Solved: Ping requests flooding all ports in vlan

matthew.norman · ‎08-11-2016

Hello all,

I have a basic set up as shown in the image below.

Any time that I ping from one host to the other, the switches are flooding all ports within a given vlan to find the correct destination. Even after doing it once it doesn't seem to save any MAC details and just keeps flooding every time.

I haven't configured anything complicated in this set up. The only thing I have which I haven't set up in the past is standby IP's on the router. The plan is to add a second router and have a standby link.

I have also included the info provided during a trace of the ping request where the flooding happens.

ahmedshoaib · ‎08-12-2016

Hi;

The Mac address you are mentioned 0000.0C9F.F000 is belong to virtual Mac of HSRP v2. There is no network flooding or broadcast in your network.

http://www.cisco.com/c/en/us/support/docs/ip/hot-standby-router-protocol-hsrp/9281-3.html#q34

Thanks & Best regards;

View solution in original post

ahmedshoaib · ‎08-11-2016

Hi;

Can you share the logs which shows that your ping traffic is flooded on network?

In switch network the packet flood on the network whose destination mac is not in MAC table.

Thanks & Best regards;

matthew.norman · ‎08-12-2016

Hi Ahmed, There's nothing showing in the logs for this. I am running a simulation in packet tracer with the same config and can see the following happening:

1. PC1 sends ICMP to server

2. Packet is sent to access switch 1

3. Packet is sent to core switch

4. Core switch broadcasts packets to both router and access switch 2

Even after multiple pings it keeps doing the broadcast. It doesn't seem to know how to get to the router that is directly connected.

Here's the MAC table from the core switch:

Vlan Mac Address Type Ports

---- ----------- -------- -----

11 0060.3e82.71b8 DYNAMIC Po1

11 0060.3eab.a601 DYNAMIC Fa1/1

11 0060.7073.4334 DYNAMIC Po2

12 0030.f226.dc97 DYNAMIC Po2

12 0060.3eab.a601 DYNAMIC Fa1/1

12 0060.7073.4334 DYNAMIC Po2

13 0060.3eab.a601 DYNAMIC Fa1/1

13 0060.7073.4334 DYNAMIC Po2

99 0060.3eab.a601 DYNAMIC Fa1/1

99 0060.7073.4334 DYNAMIC Po2

100 0060.7073.4334 DYNAMIC Po2

111 0001.9787.534b DYNAMIC Po1

111 0060.3eab.a601 DYNAMIC Fa1/1

111 00d0.97e3.ce16 DYNAMIC Po1

112 0003.e485.2ce5 DYNAMIC Po2

112 0060.3eab.a601 DYNAMIC Fa1/1

112 0060.7073.4334 DYNAMIC Po2

113 0060.3eab.a601 DYNAMIC Fa1/1

113 0060.7073.4334 DYNAMIC Po2

200 0000.0c38.371e DYNAMIC Fa2/1

200 0060.3eab.a601 DYNAMIC Fa1/1

200 0060.7073.4334 DYNAMIC Po2

200 00d0.bcb2.53c7 STATIC Fa0/1

210 0060.3eab.a601 DYNAMIC Fa1/1

210 0060.7073.4334 DYNAMIC Po2

And here's the ARP cache:

Protocol Address Age (min) Hardware Addr Type Interface

Internet 10.30.99.1 2 0000.0C9F.F000 ARPA Vlan99

Internet 10.30.99.2 1 0060.3EAB.A601 ARPA Vlan99

Internet 10.30.99.6 - 0060.47E5.2612 ARPA Vlan99

As you can see it has the routers address 10.30.99.1 but still sends the broadcast out the next time.

ahmedshoaib · ‎08-12-2016

Hi;

The Mac address you are mentioned 0000.0C9F.F000 is belong to virtual Mac of HSRP v2. There is no network flooding or broadcast in your network.

http://www.cisco.com/c/en/us/support/docs/ip/hot-standby-router-protocol-hsrp/9281-3.html#q34

Thanks & Best regards;

matthew.norman · ‎08-12-2016

Thanks Ahmed,

I kind of follow as the virtual mac address is not on a connected interface.

I was just concerned that if every packet has to get sent out of multiple ports for it to find the virtual mac then it may cause some network issues.

I managed to stop this by adding a static mac entry to the core switch for the virtual address. Is this good or bad practice?

ahmedshoaib · ‎08-12-2016

Hi;

Sorry but I still don’t understand where and how you see the traffic for virtual MAC address will forward to multiple ports.

There will be no issue in network whether we are using static or virtual mac address. In some of the case we force to use static MAC instead of virtual MAC.

Thanks & Best regards;

matthew.norman · ‎08-12-2016

Hi Ahmed,

In the picture the ping is from PC1 to server 10.30.200.5.

The ICMP packet gets to the core switch and is then sent out of both the connected ports. One port goes to the router and the other goes to the second access switch.

The ICMP packet needs to go to the PC's gateway first which is virtual IP 10.30.11.1. When the core switch is sending the packet, it doesn't know the mac of this virtual IP/interface so floods all the trunk ports on the switch that allow the same VLAN (11).

If I add a static mac entry to the core switch it stops the packet being flooded and knows to send it out of the interface that connects to the router.

ahmedshoaib · ‎08-12-2016

Hi;

Is it possible for you share me the configuration backup of your Router and Core switch & output of show standby brief command.

Thanks & Best regards;

Peter Paluch · ‎08-13-2016

Hi Matthew, Ahmed,

I apologize for jumping in, just one question please: Matthew, are you using real Cisco hardware or a Packet Tracer? Packet Tracer is not representative in its behavior, and may deviate from the way real hardware operates.

Best regards,
Peter

matthew.norman · ‎08-13-2016

Hi Peter,

This is indeed a simulation in packet tracer so it could well be due to the behavior of packet tracer.

Here's the show standby brief results:

Interface Grp Pri P State Active Standby Virtual IP

0 190 P Active local unknown 10.30.11.1

0 190 P Active local unknown 10.30.12.1

0 190 P Active local unknown 10.30.13.1

0 190 P Active local unknown 10.30.99.1

0 190 P Active local unknown 10.30.100.1

0 190 P Active local unknown 10.30.111.1

0 190 P Active local unknown 10.30.112.1

0 190 P Active local unknown 10.30.113.1

0 190 P Active local unknown 10.30.200.1

0 190 P Active local unknown 10.30.210.1

I have also attached the backup config of the router and core switch.

Regards

Matt

ahmedshoaib · ‎08-13-2016

Hi;

Configuration seems to be ok, and Peter is right you are facing the issue due to you are using paket tracer not a real hardware.

Thanks & Best regards;