Cat 2960 shows mac address port as "Drop"

Similar Messages

• Show mac-address-table

  Given the command show mac-address-table from the privilege exec mode in a cat 2950, the output shows some (i think 4) mac-address tha are system. Do u have any idea what are these mac?

  Hi Dimitris,
  Thanks for writing in. I tried the command on my switch and got the following: Do you see a similar output and is this what you are referring to?
  2950#sh mac-address-table
  Mac Address Table
  Vlan Mac Address Type Ports
  All 0009.7c70.f9c0 STATIC CPU
  All 0100.0ccc.cccc STATIC CPU
  All 0100.0ccc.cccd STATIC CPU
  All 0100.0cdd.dddd STATIC CPU
  0100.0ccc.cccc is used for CDP/VTP/DTP/PAgP/UDLD
  0100.0ccc.cccd is used for PVST+
  0100.0cdd.dddd seems to be related to multicast, however need to confirm on this.
  0009.7c70.f9c0 is the mac address for my management vlan interface.
  2950#sh int vlan 1
  Vlan1 is administratively down, line protocol is down Hardware is CPU Interface, address is 0009.7c70.f9c0 (bia 0009.7c70.f9c0)
  Hope this helps.
  regards
  -Alok

• 6509E with Sup720 - Show mac address

  I have seen very strange behavior. The following two commands show different outputs...
  core2#sho mac address-table dynamic | in cc04
       7  0009.0fbb.cc04   dynamic  Yes        150   Po10
  core2#sho mac address-table address 0009.0fbb.cc04
  Legend: * - primary entry
          age - seconds since last seen
          n/a - not available
    vlan   mac address     type    learn     age              ports
  ------+----------------+--------+-----+----------+--------------------------
  No entries present.
  Po10 is etherchannel to core1. The MAC address is on the core2 and should never be learned on core1. Core1 doesn't learn this MAC address at all.
  The commands are run at the same time. I repeated many times and it is the same... Any idea why?
  Thanks!
  Difan

  Hi Jon,
  Correct, I am not using VSS. However it is not standard set up. The vlan 7 is extended to many other switches. The root is actually not core1 or core2. It also passes some provider to different location as well. However like you said, all the correct ports are blocked. Please trust me on this.. If there is a loop, we will have much more serious problem... At least our CPU will hike and link will congested, right?
  I know your concern that the same packet could be somehow loopped back through core1, which makes core2 to learn the MAC on the port-channel interface to core1. However when this happens, core1 doesn't learn the MAC anywhere and on core2 some command show the MAC but not the other command...
  Also something interesting, even that MAC in the command will eventually disappear. Please note the aging time. The aging time configured on the vlan is 480 seconds. At last the MAC address is pointing to another interface like G1/1. That interface doesn't even have vlan 7 allowed on the trunk link.
  core2#sho mac address-table address 0009.0fbb.cc04
  Legend: * - primary entry
          age - seconds since last seen
          n/a - not available
    vlan   mac address     type    learn     age              ports
  ------+----------------+--------+-----+----------+--------------------------
  No entries present.
  core2#
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        285   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        290   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        300   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        305   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        315   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        320   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        320   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        330   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        335   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        340   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        375   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        405   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        425   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        465   Gi1/1
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        480   Gi1/1
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        480   Gi1/1
  core2#show mac address-table | in 0009.0fbb.cc04
  core2#show mac address-table | in 0009.0fbb.cc04
  core2#sho mac address-table address 0009.0fbb.cc04
  Legend: * - primary entry
          age - seconds since last seen
          n/a - not available
    vlan   mac address     type    learn     age              ports
  ------+----------------+--------+-----+----------+--------------------------
  No entries present.
  core2#sh int g1/1 trunk
  Port                Mode         Encapsulation  Status        Native vlan
  Gi1/1               on           802.1q         trunking      1
  Port                Vlans allowed on trunk
  Gi1/1               64,72,156,214-216,300,600
  Port                Vlans allowed and active in management domain
  Gi1/1               64,72,156,214-216,300,600
  Port                Vlans in spanning tree forwarding state and not pruned
  Gi1/1               64,72,156,214-216,300,600
  Is it a bug?
  Thanks!

• CNA 5.5 and show mac address-table

  When trying to Monitor/Search for MAC address in C2960 network I got an error reply that a CLI command is not supported. Analyzing network traffic shows that CNA 5.5 is issueing 'show mac-address-table' command but the latest Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 12.2(55)SE does not support 'show mac-address-table' anymore but does support 'show mac address-table' command. How can I change the command for showing mac address tables in CNA 5.5?
  M.

  hi john,
  the show mac-address-table command should be valid.
  check if you've got MAC learning enabled on the ASA interface using show mac-learn command.
  edit: could you post show firewall? the above command works on transparent firewall only.

• Show mac-address-table not working on ASA5512

  Hi,
  I'm unable to excute "show mac-address-table" on an ASA5512, running 9.1(1). The output is: 
  asa-test# show mac-address-table
                   ^
  ERROR: % Invalid input detected at '^' marker.
  Has the command changed for this model / version? It works fine on ASA5505's running 8.4(5).
  Thanks for your time,
  John

  hi john,
  the show mac-address-table command should be valid.
  check if you've got MAC learning enabled on the ASA interface using show mac-learn command.
  edit: could you post show firewall? the above command works on transparent firewall only.

• Printer showing MAC address in sidebar

  I have just setup a Canon MX850 printer on my home network and the MAC address of it is showing in the sidebar. The only way to remove it is to change the sidebar preferences which I don't want to do as I want to see other servers on the network. How do I change the printer settings to show the MX850 instead of the printers MAC address?

  I have never seen this with any of my Canon printers. I have an iP5200R that is connected wirelessly to my network and an iP6000D that is connected to the USB port of an Airport Extreme. When I configured the iP5200R to join my wireless network, it was displayed in the Canon utility with its MAC address. Also, when I added its printer queue using More Printers > Canon IJ Network, the printer was also shown in the list with its MAC address. However, as I write this reply this printer does not display in any part of the Finder.
  Is the printer displayed under the Shared section in the sidebar?
  Also, how is the printer connected to your network? Is it being shared by another computer or is it connected via Ethernet or wireless?
  PaHu

• Show Mac Address Table in ASR9k running XR

  I'm trying to find a Mac Address in the ASR9k table.  We have a server with multiple mac addresses and we need to know what MAC is being learned by what interface.
  Thank you,

  Use the command
  show l2vpn forwarding bridge-domain <group_number>:<domain_name> mac-address location 0/x/CPU0
  or
  show l2vpn forwarding bridge-domain mac-address location 0/x/CPU0

• Sh arp does not show mac address of IP --- ASA

  Hi Everyone,
  I can ping the IP from the ASA but when i do sh arp it does not show me mac address od that IP.
  Need to know the reason behind this.
  Regards
  MAhesh

  So your ASA should have a route on the inside interface to internal networks. The address of that next hop in the routing table is the one you should have in your arp table allowing you to reach non-directly-connected (subnet-wise) hosts within the scope of that route statement.
  Think through the logic - ASA pings a host. It needs to determine proper egress interface. It checks and asks "Is it reachable via a directly connected interface (most preferred route)?" Answer no. "Do I have a route statement telling me how to get to it?" Answer yes (otherwise use default). OK - so ASA sends packet out egress interface defined in that route statement to the next hop as defined in route statement and waits for reply.

• NAM shows MAC address instead of IP address in host

  Hi,
  Product: Cisco Prime NAM Appliance 2304
  Version: 5.1(3)
  Problem: We only can see MAC address on Hosts table in NAM, not IP address.
  Does anyone know what happen and how to fix it?
  Thanks!!!

  I wouldn't worry too much about the address shown in the Remote Management tab.  The ARDAgent process, which is what is listening on his computer for connections from Remote Desktop, binds to all active network interfaces and ultimately that's all that matters. Of out curiosity though, to what IP address does the "unknown-b8-8d-##-##-##-##.home" dns name resolve?  Is it the WAN address?  I can't imagine it resolves to a private address like a 192.168.
  In any event, let's focus back on the network structure. Does the BT router have both a hard wired LAN ethernet port as well as a WiFi radio for LAN connections?  My guess is yes. I am also assuming that he does *not* have another router attached to the BT LAN ethernet port like an Airport basestation that is serving the WiFi connections.  Typically, the LAN ethernet port is given, via DHCP, a real Internet accessible address but the addresses served via DHCP for wireless clients are private network addresses only.  It's seems unlikely to me that the router is automatically forwarding incoming connections to a private network address on the WiFi network.  But if he plugs his Mac in to the ethenert LAN port on the BT router then you should be able to connect directly to the address given to it via DHCP because it *should* be a real Internet accessible address.

• Dladm does not show mac address for aggr

  All,
  When I run dladm show-aggr for my two aggr interfaces, I have one not displaying its MAC. Anyone a clue how I can get this sorted?
  key: 2 (0x0002) policy: L2      address: 0:14:4f:da:13:e8 (auto)
             device       address                 speed           duplex  link    state
             nxge2        0:14:4f:da:13:e8          1000  Mbps    full    up      attached
             nxge3        <unknown>         1000  Mbps    full    up      attachedCheers,
  Davy
  Edited by: Davy_S on Apr 18, 2009 1:52 AM

  I had the same problem. SUN support recommends latest kernel patches. That solved my problem.

• CSCui55504 - show Mac address table from RP gives an error msg and40;but from SP works )

  Hello Cisco,
  Is there any updates or ETA regarding this bug, as our production 6500 core switch is experiencing this issue and viewing mac-table is a critical activity we perform everyday to troubleshoot client connections.

  I'm having this same issue. I also have this line in my log, which is curious:
  12/14/14 7:13:07.822 PM netbiosd[16766]: Attempt to use XPC with a MachService that has HideUntilCheckIn set. This will result in unpredictable behavior: com.apple.smbd
  Is this related to the problem? What does it mean?
  My 2010 27" iMac running Yosemite won't wake up from sleep.

• Discovering MAC addresses for Switch ports

  Hello and thanks for looking at my question,
  My company has inherited a network which has some very poor documentation. We really have no clue, nor does the customer, what machines are connected to what switch ports.
  My co-worker and I were discussing the best way to find this out with the least amount of effort, but can't agree on a single solution. Any recommendations would be greatly appreciated.
  Thanks.
  Sincerely,
  Brent

  Brent,
  After you do the 'sho arp' and now have MAC to IP translation, do a 'sho mac-address table' to show MAC to port translation. Save both tables to an Excel spreadsheet and tie them together. You should be able to come up with a good cross reference table (depending upon your Excel skills).
  This also gives you a switch-by-switch breakout. It's also a very helpful troubleshooting method to find rouge devices and shut down a port (for instance).
  Hope this is helpful.
  Jim

• Multicast mac address isn't learned, igmp-snooping

  I have PIM router which connects to the cat 2960 switch and also I have host which connects to another port on the same switch. Host was joined to the IGMP group 224.1.1.1. I see that the router generates igmp-query and the host respons. IGMP-snooping process sees that process and updates appropriate entries:
  2960-5#sh ip igmp snooping mrouter
  Vlan    ports
    15    Gi2/0/32(dynamic)
  2960-5#sh ip igmp snooping groups
  15        224.1.1.1                igmp        v2          Gi2/0/32, Gi2/0/33
  But when I command "sh mac address-table multicast" I see nothing:
  2960#sh mac address-table multicast
  Vlan    Mac Address       Type        Ports
  What is reason of this problem?

  There is the following statement from the "CCNP Practical Studies: Switching:
  the process of populating the bridge table with multicast MAC addresses is based upon inspection of the destination MAC address, unlike unicast MAC addresses where the source MAC address of unicast frames is examined to generate bridge table entries.
  And this book describes other parts of the mac learning process and says that after exchanging IGMP-message MAC-table must be populated by multicast mac-addresses. But later I found some Cisco and Jupiner documentation which says there is two way to perform multicast forwarding - MAC and IP. Default metod is IP multicast forwarding. When this metod is used multicast MAC-addresses isn't learnt and process of packet forwarding uses special forwarding cache which includes list of mapping IP and appropriate interfaces. It all means that this book isn't actual. All modern switchs perform multicast forwarding by IP metod and MAC-addresses don't populate CAM. 

• Can't clear mac address table from interface

  hello all.
  I'm facing a problem, and i've also tried to workaround but not sucessfully.
  I've got a polycom phone on the swich. When I connect a laptop on that port, the mac address is learned by the switch and keep the mac address even if I disconnect the ethernet cable from that port and if I try to connect the same laptop on other port on the same switch I've got errdisable error in the last connected port. Although I was figuring out what's wrong and seems that the mac address is kept for some reason in the first port.
  sw02#show mac address-table interface f0/19
            Mac Address Table
  Vlan    Mac Address       Type        Ports
   60   3c07.5417.9069   STATIC      Fa0/19 
   80    0004.f21e.afa7    STATIC      Fa0/19 
  this is a 2960, Version 12.2(44r)SE4
  with a Polycom SoundPoint IP 330 connected on vlan 80
  I was searching to clear the mac address table on that interface but the IOS version didn't give me the static option
  sw02#clear mac address-table ?
    dynamic       dynamic entry type
    move          move keyword
    notification  Clear MAC notification Global Counters
  As there's no dynamic entries on that interface the mac addresses remain on the f0/19 interface.
  I've tried with other switches and with other laptops and is the same errdisable status.
  sw02#show run int f0/19
  interface FastEthernet0/19
   description VoIP
   switchport access vlan 60
   switchport mode access
   switchport nonegotiate
   switchport voice vlan 80
   switchport port-security maximum 5
   switchport port-security
   no snmp trap link-status
   ip dhcp snooping limit rate 100
  end
  any thought?

  the mac addresses are not manually configured.
  yes, that's my point. when I disconnect the ethernet cable the mac addresses are not flushed from the mac table.
  Although I don't understand why the mac addresses are kept in the interface, if I force the interface aging time to 1 min, the problem don't occur anymore.
  I was reviewing the switch config and I've got ports with aging time 0 (that learn and flush the mac addresses dynamically) and I've got ports with aging time 1 (that learn and flush the mac addresses at the end of 60 seconds)
  The problem is solved although I need to investigate this issue in other switch models and with other voip phones.
  Tks Jon and Julio

• How to verify VPLS mac-address forwarding

  I think VPLS know how to forward by mac-address. but how to verify it ?
  for example I show mac-address vlan 100. But I can not find a command to verify How mac-address is forwarding ?
  at 6509:
  PA_C76_1>sh mpls l2transport vc
  Local intf Local circuit Dest address VC ID Status
  VFI PA-LA-test VFI 203.160.227.88 100 UP
  VFI PA-LA-test VFI 203.160.227.95 100 UP
  PA_C76_1>show mac-address-table vlan 100
  Legend: * - primary entry
  age - seconds since last seen
  n/a - not available
  vlan mac address type learn age ports
  ------+----------------+--------+-----+----------+--------------------------
  * 100 000b.45b6.bc40 dynamic Yes 95 Router
  * 100 0012.d946.59c1 dynamic Yes 10 Gi4/1

  Hi,
  VPLS provides the medium to for a E-LAN, and in Cisco implementations, the MAC learning is not actually done by a VPLS instance.
  This can be best explained by an example.
  PE(SW)-A ---- PE(SW)-B
  PE(SW)-C
  Now these three PE nodes under VPLS, are only provided the medium to connect to each other using P2P PW forming a full mesh.
  For simplicity you can assume they are three switches connected in the above manner using copper. So this copper connecitivity is provided by VPLS.
  And at the end of the day the end nodes learn mac addresses using the conventional method of flooding and learning. So you wont find any VPLS specific commands to see what mac address is the VPLS instance flooding. As its only providing a medium for connectivty. And the flooding is done by the end nodes. as they treat the VPLS VC as one of the outgoing port.
  HTH-Cheers,
  Swaroop