%SW_MATM-4-MACFLAP_NOTIF On Switch WS-C3850-24XS Staging

iswanceko · ‎05-16-2024

Hello Good Night

Sorry i have a problem for my network, for you information my topologi network is

Switch Core (WS-C3850-24XS Staging)

Switch Access 1 WS-C2960X-48TD-L

Switch Access 2 WS-C2960X-48TD-L

Switch Access 3 WS-C2960X-48TD-L

Switch Access 4 WS-C2960X-24PD-L (POE)

Switch Access 5 WS-C2960X-24PD-L

Switch Access 6 WS-C2960X-48TD-L

Switch Access 7 WS-C3850-24XS

Connection from switch core to 7 switch access with etherchannel, but in my log core switch there is
problem. This is a problem

May 16 21:51:24.849: %SW_MATM-4-MACFLAP_NOTIF: Host 007c.2dfb.47e4 in vlan 12 is flapping between port Po1 and port Po3
May 16 21:51:25.045: %SW_MATM-4-MACFLAP_NOTIF: Host 1062.e513.13b7 in vlan 10 is flapping between port Po4 and port Po3
May 16 21:51:25.167: %SW_MATM-4-MACFLAP_NOTIF: Host 1062.e513.1af5 in vlan 10 is flapping between port Po4 and port Po1
May 16 21:51:25.185: %SW_MATM-4-MACFLAP_NOTIF: Host 10e7.c62c.e307 in vlan 8 is flapping between port Po6 and port Po4
May 16 21:51:25.504: %SW_MATM-4-MACFLAP_NOTIF: Host cc70.ed02.d768 in vlan 3 is flapping between port Po3 and port Po11
May 16 21:51:25.531: %SW_MATM-4-MACFLAP_NOTIF: Host 3c52.8279.46fe in vlan 15 is flapping between port Po1 and port Po4
May 16 21:51:25.595: %SW_MATM-4-MACFLAP_NOTIF: Host 6022.32a2.2c29 in vlan 29 is flapping between port Po3 and port Po4
May 16 21:51:25.633: %SW_MATM-4-MACFLAP_NOTIF: Host 1062.e513.1ac3 in vlan 10 is flapping between port Po4 and port Po3
May 16 21:51:25.645: %SW_MATM-4-MACFLAP_NOTIF: Host 10e7.c62b.7f4c in vlan 8 is flapping between port Po4 and port Po6
May 16 21:51:25.655: %SW_MATM-4-MACFLAP_NOTIF: Host 8469.938a.c718 in vlan 10 is flapping between port Po2 and port Po4
May 16 21:51:25.723: %SW_MATM-4-MACFLAP_NOTIF: Host 9cd6.4388.e20e in vlan 10 is flapping between port Po4 and port Po6
May 16 21:51:25.835: %SW_MATM-4-MACFLAP_NOTIF: Host 245a.4ca4.cdbd in vlan 24 is flapping between port Po4 and port Po1
May 16 21:51:25.901: %SW_MATM-4-MACFLAP_NOTIF: Host fefc.fea2.3acc in vlan 16 is flapping between port Po1 and port Po3
May 16 21:51:26.012: %SW_MATM-4-MACFLAP_NOTIF: Host 10e7.c633.3a6f in vlan 8 is flapping between port Po4 and port Po3
May 16 21:51:26.380: %SW_MATM-4-MACFLAP_NOTIF: Host c018.03c0.9326 in vlan 15 is flapping between port Po3 and port Po6
May 16 21:51:26.515: %SW_MATM-4-MACFLAP_NOTIF: Host 8cec.4b40.c30f in vlan 6 is flapping between port Po1 and port Po6
May 16 21:51:26.587: %SW_MATM-4-MACFLAP_NOTIF: Host b00c.d121.7c9d in vlan 16 is flapping between port Te2/0/23 and port Po4
May 16 21:51:26.872: %SW_MATM-4-MACFLAP_NOTIF: Host 1062.e513.14c0 in vlan 10 is flapping between port Po4 and port Po1
May 16 21:51:26.977: %SW_MATM-4-MACFLAP_NOTIF: Host c8d9.d21f.65c2 in vlan 8 is flapping between port Po4 and port Po6
May 16 21:51:27.577: %SW_MATM-4-MACFLAP_NOTIF: Host 2067.7cd4.0098 in vlan 7 is flapping between port Po4 and port Po7
May 16 21:51:27.645: %SW_MATM-4-MACFLAP_NOTIF: Host dcf7.19b8.6628 in vlan 29 is flapping between port Po1 and port Po3
May 16 21:51:28.286: %SW_MATM-4-MACFLAP_NOTIF: Host 2067.7cd4.61e6 in vlan 7 is flapping between port Po1 and port Po7
May 16 21:51:28.607: %SW_MATM-4-MACFLAP_NOTIF: Host f439.092c.ae4b in vlan 10 is flapping between port Po4 and port Po6
May 16 21:51:29.087: %SW_MATM-4-MACFLAP_NOTIF: Host 10e7.c62b.7f5e in vlan 8 is flapping between port Po4 and port Po6
May 16 21:51:31.077: %SW_MATM-4-MACFLAP_NOTIF: Host fefc.fee6.d38b in vlan 5 is flapping between port Po4 and port Te1/0/17

---------------------------------------------------------------

My configuration core switch in interface flapping

CSW3A01#sh running-config int po1
Building configuration...

Current configuration : 113 bytes
!
interface Port-channel1
description "ASW3A01"
switchport trunk native vlan 2
switchport mode trunk
end

CSW3A01#sh running-config int po3
Building configuration...

Current configuration : 113 bytes
!
interface Port-channel3
description "ASW3A03"
switchport trunk native vlan 2
switchport mode trunk
end

CSW3A01#sh running-config int po4
Building configuration...

Current configuration : 113 bytes
!
interface Port-channel4
description "ASW3A04"
switchport trunk native vlan 2
switchport mode trunk
end

CSW3A01#sh running-config int po6
Building configuration...

Current configuration : 113 bytes
!
interface Port-channel6
description "ASW3A06"
switchport trunk native vlan 2
switchport mode trunk
end

CSW3A01#sh running-config int po7
Building configuration...

Current configuration : 113 bytes
!
interface Port-channel7
description "ASW3A07"
switchport trunk native vlan 2
switchport mode trunk
end

CSW3A01#sh running-config int te1/0/17
Building configuration...

Current configuration : 137 bytes
!
interface TenGigabitEthernet1/0/17
description TRUNK_Server_HOST
switchport trunk allowed vlan 5,8,16,22,29
switchport mode trunk
end

CSW3A01#sh running-config int te2/0/23
Building configuration...

Current configuration : 131 bytes
!
interface TenGigabitEthernet2/0/23
description TO ASW35LOGISTIK
switchport trunk native vlan 2
switchport mode trunk
end

---------------------------------------------------------------

My global configuration

diagnostic bootup level minimal
!
spanning-tree mode rapid-pvst
spanning-tree loopguard default
spanning-tree extend system-id

---------------------------------------------------------------

Spanning-tree summary

CSW3A01# sh spanning-tree summary
Switch is in rapid-pvst mode
Root bridge for: none
EtherChannel misconfig guard is enabled
Extended system ID is enabled
Portfast Default is disabled
PortFast BPDU Guard Default is disabled
Portfast BPDU Filter Default is disabled
Loopguard Default is enabled
UplinkFast is disabled
BackboneFast is disabled
Configured Pathcost method used is short

---------------------------------------------------------------

Etherchannel Summary

CSW3A01#sh etherchannel summary
Flags: D - down P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator

M - not in use, minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
d - default port

A - formed by Auto LAG

Number of channel-groups in use: 9
Number of aggregators: 9

Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
1 Po1(SU) LACP Te1/0/1(P) Te2/0/1(P)
2 Po2(SU) LACP Te1/0/2(P) Te2/0/2(P)
3 Po3(SU) LACP Te1/0/3(P) Te2/0/3(P)
4 Po4(SU) LACP Te1/0/4(P) Te2/0/4(P)
5 Po5(SD) LACP Te1/0/5(D) Te2/0/5(D)
6 Po6(SU) LACP Te1/0/10(P) Te2/0/10(P)
7 Po7(SU) LACP Te1/0/21(P) Te2/0/21(P)
11 Po11(SU) - Te1/0/13(P) Te2/0/13(P)
12 Po12(RU) LACP Te1/0/24(D) Te2/0/24(P)

---------------------------------------------------------------

Spanning-tree summary

CSW3A01# sh spanning-tree summary
Switch is in rapid-pvst mode
Root bridge for: none
EtherChannel misconfig guard is enabled
Extended system ID is enabled
Portfast Default is disabled
PortFast BPDU Guard Default is disabled
Portfast BPDU Filter Default is disabled
Loopguard Default is enabled
UplinkFast is disabled
BackboneFast is disabled
Configured Pathcost method used is short

---------------------------------------------------------------

Etherchannel Detail

CSW3A01#sh etherchannel detail
Channel-group listing:
----------------------

Group: 1
----------
Group state = L2
Ports: 2 Maxports = 16
Port-channels: 1 Max Port-channels = 16
Protocol: LACP
Minimum Links: 0

Ports in the group:
-------------------
Port: Te1/0/1
------------

Port state = Up Mstr Assoc In-Bndl
Channel group = 1 Mode = Active Gcchange = -
Port-channel = Po1 GC = - Pseudo port-channel = Po1
Port index = 0 Load = 0x00 Protocol = LACP

Flags: S - Device is sending Slow LACPDUs F - Device is sending fast LACPDUs.
A - Device is in active mode. P - Device is in passive mode.

Local information:
LACP port Admin Oper Port Port
Port Flags State Priority Key Key Number State
Te1/0/1 SA bndl 32768 0x1 0x1 0x102 0x3D

Partner's information:

LACP port Admin Oper Port Port
Port Flags Priority Dev ID Age key Key Number State
Te1/0/1 SA 32768 0cd0.f8a5.8900 7s 0x0 0x1 0x135 0x3D

Age of the port in the current state: 1d:00h:52m:15s

Port: Te2/0/1
------------

Port state = Up Mstr Assoc In-Bndl
Channel group = 1 Mode = Active Gcchange = -
Port-channel = Po1 GC = - Pseudo port-channel = Po1
Port index = 0 Load = 0x00 Protocol = LACP

Flags: S - Device is sending Slow LACPDUs F - Device is sending fast LACPDUs.
A - Device is in active mode. P - Device is in passive mode.

Local information:
LACP port Admin Oper Port Port
Port Flags State Priority Key Key Number State
Te2/0/1 SA bndl 32768 0x1 0x1 0x202 0x3D

Partner's information:

LACP port Admin Oper Port Port
Port Flags Priority Dev ID Age key Key Number State
Te2/0/1 SA 32768 0cd0.f8a5.8900 9s 0x0 0x1 0x134 0x3D

Age of the port in the current state: 1d:00h:52m:28s

Port-channels in the group:
---------------------------

Port-channel: Po1 (Primary Aggregator)

------------

Age of the Port-channel = 1d:00h:53m:44s
Logical slot/port = 12/1 Number of ports = 2
HotStandBy port = null
Port state = Port-channel Ag-Inuse
Protocol = LACP
Port security = Disabled

Ports in the Port-channel:

Index Load Port EC state No of bits
------+------+------+------------------+-----------
0 00 Te1/0/1 Active 0
0 00 Te2/0/1 Active 0

Time since last port bundled: 1d:00h:52m:28s Te1/0/1

Etherchannel Group 2-12 same as Group 1

---------------------------------------------------------------

*In my switch access log there is the same error "Flapping"

Please help and advice

Thank You

balaji.bandi · ‎05-16-2024

you have provided the switch information you have not provided what devices connected to those switch ?

you have wireless device connected to that switch ?

i see on your MAC address list, some are HP, samsung, dlink, ubuite.

is the same MAC address always show in the logs, is the MAC address are different ?

is the logs only issue or any network performance issue ?

i would suggest all the VLAN STP root should be configured on the CORE switch.

example :

spanning-tree vlan 1 priority X

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

iswanceko · ‎05-16-2024

Halo balaji.bandi

you have provided the switch information you have not provided what devices connected to those switch ?

Yes Laptop, Computer, Printer

you have wireless device connected to that switch ?

Yes Access point and Controller

i see on your MAC address list, some are HP, samsung, dlink, ubuite.

Yes is the brand connected in my network

is the same MAC address always show in the logs, is the MAC address are different ?

mostly the same, most of the etherchannel interface

is the logs only issue or any network performance issue ?

When continuous flapping, my network performance issue (switch core and access can't access and network loss)

balaji.bandi · ‎05-19-2024

When continuous flapping, my network performance issue (switch core and access can't access and network loss)

we need to understand your STP topology here, make sure you have setup correct Root bridge for VLAN to be STP root - so Root can not hop different switches - so fix that one.

If you have wireless the MAC flap you see normal when the device roaming.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

iswanceko · ‎05-19-2024

Thank you for your advice

After i check my root bridge in switch access06, not a core switch this is a normal or root bridge does not have to be in the switch core?

------------------------------------------------------------------

CoreSwitch1#sh spanning-tree

VLAN0001
Spanning tree enabled protocol rstp
Root ID Priority 32769
Address 0cd0.f8a4.4300
Cost 1
Port 2382 (Port-channel6)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 34f8.e783.e000
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Te2/0/23 Desg FWD 2 128.119 P2p
Po1 Desg FWD 1 128.2377 P2p
Po2 Desg FWD 1 128.2378 P2p
Po3 Desg FWD 2 128.2379 P2p
Po4 Desg FWD 1 128.2380 P2p
Po6 Root FWD 1 128.2382 P2p
Po7 Desg FWD 1 128.2383 P2p
Po11 Desg FWD 4 128.2387 P2p

------------------------------------------------------------------

SwitchAcces06#sh spanning-tree

VLAN0001
Spanning tree enabled protocol rstp
Root ID Priority 32769
Address 0cd0.f8a4.4300
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0cd0.f8a4.4300
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/35 Desg FWD 4 128.35 P2p
Po6 Desg FWD 1 128.496 P2p

balaji.bandi · ‎05-19-2024

For all the VLAN root bridge should be CORE Switch always for the Layer 2 environment, until any reason for some VLANs to be on access switch for the best practice.

Since CORE Switch is the center point for all the VLAN to communicate, if the access switch go down, the STP convergence take place will have this traffic interruption, and also setup high priority on CORE Switch is preferred

Example :

spanning-tree vlan 1 ?    
  priority      Set the bridge priority for the spanning tree
  root          Configure switch as root

You can also setup root gaurd on por-channel if you like to.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

MHM Cisco World · ‎05-18-2024

Can you draw topolgy

Thanks

MHM

iswanceko · ‎05-19-2024

Hallo MHM Cisco World

This is my topology

Thank You

MHM Cisco World · ‎05-19-2024

So there is no any link interconnect access SW?

For example

flapping between port Po3 and port Po6

Check in core which SW connect to PO3 and PO6'

Go to these SW and do show cdp neighbor' you must see only core SW not other SW' if there is then it can lead to loop.

Check and update me

MHM