1 5cff.3506.ac9d DYNAMIC Gi1/0/4

1 c40a.cb4d.7a9b DYNAMIC Gi1/0/4

2 c40a.cb4d.7a9b DYNAMIC Gi1/0/4

SWTSOROP01#show mac address-table interface gigabitEthernet 1/0/1

Mac Address Table

-------------------------------------------

Vlan Mac Address Type Ports

---- ----------- -------- -----

1 0018.8b67.4a7c DYNAMIC Gi1/0/1

1 a8b1.d4fa.db80 DYNAMIC Gi1/0/1

2 a8b1.d4fa.db80 DYNAMIC Gi1/0/1

... and the problem is that the IP Phones it's learning the access vlan IP.

All of the access ports have this config:

!

interface GigabitEthernet1/0/X

switchport mode access

switchport voice vlan 2

spanning-tree portfast

!

Thanks.

Rejohn Cuares · ‎06-28-2012

I encountered the same issue.

I already upgraded the IP phone firmware and switch IOS without luck.

Please rate replies and mark question as "answered" if applicable.

Muzzamil Hussain · ‎10-23-2012

i have the same issue and tried this soluation and it worked for me

default the interface configuration

shutdown the interface

reconfigure it without assigning the acces vlan meaning put all the config except the access vlan

unshut the interface

wait until the IP phone is registered and its working fine

the add the data vlan configuration

and you will see the mac address table displayed correctly

and here is an Example of the same

interface GigabitEthernet0/3

shut

switchport mode access

switchport voice vlan 118

storm-control broadcast level 1.00

spanning-tree portfast

spanning-tree bpduguard enable

!

! wait until the IP phone is registered and its working fine

!

! now you add the access vlan command

switchport access vlan 117

end

now you can show interface MAC address table

ASW1#sh mac address-table interface g0/3

Mac Address Table

-------------------------------------------

Vlan Mac Address Type Ports

---- ----------- -------- -----

117 0022.641f.dbf2 DYNAMIC Gi0/3 # DATA VLAN

118 2893.fe12.1fb3 DYNAMIC Gi0/3 # VOICE VLAN

HTH

please rate if you find it helpfull

The_Nirvana · ‎08-02-2018

clyman · ‎04-17-2013

I found this same issue.

The Cisco 7942, and 7962 were receving ICMP packets from the router according to wireshark on the phone uplink port. However the pone would not respond on the same port. I put another sniffer on the PC connected to the phone and saw packets from the phone being sent to the PC, or mirroried (The phone did not have the sniffeing feature enabled for the PC, but I was still seeing traffic with the right mac for the router, and IP). I changed arp and vlan settings on the PC and the phone would begin to respond and then stop after awhile. I found that new PC's had been added at this location HP 6305 which appears to be causing the issue, however, Cisco phones should not allow this to happen (According to Cisco). The vlan has been hard coded on the PC to determin if this resolves the issue. I am still in the process of troubleshooting.

I hope this helps.

I have includ a topology

patoberli · ‎06-27-2019

Sorry for bringing this back up again, but I'm seeing exactly the same on a 2960-X with IOS 15.2(7)E0a.
I'm fairly sure this wasn't the case in older releases I had in use, but haven't controlled it in a while.

All phones are from Cisco.
Here is an output with only a phone connected:
2948XP-1008-2#show mac add | inc Gi1/0/6
140 649e.f3c2.7918 DYNAMIC Gi1/0/6
101 649e.f3c2.7918 DYNAMIC Gi1/0/6
2948XP-1008-2#show cdp nei g1/0/6 det
-------------------------
Device ID: SEP649EF3C27918
Entry address(es):
IP address: 10.1.1.214
Platform: Cisco IP Phone 8945, Capabilities: Host Phone Two-port Mac Relay
Interface: GigabitEthernet1/0/6, Port ID (outgoing port): Port 1
Holdtime : 130 sec
Second Port Status: Up

Version :
SCCP 9-4-2SR3-1

advertisement version: 2
Duplex: full
Power drawn: 6.400 Watts
Power request id: 55574, Power management id: 3
Power request levels are:6400 0 0 0 0

Total cdp entries displayed : 1

samuel.heinrich · ‎05-11-2022

I can confirm, that we are also seeing this behavior on with 2960X running 15.2(7)E5 when Cisco IP Phone 7841 are attached.

The Switchport is quite basic:

interface GigabitEthernet1/0/1
 description Office
 switchport access vlan 137
 switchport mode access
 switchport voice vlan 237
 spanning-tree portfast edge

Example with IP Phone without PC

#sh mac address-table int gi1/0/1
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
 137    e0d1.73e5.xxxx    DYNAMIC     Gi1/0/1
 237    e0d1.73e5.xxxx    DYNAMIC     Gi1/0/1

Example with IP Phone with PC

#sh mac address-table int gi1/0/6
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
 137    10e7.c6fd.a630    DYNAMIC     Gi1/0/6
 137    b4a8.b94c.xxxx    DYNAMIC     Gi1/0/6
 237    b4a8.b94c.xxxx    DYNAMIC     Gi1/0/6

Detailed CDP of the IP Phone

#sh cdp neighbors gigabitEthernet 1/0/1 de
-------------------------
Device ID: SEPE0D173E5xxx
Entry address(es):
  IP address: 172.25.xx.xx
Platform: Cisco IP Phone 7841,  Capabilities: Host Phone Two-port Mac Relay
Interface: GigabitEthernet1/0/1,  Port ID (outgoing port): Port 1
Holdtime : 155 sec
Second Port Status: Down

Version :
sip78xx.12-8-1-0001-455.loads

advertisement version: 2
Duplex: full
Power drawn: 3.745 Watts
Power request id: 10447, Power management id: 3
Power request levels are:3745 0 0 0 0


Total cdp entries displayed : 1

since we are currently in the implementation phase of a dot1x/MAB solution, thats a big problem.

We upgraded a switch to 15.2(7)E6 and were able to reproduce the issue. "sometimes" it works..

It seems that this behavior does not happen with an older release 15.2(4)E8

unfortunatelly I don't have enough test devices yet proofe this theory yet.

@patoberli did you find a solution for this or can you confirm that older releases are not affected?

The_Nirvana · ‎05-11-2022

Hello @samuel.heinrich ,

I overcame this issue by enabling port security temporarily to set the maximum mac address to 2, and then roll the configs back.

The configs are as follows:

!

interface GigabitEthernet1/0/1
switchport port-security maximum 2
switchport port-security mac-address sticky

switchport port-security

!

Let us know if this works for you

patoberli · ‎05-11-2022

No solution yet.

What I found at an other installation, once I enabled LLDP (were third party phones at the other installation) it started to work correctly. Don't remember the software version there though, might be completely unrelated.