Re: Unstable MAC entries between between Cisco 2960 and Engineering switches

Chigo · ‎12-21-2018

Hello Everyone

wondering if anyone has come across a similar issue to this, I have dealt with switching loops in the past but this one seems a little different!

The attached diagram shows our standard factory cab setup, I am new to the company so it is not my design or choice of equipment :-)

The issue I am seeing is MAC addresses on the Stratix (Cisco based) switch randomly seen via the uplink port (6) instead of their actual connected ports (1-3). Previously when I have dealt with similar issues I have noted MAC addresses hopping around the switch infrastructure and eventually found a loop, in this case though, from the perspective of the Cisco switches, the MAC address locations are always correct, i.e. off the uplink port to the Stratix (I can trace from anywhere within the network and they lead back to here).

You would think it is an issue with the Stratix, but they have various switches both managed and unmanaged and they all display similar issues. By the way, the reason for the access port (VLAN 4) is down to the fact they have lots of unmanaged switches also, so we are unable to bring the VLAN down to the factory switch.

Does anyone have any clues where I could go with this next? I'm guessing there are some debug commands for MAC propagation but I can't seem to find them!

Thanks for any help!

Colin

paul driver · ‎12-21-2018

Hello

@Chigo wrote:

The issue I am seeing is MAC addresses on the Stratix (Cisco based) switch randomly seen via the uplink port (6) instead of their actual connected ports (1-3). Previously when I have dealt with similar issues I have noted MAC addresses hopping around the switch infrastructure and eventually found a loop, in this case though, from the perspective of the Cisco switches, the MAC address locations are always correct, i.e. off the uplink port to the Stratix (I can trace from anywhere within the network and they lead back to here).

You would think it is an issue with the Stratix, but they have various switches both managed and unmanaged and they all display similar issues. By the way, the reason for the access port (VLAN 4) is down to the fact they have lots of unmanaged switches also, so we are unable to bring the VLAN down to the factory switch.

Does anyone have any clues where I could go with this next? I'm guessing there are some debug commands for MAC propagation but I can't seem to find them!

Thanks for any help!

Colin

Is is possible that hosts on these unmanaged switches hanging off this Stratix switch are also connecting wireless to a access point that is physically connected to either the 2960 or 3850 switches thus intermittently mac flapping is being seen of those host mac addresses on the uplink port 6?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Georg Pauwen · ‎12-21-2018

Hello,

I have checked for bugs, the only one that sort of comes close to what you describe is the one below (and the Rockwell Stratix 5900 is listed as one of the affected platforms).

ARP reply is sent from the backup interface
CSCvg51936
Description
Symptom:
ARP reply is sent from the backup interface instead of
the active interface resulting in other host learning
and having the wrong MAC address in its ARP table.

Conditions:
The issue could occur during boot up when a device
configured with backup interface receives an ARP
request before backup feature takes effect.

When this occurs, the device configured with backup
interface will reply to the ARP request with both
the active and backup interfaces.

Due to this behavior, sometimes it may result in cases
where the last ARP reply will be the one sent from the
backup interface instead of the active interface.

The host receiving such ARP reply will have the wrong
MAC address in its ARP table and it could take a maximum
of four hours until ARP times out and ARP table refreshes
with the correct MAC address.

Other conditions could be that the neighboring switch has
portfast enabled on the interface connecting to the backup
interface or spanning-tree is disabled.

Workaround:
Proactive measures:
- Configure "backup interface" on the higher number interface.

interface GigabitEthernet0/0

interface GigabitEthernet0/1
backup interface GigabitEthernet0/0

- Disable portfast on the neighboring switch connecting to the backup interface.
- Enable spanning-tree on the neighboring switch for the vlan connecting to the backup interface.

Reactive measures:
- Shutdown/no shutdown the active interface.
- Clear ARP on the host with wrong MAC address in its ARP table.

Chigo · ‎01-02-2019

Hi Guys

thanks for the responses.

Regards wifi, that's not a possibility I'm afraid. The 3 devices connected to the Stratix have no wifi adaptor, only a wired NIC so that pretty much rules that out and points me to the switches. I'm kind of leaning more towards the Cisco switches as we see this behaviour across multiple factory switch vendors, including same symptoms with an unmanaged switch in place.

The bug listed doesn't mention my models of switch, though the 2960s I believe are quite buggy (they're running c2960x-universalk9-mz.152-2.E6 which has caused issues elsewhere requiring workarounds).

I'm tempted to just up the IOS to a later version but would be keen to know if there are any additional useful debugs I can run to troubleshoot.

Also, the proactive workaround (backup interface) command doesn't seem to be available on the switch so guessing this is a router command? Portfast is disabled on the uplinks.

Thanks

Colin

paul driver · ‎01-02-2019

Hello Collin

Before you do anything like an ios upgrade can you provide some additional information please?
Looking at the diagram you posted there in only one access port connection from the cisco 2960's and the stratix 5700's meaning there is no other way for these stratix devices can be interconnected via any other switch then its one parent cisco correct?

Now

@Chigo wrote:
By the way, the reason for the access port (VLAN 4) is down to the fact they have lots of unmanaged switches also, so we are unable to bring the VLAN down to the factory switch.

You say these stratix devices are cisco based but you have the 2960 in vlan 4 and the stratix in vlan 1 in an access port status which seems old as it shouldn't work or is there something i am missing?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Chigo · ‎01-02-2019

Hi Paul

yes that's correct, just a single uplink between the Stratix and the Cisco 2960.

The reason (I believe) for the access port on the 2960 is that it could be any one of 4 switches doing the job of the Stratix. The site engineering departments keep a stock of a mix of factory switches (any one of which could be used in a failure event), some of which are unmanaged and all ports just need to drop into VLAN 4, which they do by default when they hit the wider network at the 2960.

So yes, it does work just by the fact we are talking untagged traffic on the Stratix and Cisco access port. Not a design or devices of my choosing as I mentioned and will likely change in future when I have the funds, but, something I have to work with for the time being :)

Thanks

Colin