08-14-2020 05:06 AM
Hi everyone,
I really need help on the learned mac address for Cisco Nexus 9000 running on CML2.0
I have configured VLAN, interface VLAN and switchport access to that VLAN. I also configure "switchport port-security" for the switchport ethernet interface that access to that VLAN.
The servers inside the VLAN can ping each other and the "show ip arp vrf all" did show mac-address of these servers. (see attachment named "nxos9000-ip-arp-vrf-all")
The issue is that "show mac address-table" does NOT have any dynamic mac-addresses. (see attachment named "nxos9000-mac-address-table")
Thanks and regards,
Solved! Go to Solution.
08-14-2020 05:18 AM
Hello!
It is expected behavior for the Nexus 9000v to not show dynamically-learned MAC addresses through the output of show mac address-table. This is because the device does not integrate the L2FM component (which is where the output of show mac address-table pulls from) with the virtual L2FDWR data plane used by the 9000v. This is documented in the Cisco Nexus 9000v Guide, under the subsection "Table 3 NX-OS System Limitations".
You can use the show system internal l2fwder mac command to display dynamically-learned MAC addresses on the Nexus 9000v platform. Note that this limitation does not exist on physical Nexus gear - it only applies to the Nexus 9000v.
I hope this helps - thank you!
-Christopher
08-14-2020 05:18 AM
Hello!
It is expected behavior for the Nexus 9000v to not show dynamically-learned MAC addresses through the output of show mac address-table. This is because the device does not integrate the L2FM component (which is where the output of show mac address-table pulls from) with the virtual L2FDWR data plane used by the 9000v. This is documented in the Cisco Nexus 9000v Guide, under the subsection "Table 3 NX-OS System Limitations".
You can use the show system internal l2fwder mac command to display dynamically-learned MAC addresses on the Nexus 9000v platform. Note that this limitation does not exist on physical Nexus gear - it only applies to the Nexus 9000v.
I hope this helps - thank you!
-Christopher
08-16-2020 08:42 PM - edited 08-16-2020 08:55 PM
Really appreciate for your useful response, @Christopher Hart
I did see the dynamic mac-address via "show system internal l2fwder mac".
By the way, I need to link a MAC address to the port on which the address was learned using SNMP query.
For instance,
From Step 1, the MAC address is:
1.3.6.1.2.1.17.4.3.1.1.0.0.12.7.172.8 = Hex: 00 00 0C 07 AC 08
From Step 2, the bridge port tells that the MAC address belongs to bridge port number 13:
1.3.6.1.2.1.17.4.3.1.2.0.0.12.7.172.8 = 13
From Step 3, the bridge port number 13 has ifIndex number 2:
1.3.6.1.2.1.17.1.4.1.2.13 = 2
From Step 4, the ifIndex 2 corresponds to port Fast Ethernet 0/1:
ifMIB.ifMIBObjects.ifXTable.ifXEntry.ifName.2 = Fa0/1
Conclusion: The MAC address 00 00 0C 07 AC 08 is learned on port Fa0/1
My current issue is that, even if I see the dynamic mac-address via CLI cmd, I do not see it via SNMP 1.3.6.1.2.1.17.4.3.1.1. The snmp to Dot1dTpFdbEntry only show the static mac-addresses.
snmpwalk -v 2c -c public@401 192.168.168.141 1.3.6.1.2.1.17.4.3.1.1
iso.3.6.1.2.1.17.4.3.1.1.0.0.12.159.241.145 = Hex-STRING: 00 00 0C 9F F1 91
iso.3.6.1.2.1.17.4.3.1.1.82.84.0.14.81.241 = Hex-STRING: 52 54 00 0E 51 F1
switch# show system internal l2fwder mac
Legend:
* - primary entry, G - Gateway MAC, (R) - Routed MAC, O - Overlay MAC
age - seconds since last seen,+ - primary entry using vPC Peer-Link,
(T) - True, (F) - False, C - ControlPlane MAC
VLAN MAC Address Type age Secure NTFY Ports
---------+-----------------+--------+---------+------+----+------------------
* 400 5254.001e.3740 dynamic 2d16h F F Eth1/13
* 401 5254.0016.8312 dynamic 00:04:29 F F Eth1/7
G 402 0000.0c9f.f192 static - F F sup-eth1(R)
G 401 0000.0c9f.f191 static - F F sup-eth1(R)
G 402 5254.000e.51f1 static - F F sup-eth1(R)
G 401 5254.000e.51f1 static - F F sup-eth1(R)
G 400 5254.000e.51f1 static - F F sup-eth1(R)
* 402 5254.0015.d4a7 dynamic 00:00:23 F F Eth1/6
G 400 0000.0c9f.f1f3 static - F F sup-eth1(R)
* 400 5254.0002.30dc dynamic 2d15h F F Eth1/9
* 401 5254.0017.3662 dynamic 00:00:24 F F Eth1/3
* 400 5254.0013.2091 dynamic 2d15h F F Eth1/11
Do you know if this is a known issue in Nexus 9000v as well? Does it happen in Nexus 9000 physical hardware?
Thanks and regards,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide