Jump to content


MATM-4-MACFLAP_NOTIF


  • Please log in to reply
5 replies to this topic

#1 assasini

assasini

    Member

  • Members
  • PipPip
  • 71 posts
  • Gender:Male
  • Location:Mount Olympus

Posted 06 November 2008 - 04:10 PM

Hi,

I am working on this issue from last couple of days and still doesn't have any clue ..I am logged onto this switch remotely and have no visibility of physical connection except digging into switch itself.

I am getting this errors messege contineously :

3310690: Nov 6 05:42:27: %SW_MATM-4-MACFLAP_NOTIF: Host 0050.5692.23e8 in vlan 4 is flapping between port Gi2/0/23 and port Gi1/0/19
3310689: Nov 6 05:42:21: %SW_MATM-4-MACFLAP_NOTIF: Host 0050.56a9.017c in vlan 1010 is flapping between port Gi1/0/19 and port Gi2/0/23
3310688: Nov 6 05:42:19: %SW_MATM-4-MACFLAP_NOTIF: Host 0050.56a9.51d9 in vlan 5 is flapping between port Gi1/0/19 and port Gi2/0/23

xxxxxxxx# sh run int gig1/0/19
!
interface GigabitEthernet1/0/19 <--------- this is up/up
description to xxxxxx failover
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 3-6,10-12,1006,1010,1025
switchport mode trunk
end

xxxxxxxxx#sh run int gig2/0/23
!
interface GigabitEthernet2/0/23 <----- This is up/up
description to xxxxxxx 2nd port
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 3-6,10-12,1006,1010,1025
switchport mode trunk
channel-group 11 mode active
end

interface GigabitEthernet1/0/18 <---- This is admin down
description to xxxxxxxx 1st port
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 3-6,10-12,1006,1010,1025
switchport mode trunk
shutdown
channel-group 11 mode active


interface Port-channel11
description 1/0/18 2/0/23 to xxxxxxxx
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 3-6,10-12,1006,1010,1025
switchport mode trunk

interface Port-channel11
description 1/0/18 2/0/23 to xxxxxxx
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 3-6,10-12,1006,1010,1025
switchport mode trunk


xxxxxxxx#sh int port-channel 11
Port-channel11 is down, line protocol is down (notconnect)


Please Help..
  • 0

#2 n00b13

n00b13

    Cisco Routing expert

  • Members
  • PipPipPipPipPip
  • 1372 posts
  • Gender:Male
  • Location:Australia

Posted 06 November 2008 - 04:49 PM

Whats on the other end?

The descriptions say "failover"... Is there something failing over at the other end?

Is there a switch/hub causing dramas at the other end?

Show cdp n?

Show arp from a router a nearby shows what IPs? Can you ping the IP? Can you resolve it to a hostname to identify what individual box it is? i[fp]config on the appropriate hosts to see what hosts have that mac address.
  • 0

#3 assasini

assasini

    Member

  • Members
  • PipPip
  • 71 posts
  • Gender:Male
  • Location:Mount Olympus

Posted 06 November 2008 - 06:26 PM

Whats on the other end?

The descriptions say "failover"... Is there something failing over at the other end?

Is there a switch/hub causing dramas at the other end?

Show cdp n?

Show arp from a router a nearby shows what IPs? Can you ping the IP? Can you resolve it to a hostname to identify what individual box it is? i[fp]config on the appropriate hosts to see what hosts have that mac address.


Other end is a Windows/HP server. I dont have control to this.
Show cdp neighbor doesn't show any thing on gig1/0/19 and gig2/0/23 ports.
Show arp doesn't have any MAC addresses which are flapping. All the MAC in arp are from Vlan999 ( management VLAN ).

BUT
I got the IP by resolving Hostname and the guy who manage it. Now I can coordinate with him.

N00b13 rocks..
  • 0

#4 amol0009in_7

amol0009in_7

    Super Member

  • Members
  • PipPipPipPip
  • 612 posts
  • Gender:Male
  • Location:Mumbai
  • Interests:Chess,<br />Technical Forums

Posted 09 November 2008 - 07:53 PM

Can lead to high cpu utilization
  • 0

#5 sabbione

sabbione

    Advanced Member

  • Members
  • PipPipPip
  • 217 posts
  • Gender:Male
  • Location:Belgium

Posted 09 November 2008 - 08:45 PM

It is very important that you figure out if both port Gi2/0/23 and port Gi1/0/19 are connected to the same HP server or not.

The reason is simple, if they are connected to the same server (with dual NICs) what you see is some kind of load balancing mechanism done on server side (NIC teaming or so) for which both NICs are sending frames sourced by same MAC at the same time.

This is not recommended as you force the switch to learn the same MAC over and over. Since this operation is done in software by the CPU you can hit a High CPU condition too

IF your switcch is a 3550/3750 the impact is minimal, as the CPU queue reserved for MAC learning is limited and if it is full no more new MAC are punted to the CPU. So the CPU won't go too high but of course the switch won't learn new MAC while the queue is dropping leading to flooding of unknown unicast addresses.

If your switch is a 4500 the CPU can go as high as 100% depending on how much traffic is flapping across the 2 ports. That can lead to same unicast flooding issue plus, if the issue is very heavy, drops of control traffic.

If your switch is a 6500 just ignores it as it can handle it without no issue.

By the checking those macaddresses they come from vmware, so they are virtual. You really need to work with the admistritor to figure out what he did.

Ask the administrator to use a different load balancing scheme. Ideally they should keep one port in standby while the other transmits. If they need both ports to transmit at the same time the traffic should be sourced from 2 different MAC or else you will always see the flapping. They can configure a unique multicast MAC address but you need to know what you do as you can have other problems depending on the platforms you have.

------

If they are connected to 2 different servers they are clearly misconfigured and vmware is on both of them but it is configured to use the same MAC address on the 3 vlans. Solution> tell the administror to change them (and to stop messing up with your network)

--------

If they are connected to 2 switches (it might still be as those ports are trunk even if cdp is disabled) you are having a loop on those vlans.
How to fix it: draw a topology of those vlans including all the bridges and their ports. check the status of each one and make sure that one (or multiple) are in BLK state and therefore you don't have some redundant path active. Use "show span vlan x detail" to see if TCNs are increasing.
If you have redundant path and you dont how how to troubleshoot STP issues go ahead and confire spanning tree loopguard on all your switches. If your gears all all cisco configure also UDLD.

Good luck
Riccardo
  • 0

#6 amol0009in_7

amol0009in_7

    Super Member

  • Members
  • PipPipPipPip
  • 612 posts
  • Gender:Male
  • Location:Mumbai
  • Interests:Chess,<br />Technical Forums

Posted 10 November 2008 - 02:06 PM

This is not recommended as you force the switch to learn the same MAC over and over. Since this operation is done in software by the CPU you can hit a High CPU condition too

IF your switcch is a 3550/3750 the impact is minimal, as the CPU queue reserved for MAC learning is limited and if it is full no more new MAC are punted to the CPU. So the CPU won't go too high but of course the switch won't learn new MAC while the queue is dropping leading to flooding of unknown unicast addresses.

If your switch is a 4500 the CPU can go as high as 100% depending on how much traffic is flapping across the 2 ports. That can lead to same unicast flooding issue plus, if the issue is very heavy, drops of control traffic.

If your switch is a 6500 just ignores it as it can handle it without no issue.


Nice Thing! i learned something, i knew abt 4500 but not of 3550/3750 and 6500
  • 0





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users