Hi All,

I am trying to figure out a network design using arp,cdp and mac address table.

here is what i have encountered and it is driving me nuts

I have 4 stacked switch on one side and 2 firewalls running in HA in another side,

the stack switches racks starts as 1/0/x to 4/0/x

on the asa when I ping the switch and do arp, I see the mac address of the switch as 0000.cccc.aaaa

I did a show switch on the stacked switched and the 0000.cccc.aa00 is the base for the master switch .

now when i want to narrow it down and find out which interface that corresponds to on the switch, I get nothing .

I have used 

show mac address-table | in 0000.cccc.aaaa

now if I do the reverse and try to find the interface that switch uses to get to the asa I get a different mac it uses as source such as 0000.cccc.aaab

I pinged the asa from the switch 

then did a show ip arp | in asa ip

found the mac and did show mac address-table | in 0000.cccc.aaab

it returns the interface 1/0/21 

I then do show interface 1/0/21 and the mac there is 0000.cccc.aaab

so what is driving me nuts is why does the asa communicates with the switch using destination mac 0000.cccc.aaaa which should land on switch on port 1/0/21 despite the switch using 0000.cccc.aaab as source to communicate with asa?

I can not find 0000.cccc.aaaa anywhere on the switch 

I have used show mac address-table 

I have also done show interface g 1/0/21

where is 0000.cccc.aaaa stored?

many thanks