Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2232
Views
0
Helpful
2
Replies

Nexus 7k mac moves

GoncaloContente
Level 1
Level 1

‎02-02-2018 03:18 AM - edited ‎03-08-2019 01:41 PM

 

Hi,

I have been troubleshooting a mac move behaviour on my core network, which is made of 2 Nexus 7K with F3 series modules. They are inter-connected with a fabricpath mode port-channel. All the remote branches connect to the core network via a VPC, except one remote branch that connects to the core network via a single link, therefore is connected only to one of the core nexus. The link that connects this remote branch as no special configuration, is just a L2 link with the spanning-tree disable. 

 

Drawing4.jpg

Since the beginning of times i see mac moves on only one of the vlans that goes through this link, and so far i have been unable to figure out why is this happening, the Vlan in question is VID 100.

 

The nexus CPDA is directly connected to this remote branch and as the switch-id of 100, i can see that there is a mac move from a foreign port to the port where the remote branch is connected to.

 

N7K01-CPDA-CORE1 %L2FM-4-L2FM_MAC_MOVE: Mac 408d.5c39.0e4c in vlan 100 has moved from p(\227ÿ^Yºâöôÿ¥ö^A to Eth1/22

I am unable to identify the port of origin because most probably there is a bug on this version which is 6.2(16).

 

 

On the nexus RECT which has the same kickstart version 6.2.(16), but the last reset shows system version 6.2(10), i can see the logs properly. This nexus as the switch-id of 101.

 

N7K02-RECT-CORE2 %L2FM-4-L2FM_MAC_MOVE: Mac 408d.5c39.0e4c in vlan 100 has moved from  100.0.65535 to  100.0.3050

From nexus RECT i have been able to decipher the foreign port of nexus CPDA which apparently looks like it is flood of some kind. I have been looking for fabricpath documentation on flooding but so far i haven't found any (if someone has any please share), also the port 100.0.3050 correspond to the eth1/22 on nexus CPDA which is the physical port where the remote branch is connected. 

 

 

From these logs the only conclusion i have been able to get, is that the mac addresses on these vlan are rebounding form the physical port to this flood lid port on the nexus CPDA and back, and i have not been able to understand really why. It is important to note that all the other branches that connect through VPCs to not show this behaviour. 

 

I have been reading the Cisco Nexus 7k Fabricpath document and i found out something interesting which might be only a coincidence, but still interesting. Accordding to Cisco documentation all vlans in mode fabric have only one mac address learning mode which is "conversational learning" only.

 

All the vlans on the Nexus core are configured has "mode fabric" 

vlan 100
  mode fabricpath
  state active
  no shutdown
  name VLAN0100

What is interesting is when i run the command "show mac address-table learning-mode vlan 100" is show as non-conversational.

N7K01-CPDA-CORE1# sh mac address-table learning-mode vlan 100
Vlan/BD Learning Mode
----    ----------
100     Non-Conversational-Learning

How can this be, If vlan 100 is configured has "mode fabric".  Also this is the only vlan that is in "Non-Conversational-learning" and by coincidence is the only one where mac moves are occuring.

 

I have no idea if this is a fabricpath bug, also i have no idea what is the purpose of the port 100.0.65535 and where to find documentation about it and i would like to understand why this mac moves are occuring, i would appreciate any kind of help.

 

Regards

Gonçalo Reis

Labels:
0 Helpful
2 Replies 2

GoncaloContente
Level 1
Level 1
In response to Yachay

‎02-04-2018 11:12 PM - edited ‎02-04-2018 11:14 PM

Hi Yachay,

 

Thank you for your reply, i have found out why a fabricpath vlan in some cases my not work in conversational learning mode, this happens when switch as an SVI configured, although the document i found refers to nexus 5K it is also probably valid for nexus 7K. As to the mac moves and regarding to the links you shared, i think they are not related to what i am describing in my original post, your first link refers to a bug found on a port-channel which is not my case since i dont have a port-channel configured and the second link shared also refers to a mac that is moving between port-channels. This are the reasons why i think they do not match to what i described.

 

Nevertheless i would like to thank you for your time and effort replying to me.

Regards

Gonçalo Reis

 

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card