Showing results for 
Search instead for 
Did you mean: 

Community Helping Community


Packet received with invalid source MAC address

Most of the 4500 Switches in our network are giving the similar error for so many ports

%C4K_L2MAN-6-INVALIDSOURCEADDRESSPACKET: (Suppressed 1 times)Packet received with invalid source MAC address (00:00:00:00:00:00) on p  t Gi2/6 in vlan 100

Its impossible to do a wireshark packet tracing for all the ports.

Could this be a software bug? Is there any solution of resolving this.

Thanks in advance.


Re: Packet received with invalid source MAC address

Hi John,

This means a packet was received with an all zero (00:00:00:00:00:00) or a multicast source address, for example, FF:FF:FF:FF:FF:FF. which is a Layer 2 broadcast. 
The packet is treated as invalid and no learning is done. Excessive flow of such packets can waste CPU cycles. This message is rate-limited and is displayed only for the first such packet received on any interface or VLAN.
Subsequent messages display the cumulative count of all such packets received in given interval on all interfaces.


Check the switch configuration file in order to find the source of these
packets on the specified port and take corrective action in order to fix
them at the source end. For example, it can be due to a faulty NIC or
connected hub. You can also setup a SPAN session to identify the source.

Alternatively,  you can also issue the switchport port-security limit rate
invalid-source-mac command in order to enable port security on that
interface in order to shutdown the port if the incoming rate of packets with
invalid source mac address is too high.

These errors are only informative and are not directly related with the
switch. The important thing is to find the source of the packet or the
device that is sending the packet. This indicates that a bad packet was
received and was dropped. This could have been sourced as bad packet for
different reasons; such as the size of Ethernet frame reported different
from expected IP packet size. The issue can be reported due to bad NIC
cards, bad NIC drivers, or bad application.

This message is for informational purpose only. In older IOS versions, these
packets are normally dropped without being logged.

If you are receiving a large amount of these errors you might try to track
down the source device that is sending the erroneous packets, you'll need to
use a network sniffer. You might also examine the adjacent Cisco device for
other errors.

hope this helps, dont forget to rate...

Hall of Fame Expert

Packet received with invalid source MAC address

Hello Jenny,

check if in your environment there are VMware instances that are started but not configured. We have seen these as sources of ethernet frames with all 0 source MAC addresses.

So it may not be a SW bug of the switch.

Once the VMware instances are configured ( including the MAC address  to be used by each of them) this kind of offending traffic disappears

Hope to help



What if you don't know the

What if you don't know the exact port where this is happening, but only the vlan and the switch?  How can you find out who the culprit is?  Seems to be no info about this online. 

CreatePlease to create content
Content for Community-Ad