10-15-2013 06:49 AM - edited 07-04-2021 01:05 AM
Two clients (PC's) -> 2960 -> WGB (1242) -> LWAPP (1131) -> 4505 -> WLC
I have two clients (Fa0/1 & Fa0/5) on a 2960 switch and one WGB (1242) connected on Gi0/1 of the same switch. The WGB thats connected to my switch and supports my two clients connects to an LWAPP (1131). I am getting the following error message on the 2960 connected to the WGB:
%SW_MATM-4-MACFLAP_NOTIF: Host xxxx.xxxx.abcd in vlan 20 is flapping between port Gi0/1 and port Fa0/5
%SW_MATM-4-MACFLAP_NOTIF: Host xxxx.xxxx.dcba in vlan 20 is flapping between port Gi0/1 and port Fa0/1
The WGB does not roam. I've tried several different laptops, different 2960's and multiple IOS versions. Any ideas on this?
10-15-2013 09:18 AM
HI Jay,
A MAC Flap is caused when a switch receives packets from two different interfaces with the same source MAC address. If you are getting the behaviour for a lot of other MACs, that most likely is a layer 2 loop.
You can use port-security feature to avoid such kind of this issues,
Use the switchport port-security interface configuration command without keywords to enable port security on the interface. Use the keywords to configure secure MAC addresses, sticky MAC address learning, a maximum number of secure MAC addresses, or the violation mode.
Use the no form of this command to disable port security or to set the parameters to their default states.
switchport port-security [aging] [violation {protect | restrict | shutdown | shutdown vlan}]
Hope it helps.
Regards
10-15-2013 09:40 AM
Thanks for the reply sandeepchoudhary21,
Even if I use a single client on the switch, it always flapps with the Gi0/1 interface connected to the WGB. I'm not using etherchannels and spanning-tree is turned on. If I unplug the 2960 connected to the WGB and connect it to a switch on the same network all mac flapping stops. If I plug a single client into the WGB without using the switch, all mac flapping stops. If I unplug all clients and leave just the switch connected to the WGB, all mac flapping stops.
1 client -> 2960 -> WGB -> LWAPP -> Core --- mac flapping
1 client -> WGB -> LWAPP -> Core --- no flapping
2960 -> WGB -> LWAPP -> Core --- no flapping
1 client -> 2960 -> 2960 -> Core --- no flapping
10-15-2013 01:10 PM
Normally WGB advertise its bridge table via IAPP to upstream device. I think when bridge table ageout, it will learn the MAC address from upstream.
If you could try adding permenant entry on your WGB for the client behind WGB we can confirm this. You can use follwing CLI syntax to do this. "show bridge" output in your WGB will give you necessary detail to configure it
bridgeaddress forward
Give it a try & see whether it helps
Also read these two post which may help you as well.
http://mrncciew.com/2013/06/16/ios-ap-wgb-with-multiple-vlan/
http://mrncciew.com/2013/06/16/unified-ap-wgb-with-multiple-vlan/
HTH
Rasika
**** Pls rate all useful responses ****
10-16-2013 09:12 AM
Thanks for the reply rasikanayanajith,
I added the static mac entry into the WGB for the client that was mac flapping on the 2960. I let the command run overnite to see if it helped. It did seem to supress the flapping however every hour it flapped then 20 minutes or so it flapped again. This continued all through the night and untill I arrived. Different clients (laptops) I've tested however flapped at different rates. However I noticed I added the mac of the client in the WLC because we use mac-filtering for this WLAN. As soon as I took the clients mac out of the WLC all traffic stopped. I then took the no bridge 1 address xxxx.xxxx.xxxx forward Fa 0.20 command out and the client resumed connectivity with mac flapping.
Is there something I need to try on the WLC or LWAPP ap I'm connected to?
Message was edited by: John Martin
10-16-2013 11:17 AM
Hi John,
Is it possible to test this with a WLAN which is not using MAC Filterning. I would like to test whether adding the client MAC address in WLC MAC-Filtering table could cause this ?
HTH
Rasika
**** Pls rate all useful responses ****
10-16-2013 02:01 PM
Rasika,
I tried it on another WLAN that does not have mac-filtering at the WLC level. I'm still getting the same issue. Should I try a static mac for the clients port on the 2960 instead?
10-17-2013 09:20 AM
I found two ways to resolve the issue. The first fix was a static mac entry mac address-table static xxxx.xxxx.xxxx vlan 20 interface fastEthernet 0/5. We did not go with this option because different wired clients will be moving on and off switch. So the second option that fixed the mac flapping and is more versatile was the following port level security commands below:
interface FastEthernet0/5
switchport access vlan 20
switchport mode access
switchport port-security maximum 1 vlan access
switchport port-security
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide