11-17-2024 09:45 PM
After upgrading the IOS of our Nexus C7006, mac move is seen between our Core_VDC going to Firewall under vlan 867. Logs is seen on the transport VDC (Layer 2 only) when we activate the connection between CORE-VDC1 to Tranports_VDC1.
Software
BIOS: version 3.9.0
kickstart: version 8.4(10)
system: version 8.4(10)
2024 Nov 17 02:55:13 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 0012.c106.600b in vlan 867 has moved from Po604 to Po534
2024 Nov 17 02:55:15 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 0012.c142.5006 in vlan 867 has moved from Po604 to Po531
2024 Nov 17 02:55:15 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 001c.7f87.f766 in vlan 867 has moved from Po604 to Eth5/27
2024 Nov 17 02:55:15 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 0012.c106.200b in vlan 867 has moved from Po534 to Po604
2024 Nov 17 02:55:15 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 0012.c107.000b in vlan 867 has moved from Po534 to Po604
2024 Nov 17 02:55:16 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 0012.c142.5006 in vlan 867 has moved from Po531 to Po604
2024 Nov 17 02:55:16 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 001c.7f87.f766 in vlan 867 has moved from Eth5/27 to Po604
2024 Nov 17 02:55:16 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 0012.c106.200b in vlan 867 has moved from Po604 to Po534
2024 Nov 17 02:55:16 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 0012.c107.000b in vlan 867 has moved from Po604 to Po534
2024 Nov 17 02:55:18 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 0012.c101.400b in vlan 867 has moved from Po534 to Po604
2024 Nov 17 02:55:18 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 001c.7f87.f766 in vlan 867 has moved from Po604 to Eth5/27
2024 Nov 17 02:55:18 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 0012.c142.5006 in vlan 867 has moved from Po604 to Po531
2024 Nov 17 02:55:20 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 0012.c142.5006 in vlan 867 has moved from Po531 to Po604
2024 Nov 17 02:55:20 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 001c.7f87.f766 in vlan 867 has moved from Eth5/27 to Po604
2024 Nov 17 02:55:20 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 0012.c101.400b in vlan 867 has moved from Po604 to Po534
2024 Nov 17 02:55:22 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 0012.c142.5006 in vlan 867 has moved from Po604 to Po531
2024 Nov 17 02:55:22 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 001c.7f87.f766 in vlan 867 has moved from Po604 to Eth5/27
2024 Nov 17 02:55:22 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 0012.c1e8.f006 in vlan 867 has moved from Po529 to Po604
2024 Nov 17 02:55:24 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 0012.c142.5006 in vlan 867 has moved from Po531 to Po604
2024 Nov 17 02:55:24 TRANSPORT_VDC2 %L2FM-4-L2FM_MAC_MOVE: Mac 001c.7f87.f766 in vlan 867 has moved from Eth5/27 to Po604
Where:
Po604 - Link from Transport VDC to Core VDC
Po531/Po529 - Link from Transport VDC to FW-C
Po534 - Link from Transport VDC to FW-A
Eth5/27 - Link to FW-E
00:12:C1:0A:60:0B --> 192.168.250.206 Firewall
00:12:C1:E8:F0:06 --> 192.168.250.207 Firewall
00:12:C1:E8:F0:06 --> 192.168.250.207 Firewall
00:12:C1:42:50:1C --> 192.168.250.205 Firewall
Vlan 867 - Network interconnecting Core_VDC to Firewall.
After doing some changes on the configuration to address the issue, next recommendation of TAC is to reboot the Core Switch. Seeking help on other possible solution.
11-18-2024 03:32 AM
- This seems to be a checkpoint firewall based solution ; perhaps the firewalls got confused because of the upgrade. What I would try first if this is a hot standby firewall cluster is to reboot both firewalls sequentially and 'with calm' ; to always have a 'redundancy time space' available ; check if that can help (too). Then if it was a problem because of the firewalls , you don't have to reboot the network core ,
M.
11-25-2024 04:30 PM
We already have rebooted the Firewall. Both FW worked as active-active. Same result.
11-18-2024 09:34 AM
Firewall already rebooted by same result. Also, there are 6 VDCs in our C7706 but only 2 VDCs is encountering the mac move.
11-18-2024 09:57 AM
- This one seems related https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuv23184 ,
but it points to older versions
+ In that context you could consider https://software.cisco.com/download/home/286120747/type/282088129/release/8.4(8)
which is an advisory release 8.4(10) is not (yet)
+ You are quite right in your opinion that 'just reboot the core' is not direct acceptable , if TAC says so
then you must ask for a specific technical argument as to why that must be done.
M.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide