Solved: %SW_MATM-4-MACFLAP_NOTIF: flapping

AfidzRIght21 · ‎11-30-2015

Hi,

Can someone help with VLAN flapping Issue, I have a topology like this:

Router > Cisco SG300 > Cisco C2960 > Cisco SF300-24P

a Flapping appear in sw c2960, SF300-24P actually passed c2960, but at SF300-24P not appear flapping

and get error message:

Dec 1 22:59:14.943: %SW_MATM-4-MACFLAP_NOTIF: Host 448a.5b22.4cfd in vlan 3 is flapping between port Gi1/0/51 and port Gi1/0/34
Dec 1 22:59:17.725: %SW_MATM-4-MACFLAP_NOTIF: Host 902b.3478.8ca5 in vlan 3 is flapping between port Gi1/0/51 and port Gi1/0/16
Dec 1 22:59:38.284: %SW_MATM-4-MACFLAP_NOTIF: Host 902b.3478.8ca5 in vlan 3 is flapping between port Gi1/0/51 and port Gi1/0/16
Dec 1 22:59:56.484: %SW_MATM-4-MACFLAP_NOTIF: Host 448a.5b22.4cfd in vlan 3 is flapping between port Gi1/0/51 and port Gi1/0/34
Dec 1 23:00:11.573: %SW_MATM-4-MACFLAP_NOTIF: Host 448a.5b22.4cfd in vlan 3 is flapping between port Gi1/0/51 and port Gi1/0/34
Dec 1 23:00:11.643: %SW_MATM-4-MACFLAP_NOTIF: Host 448a.5b8b.6394 in vlan 3 is flapping between port Gi1/0/51 and port Gi1/0/47
Dec 1 23:00:38.731: %SW_MATM-4-MACFLAP_NOTIF: Host 448a.5b22.4cfd in vlan 3 is flapping between port Gi1/0/51 and port Gi1/0/34
Dec 1 23:00:43.771: %SW_MATM-4-MACFLAP_NOTIF: Host 902b.3478.8ca5 in vlan 3 is flapping between port Gi1/0/51 and port Gi1/0/16
Dec 1 23:00:49.105: %SW_MATM-4-MACFLAP_NOTIF: Host 448a.5b22.4cfd in vlan 3 is flapping between port Gi1/0/51 and port Gi1/0/34
Dec 1 23:04:29.715: %SW_MATM-4-MACFLAP_NOTIF: Host 448a.5b22.4cfd in vlan 3 is flapping between port Gi1/0/51 and port Gi1/0/34
Dec 1 23:04:30.473: %SW_MATM-4-MACFLAP_NOTIF: Host a45d.36d1.1b1d in vlan 3 is flapping between port Gi1/0/51 and port Gi1/0/27
Dec 1 23:04:31.952: %SW_MATM-4-MACFLAP_NOTIF: Host 1458.d017.4e6b in vlan 3 is flapping between port Gi1/0/51 and port Gi1/0/25
Dec 1 23:04:51.833: %SW_MATM-4-MACFLAP_NOTIF: Host 902b.3478.8ca5 in vlan 3 is flapping between port Gi1/0/51 and port Gi1/0/16

Cisco SG300 Configuration

interface gigabitethernet27
description TRUNK-TO-SW1-R.ELEKTRO
no spanning-tree portfast
switchport trunk allowed vlan add 2-3
switchport trunk native vlan 99

Cisco C2960 Configuration

sh running-config interface Gi1/0/51
Building configuration...

Current configuration : 185 bytes
!
interface GigabitEthernet1/0/51
description TO-SW-IT
switchport trunk native vlan 99
switchport trunk allowed vlan 2,3
switchport mode trunk
spanning-tree bpdufilter enable
end

I'm really confused why this happened, can anybody help me ?

Thanks..

ranraju · ‎11-30-2015

Hi,

Can you find out what is connected on gig1/0/51 on the 2960 switch. It could be looping packets into the network.

Provide "show cdp neigh" output from the 2960 switch.

Also can you update a topology diagram to know what devices are connected to 2960 on gig1/0/51, gig1/0/16, gig1/0/34, gig1/0/27, gig1/0/25 etc...

Regards,

Ranganath

View solution in original post

sambhaji.banapure1 · ‎11-30-2015

spanning-tree bpdufilter enable

Please remove this one as normally we use BPDU filter on access port .

BPDUs are the messages exchanged between switches to calculate the spanning tree topology. BPDU filter is a feature used to filter sending or receiving BPDUs on a switchport.

It is extremely useful on those ports which are configured as portfast ports as there is no need to send or receive any BPDU messages on of these ports.

BPDU filter can be configured globally or under the interface level. When configured globally all portfast enabled ports stop sending and receiving BPDUs, but if a BPDU is received on the port it gets out of the portfast state and normally participate in the spanning tree calculations.

**Also use portfast command with BPDU guard to check is there is any BPDU message is receiving and later please check any port goes into errordisabled state due to viloation.

Please use above troubleshooting steps .

Please update.

Thanks

Sam

AfidzRIght21 · ‎12-02-2015

Hi sambhaji.banapure1,

on int Gi1/0/51 I've tried without spanning-tree bpdufilter enable, if without spanning-tree bpdufilter and sh mac address-table interface Gi1 / 0/51, nothing mac address that appears from VLAN 3, it like VLAN 3 can not be up to sw 2960..

it makes me very confused..

mukesh.kumar1000 · ‎07-12-2017

Hi I am getting message of

%SW_MATM-4-MACFLAP_NOTIF: Host 7070.0d01.6fef in vlan 632 is flapping between port Gi1/0/1 and port Po21

%SW_MATM-4-MACFLAP_NOTIF: Host d0c5.f3aa.f944 in vlan 632 is flapping between port Po21 and port Gi1/0/1

%SW_MATM-4-MACFLAP_NOTIF: Host a4e4.b80b.77f4 in vlan 622 is flapping between port Gi1/0/1 and port Po21

#sho int gi1/0/1

GigabitEthernet1/0/1 is up, line protocol is up (connected)

Hardware is Gigabit Ethernet, address is 38ed.18ac.3c81 (bia 38ed.18ac.3c81)

MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive set (10 sec)

Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX

input flow-control is off, output flow-control is unsupported

ARP type: ARPA, ARP Timeout 04:00:00

Last input 00:00:22, output never, output hang never

Last clearing of "show interface" counters never

Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/40 (size/max)

5 minute input rate 4000 bits/sec, 2 packets/sec

5 minute output rate 5000 bits/sec, 7 packets/sec

173613 packets input, 59817402 bytes, 0 no buffer

Received 8604 broadcasts (5586 multicasts)

0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 watchdog, 5586 multicast, 0 pause input

0 input packets with dribble condition detected

421473 packets output, 63507549 bytes, 0 underruns

0 output errors, 0 collisions, 1 interface resets

1357 unknown protocol drops

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier, 0 pause output

0 output buffer failures, 0 output buffers swapped out

OMR-OPE20-AS2#sho int po21

Port-channel21 is up, line protocol is up (connected)

Hardware is EtherChannel, address is 38ed.18ac.3cb8 (bia 38ed.18ac.3cb8)

Description: IOxx:OMR-OPE20-CS1_Po202

MTU 1500 bytes, BW 20000000 Kbit/sec, DLY 10 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive set (10 sec)

Full-duplex, 10Gb/s, link type is auto, media type is

input flow-control is off, output flow-control is unsupported

Members in this channel: Te1/1/3 Te1/1/4

ARP type: ARPA, ARP Timeout 04:00:00

Last input 00:00:00, output never, output hang never

Last clearing of "show interface" counters never

Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/40 (size/max)

5 minute input rate 3667000 bits/sec, 474 packets/sec

5 minute output rate 580000 bits/sec, 277 packets/sec

7533152 packets input, 4981625072 bytes, 0 no buffer

Received 2075938 broadcasts (1491992 multicasts)

0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 watchdog, 1491992 multicast, 0 pause input

0 input packets with dribble condition detected

3436517 packets output, 845492443 bytes, 0 underruns

0 output errors, 0 collisions, 1 interface resets

0 unknown protocol drops

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier, 0 pause output

0 output buffer failures, 0 output buffers swapped out

Flags: D - down P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator

M - not in use, minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
d - default port

Number of channel-groups in use: 1
Number of aggregators: 1

Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
21 Po21(SU) LACP Te1/1/3(P) Te1/1/4(P)

#sho cdp nei

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge

S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,

D - Remote, C - CVTA, M - Two-port Mac Relay

Device ID Local Intrfce Holdtme Capability Platform Port ID

XYZ-OPE20-CS1 Ten 1/1/3 133 R S I WS-C4500X Ten 1/2/5

XYZ-OPE20-CS1 Ten 1/1/4 133 R S I WS-C4500X Ten 2/2/5

XYZ-OPE20-AP6 Gig 1/0/1 177 T B I AIR-CAP37 Gig 0

bmw0554F8C638C Gig 1/0/5 128 H P M IP Phone Port 1

ranraju · ‎11-30-2015

Hi,

Can you find out what is connected on gig1/0/51 on the 2960 switch. It could be looping packets into the network.

Provide "show cdp neigh" output from the 2960 switch.

Also can you update a topology diagram to know what devices are connected to 2960 on gig1/0/51, gig1/0/16, gig1/0/34, gig1/0/27, gig1/0/25 etc...

Regards,

Ranganath

AfidzRIght21 · ‎12-02-2015

a topology diagram ..

on the switch 2960, int Gi1/0/51 is the uplink (Vlan2), except it is a lan connection (vlan 3), and plugged to device like a PC, laptop, printer etc.

Wizard4777 · ‎11-07-2024

so what was the resolution?

nikhil kumar1 · ‎11-10-2024

Try this, it worked for me.

%SW_MATM-4-MACFLAP_NOTIF or MAC Flapping Cisco Switch

LJ Gabrillo · ‎12-01-2015

Woah, we need to resolve that flapping ASAP. it can lead to looping w/c is really not a nice problem.

Why do you have "spanning-tree bpdufilter enable" on a trunk switch?
-I am assuming that that is connected on another switch, make sure to enable that, that will add to furhter issues in the future. BPDU is important becuase that is how Spanning-tree is negotiated between switches, without that, your STP is haywired.

Im guessing, both of those affected ports are connected to one device/switch, hence the flapping.
Since you enabled BPDU Filter it is not processing BPDU making both ports into 'forwarding state' causing the flapping

Try to remove that line of config, e.g., disable bpdufilter
#conf t
#interface g1/0/51
#no spanning-tree bpdufilter

AfidzRIght21 · ‎12-02-2015

Hi LJ Gabrillo

on int Gi1/0/51 I've tried without spanning-tree bpdufilter enable, if without spanning-tree bpdufilter and sh mac address-table interface Gi1 / 0/51, nothing mac address that appears from VLAN 3, it like VLAN 3 can not be up to sw 2960..

it makes me very confused..

peter sithole · ‎04-18-2019

Check you don't have a loop on the network

sunil_mil · ‎06-04-2019

I have also same issue.

Below are the logs and configuration:

Jun 5 04:06:50.940: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/26, changed state to up
Jun 5 04:22:27.752: %SW_MATM-4-MACFLAP_NOTIF: Host 28b2.bdc9.e947 in vlan 1 is flapping between port Gi1/0/37 and port Gi1/0/38
Jun 5 05:05:48.890: %SW_MATM-4-MACFLAP_NOTIF: Host 1c42.7de6.d3c1 in vlan 1 is flapping between port Gi1/0/37 and port Gi1/0/38

MIL3850#sh run int gi1/0/37
Building configuration...

Current configuration : 39 bytes
!
interface GigabitEthernet1/0/37
end

MIL3850#sh run int gi1/0/38
Building configuration...

Current configuration : 39 bytes
!
interface GigabitEthernet1/0/38
end

Port 37 and 38 have no configuration, connected to Cisco AP, still facing this issue

Jun 5 05:10:52.146: %SW_MATM-4-MACFLAP_NOTIF: Host 90dd.5d15.1c82 in vlan 1 is flapping between port Gi1/0/38 and port Gi1/0/37
Jun 5 05:13:27.397: %SW_MATM-4-MACFLAP_NOTIF: Host e0ca.948a.f74a in vlan 1 is flapping between port Gi1/0/38 and port Gi1/0/37
Jun 5 05:14:28.837: %SW_MATM-4-MACFLAP_NOTIF: Host 20a2.e424.64df in vlan 1 is flapping between port Gi1/0/37 and port Gi1/0/38
Jun 5 05:21:40.664: %SW_MATM-4-MACFLAP_NOTIF: Host d81d.7211.fd53 in vlan 1 is flapping between port Gi1/0/37 and port Gi1/0/38
Jun 5 05:44:12.518: %SW_MATM-4-MACFLAP_NOTIF: Host 0825.2580.0037 in vlan 1 is flapping between port Gi1/0/38 and port Gi1/0/37
Jun 5 06:00:11.654: %SW_MATM-4-MACFLAP_NOTIF: Host a44e.311c.dd88 in vlan 1 is flapping between port Gi1/0/37 and port Gi1/0/38

MIL3850#sh cdp ne
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay

Device ID Local Intrfce Holdtme Capability Platform Port ID
sw1.meridian.co.in
Gig 1/0/48 159 S I WS-C2960- Gig 0/1
cm Gig 1/0/1 135 H VMware eth0
SEPbc671cdcd41e Gig 1/0/29 173 H P C IP Phone Port 1
SEP00082fb63b52 Gig 1/0/30 119 H P C IP Phone Port 1
SEP9c57adf4c315 Gig 1/0/28 178 H P C IP Phone Port 1
SEPbc671cddcf87 Gig 1/0/13 177 H P C IP Phone Port 1
MIL_Office_B Gig 1/0/38 151 R T AIR-AP185 Gig 0
CuCm.meridian.co.in
Gig 1/0/1 168 H VMware eth0
SEPDCA5F487278E Gig 1/0/23 144 H P M IP Phone Port 1
MIL-WAP-02.meridian.co.in
Gig 1/0/37 150 T B I AIR-LAP11 Gig 0.1
MILWLC2504-05 Gig 1/0/2 134 H AIR-CT250 Gig 0/0/1
SEPE4C72268EA6B Gig 1/0/45 164 H P CTS-CODEC eth0
SEP7c95f3c8e371 Gig 1/0/20 170 H P C IP Phone Port 1
SEPFCFBFBCB6341 Gig 1/0/16 150 H P M IP Phone Port 1
SEPFCFBFBCB6250 Gig 1/0/11 139 H P M IP Phone Port 1
SEP689CE2E7701E Gig 1/0/9 165 H P M IP Phone Port 1
SEP0004f2f799de Gig 1/0/36 175 H P IP Phone port 1

Device ID Local Intrfce Holdtme Capability Platform Port ID
SEPFCFBFBCB62ED Gig 1/0/21 139 H P M IP Phone Port 1
SEPFCFBFBCB6185 Gig 1/0/32 137 H P M IP Phone Port 1
SEP00082fb615df Gig 1/0/25 123 H P C IP Phone Port 1
SEP00082fb61656 Gig 1/0/19 174 H P C IP Phone Port 1
SEP7c95f3c8ef8a Gig 1/0/31 172 H P C IP Phone Port 1
SEP7c95f3c8e358 Gig 1/0/12 171 H P C IP Phone Port 1
SEPFCFBFBCB5FE8 Gig 1/0/18 123 H P M IP Phone Port 1
SEP00082fb64513 Gig 1/0/17 170 H P C IP Phone Port 1
SEP7c95f3c8f139 Gig 1/0/46 168 H P C IP Phone Port 1
SEP00082fb63e1f Gig 1/0/14 160 H P C IP Phone Port 1
MIL-WAP-Terrace Gig 1/0/39 133 T B I AIR-LAP11 Gig 0.1
ISE24 Gig 1/0/47 153 H ISE-VM-K9 eth0
isr.meridian.co.in
Gig 1/0/6 147 R S I CISCO2911 Gig 0/0

Total cdp entries displayed : 30

alok.sahu · ‎01-03-2020

Hi ,

I am also facing same issue , getting message 2-3 times in a day

%SW_MATM-4-MACFLAP_NOTIF: Host xxxx.xxxx.xxxx vlan 3 is flapping between port Gi1/0/14 and port Gi1/0/21

Due to this Cisco Switch Interface gets down and shows following message :

GigabitEthernet10/14 is down, line protocol is down (err-disabled)

Please help me to sort out issue.

anuarus · ‎02-05-2020

i have the same issue on my network, but it came down to wireless access points broadcasting the same mac on the same vlan, and the host was an apple phone,

part of the issue will be with the APs broadcasting their mac address tables to the switch and if the phone or the AP's are attempting to "load balance" then the mac will show coming in from 2 ports,

in this case it was a setting on the AP that needed to be changed so the AP will not load balance, and will just move the connection for that device.

nadogabi201499123 · ‎08-11-2020

Could you present the configuration applied in the AP, so that I can verify?
I have a problem very similar to the one you had, but these are SAMSUNG phones

Thank you.