Host Flapping Between Port Channel

Similar Messages

• Host flapping between port

  Hi All,
  I have spent quite long to fix the flapping port, How to fix this problem?
  ---------from the log------------
  Nov 15 11:47:52 CCT: %C4K_EBM-4-HOSTFLAPPING: Host 00:13:E8:73:5A:47 in vlan 66 is flapping between port Gi1/13 and port Fa3/12
  Nov 17 12:11:12 CCT: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 000e.5308.f3bd on port FastEthernet3/4.
  Nov 17 12:31:48 CCT: %C4K_EBM-4-HOSTFLAPPING: Host 00:1D:E0:8B:8E:99 in vlan 62 is flapping between port Fa3/10 and port Gi1/17
  Nov 17 15:05:17 CCT: %C4K_EBM-4-HOSTFLAPPING: Host 00:16:6F:60:DE:AB in vlan 62 is flapping between port Gi1/15 and port Fa3/10
  Nov 17 18:40:16 CCT: %C4K_EBM-4-HOSTFLAPPING: Host 00:1B:9E:AB:C3:F7 in vlan 62 is flapping between port Gi1/17 and port Fa3/10
  Nov 17 20:35:19 CCT: %C4K_EBM-4-HOSTFLAPPING: Host 00:16:6F:60:D5:8E in vlan 66 is flapping between port Gi1/13 and port Fa3/12
  -- cut --
  Thanks

  We had multiple redundant links between switches, and then the servers were connected to each switch. It was a mess. I removed many of the links and left only two.
  Do you have all of your SSIDs in the same VLANs across the ports? In other words, do you have it like:
  guest - vlan 100
  secured - vlan 105
  If that's the case, and the access points are all configured this way, you shouldn't see a flapping I wouldn't think. I would verify that it's an access point in these ports that are flapping, and then work backwards from there.
  --John

• %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Gi3/0/1 and port Fa2/0/46.....

  Hi Guys,
  Iam seeing above issue on two of my switches connected to core switch ....i know there are quite of few discussion open on same issue but mine is diff....
  i see same issue on two switches connected via core swicth on same vlan ( 112)....when i do mac address lookup it says the mac thats generating this error is invalid so cant track the source of this mac....also just saw on topoogy change notification on core traced it back to originating switch which is also generating this error but dnt see any change on the switch that is generated topology change notification....prob is vlan 112 all interface on both switches conected via core are generating this message so five interfaces each .....any expert advise on how to approach it as i cant get to source port generating this as nearly five ports in vlan 112 on bloth switches generating this error. thanks
  Apr 15 15:56:08: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa3/0/46 and port Gi3/0/1
  Apr 15 15:56:50: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa2/0/46 and port Gi3/0/1
  Apr 15 15:56:51: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa3/0/46 and port Gi3/0/1
  Apr 15 15:58:29: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa2/0/46 and port Gi3/0/1
  Apr 15 15:59:27: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Gi3/0/1 and port Fa2/0/46
  Apr 15 15:59:45: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa2/0/46 and port Gi3/0/1
  Apr 15 16:00:14: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Gi3/0/1 and port Fa3/0/46
  Apr 15 16:00:36: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa2/0/46 and port Gi3/0/1
  Apr 15 16:02:40: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa3/0/46 and port Gi3/0/1
  Apr 15 16:03:22: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa3/0/46 and port Gi3/0/1
  Apr 15 16:03:31: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Gi3/0/1 and port Fa2/0/46
  Apr 15 16:04:03: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa3/0/46 and port Gi3/0/1
  Apr 15 16:04:34: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa2/0/46 and port Gi3/0/1
  Apr 15 16:04:41: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Gi3/0/1 and port Fa2/0/46
  Apr 15 16:05:05: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa2/0/46 and port Gi3/0/1
  Apr 15 16:05:13: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Gi3/0/1 and port Fa3/0/46
  sh spanning-tree vlan 112
  VLAN0112
    Spanning tree enabled protocol rstp
    Root ID    Priority    8192
               Address     001e.13c1.5a70
               Cost        3004
               Port        109 (GigabitEthernet3/0/1)
               Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
    Bridge ID  Priority    49264  (priority 49152 sys-id-ext 112)
               Address     001f.261c.1d80
               Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
               Aging Time 300
    UplinkFast enabled but inactive in rapid-pvst mode
  Interface        Role Sts Cost      Prio.Nbr Type
  Fa2/0/46         Desg FWD 3019      128.104  P2p
  Fa1/0/46         Desg FWD 3019      128.50   P2p
  Gi3/0/1          Root FWD 3004      128.109  P2p
  Fa3/0/46         Desg FWD 3019      128.158  P2p
  Fa3/0/47         Desg FWD 3100      128.159  P2p
  Fa3/0/48         Desg FWD 3019      128.160  P2p

  ASAK Mohammed,
  There are lots of thread discussing about this, you should do a search before creating a new post.
  Anyway, this is how you approach these types of flapping:
  1. Is the the given MAC flapping in the log flapping only 1 time or you see it multiple times over a reasonobly short time?
     If you see it only once or once every 2-3 hours this might be not an  issue worth being investigated. Sporadic one time flapping are expected  in L2 broadcast domain.
  If you see it often continue to step 2.
  2. Identify and locate the flapping mac in vlan 125: 3270.990a.a504
  Is  the mac of a dual-homes server using some kind of load balancing  algorithm (active/active) for which the same address is used from both  NICs?
  If yes, the message is not and issue but just an indication.  Fix this type of LB (make it active/standby or make sure the server  uses 2 different mac addresses, one per NIC) or if it is not possible  leave it like this.
  3. Is the MAC a the wireless NIC of a PC?
  Make sure that the user was not moving from one AP to another (flapping is normal in this case)
  4.
  See if you have increasing TCN's and check if they are coming from the same interface.
  From  this point on you keep on troubleshooting STP until you find the  offending link (likely going up and down) or the switch. You also need  to check if STP in vlan112 is coherent with the actual L2 topology you  have.
  =====================================================
  2- Some more details information which might be helpfull to you.
  http://www.cisco.com/en/US/products/hw/switches/ps663/products_tech_note09186a
  00801434de.shtml#subtopic1k
  Problem
  The switch generates %SYS-3-P2_ERROR: Host xx:xx:xx:xx:xx:xx is flapping
  between ports? messages, where xx:xx:xx:xx:xx:xx is a MAC address.
  Description
  This example shows the console output that you see when this error occurs:
  %SYS-4-P2_WARN: 1/Host 00:50:0f:20:08:00 is flapping between port 1/2 and port
  4/39
  Use the steps and guidelines in this section in order to understand and
  troubleshoot the cause of this error message.
  The message indicates that your Catalyst 4500/4000 switch has learned a MAC
  address that already exists in the content-addressable memory (CAM) table, on
  a port other than the original one. This behavior repeatedly occurs over short
  periods of time, which means that there is address flapping between ports..
  If the message appears for multiple MAC addresses, the behavior is not normal.
  This behavior indicates a possible network problem because the MAC addresses
  move quickly from one port to another port before the default aging time. The
  problem can be looping traffic on the network. Typical symptoms include:
  ·        High CPU utilization
  ·        Slow traffic throughout the network
  ·        High backplane utilization on the switch
  For information on how to identify and troubleshoot issues with spanning tree,
  refer to Spanning Tree Protocol Problems and Related Design Considerations
  <http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800
  951ac.shtml> .
  If the error message appears for one or two MAC addresses, locate these MAC
  addresses in order to determine the cause. Issue the show cam mac_addr command
  in order to identify from where these MAC addresses have been learned. In this
  command, mac_addr is the MAC address that the error reports as flapping.
  After you determine between which ports this MAC address is flapping, track
  down the MAC address. Connect to the intermediate devices between your
  Catalyst 4500/4000 and the device that has the problem MAC address. Do this
  until you are able to identify the source and how this device connects to the
  network.
  Note: Because the MAC address is flapping between two ports, track down both
  of the paths.
  This example shows how to track both of the paths from which this MAC address
  has been learned:
  Note: Assume that you have received this message and you have begun to
  investigate it.
  %SYS-4-P2_WARN: 1/Host 00:50:0f:20:08:00 is flapping between port 1/2 and port
  4/39
  In order to track down how this MAC address was learned from both ports,
  complete these steps:
  1.     Consider port 1/2 first, and issue the show cam dynamic 1/2 command.
  If you see the MAC address 00:50:0f:20:08:00 in the list of the MAC addresses
  that have been learned on this port, determine if this is a single host that
  is connected or if there are multiple hosts that are registered on that port.
  2.     On the basis of whether there is a single or multiple hosts,
  investigate the device:
  o   If there is a single host (00:50:0f:20:08:00) that is connected, check the
  other port that is registered and see if the host is dually attached to the
  switch.
  In this example, the other port is port 4/39.
  o   If the host has connections to other devices that can eventually lead back
  to this switch, try to track down the intermediate devices.
  With Cisco devices, issue the show cdp neighbors mod/port detail command. The
  output provides information about intermediate devices.
  Here is sample output:
  Cat4K> (enable) show cdp neighbors 1/2 detail
  Port (Our Port): 1/2
  Device-ID: brigitte
  Device Addresses:
  IP Address: 172.16.1.1
  Novell address: aa.0
  Holdtime: 171 sec
  Capabilities: ROUTER
  Version:
  Cisco Internetwork Operating System Software
  IOS (tm) 2500 Software (C2500-JS-L), Version 12.0(7)T,  RELEASE SOFTWARE (fc2)
  Copyright (c) 1986-1999 by cisco Systems, Inc.
  Compiled Mon 06-DEC-99 17:10 by phanguye
  Platform: cisco 2500
  Port-ID (Port on Neighbors's Device): Ethernet0
  VTP Management Domain: unknown
  Native VLAN: unknown
  Duplex: half
  System Name: unknown
  System Object ID: unknown
  Management Addresses: unknown
  Physical Location: unknown
  Cat4K> (enable)
  3.     Establish a Telnet session with the device and follow the path of the
  MAC address.
  In this example, the IP address is 172.16.1.1.
  Repeat the procedure for all MAC addresses that the error message reports as
  flapping.
  4.     Create a simple diagram of the source device with that MAC address and
  of the physical connections (the Catalyst 4500/4000 ports) from which and to
  which this MAC address is flapping.
  The diagram enables you to determine if this is a valid port and path for your
  network layout.
  If you verify that both ports on which the MAC address is flapping provide a
  path toward that network node, there is a possibility that you have a
  spanning-tree failure issue. Refer to Spanning Tree Protocol Problems and
  Related Design Considerations
  <http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800
  951ac.shtml>  in order to isolate and troubleshoot this loop.
  In large networks in which multiple hosts from multiple vendors are
  interconnected, difficulty arises as you try to track down the host with use
  of just the MAC address. Use the search utility for the IEEE OUI and
  Company_id Assignments <http://standards.ieee.org/regauth/oui/index.shtml>  in
  order to track down these MAC addresses. This list is the front end of the
  database where IEEE has registered all MAC addresses that have been assigned
  to all vendors. Enter the first three octets of the MAC address in the Search
  for: field of this page in order to find the vendor that is associated with
  this device. The first three octets in the example are 00:50:0f.
  These are other issues that can cause this message to appear:
  ·        Server NIC redundancy problem?There is a server with a dual-attached
  NIC that misbehaves and does not follow the standards. The server uses the
  same MAC address for both ports that connect to the same switch.
  ·        Hot Standby Router Protocol (HSRP) flapping?Flapping HSRP can cause
  these messages to appear in the Supervisor Engine console. If you notice that
  HSRP implementation in your network is unstable, refer to Understanding and
  Troubleshooting HSRP Problems in Catalyst Switch Networks
  <http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a00800
  94afd.shtml>  in order to resolve the problem.
  ·        EtherChannel misconfiguration?A misconfigured EtherChannel connection
  can also cause these symptoms. If ports that the flapping message reports are
  members of the same channel group, check your EtherChannel configuration and
  refer to Understanding EtherChannel Load Balancing and Redundancy on Catalyst
  Switches
  <http://www.cisco.com/en/US/tech/tk389/tk213/technologies_tech_note09186a00800
  94714.shtml>  in order to troubleshoot the configuration.
  ·        Host reflects packets back onto the network?The reflection of packets
  back onto the network by a host can also cause flapping. Typically, the root
  cause of this packet reflection is a broken NIC or any failure of the physical
  interface of the host that is connected to the port.
  If the reflection of packets by the host is your root cause, obtain a sniffer
  trace and examine the traffic that goes to and from the ports on which the
  messages have appeared. If a host reflects packets, you typically see
  duplicate packets in the trace. The duplicate packets are a possible symptom
  of this flapping of the MAC address.
  Refer to Configuring SPAN and RSPAN
  <http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/6.3and6.4/configura
  tion/guide/span.html>  for details on how to configure a port for use with a
  sniffer.
  ·        Software or hardware defect?If you have tried to troubleshoot the
  flapping message with the instructions in this section but you still notice
  the issue, seek further assistance from Cisco Technical Support
  <http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html> . Be
  sure to mention and provide documentation of the information that you have
  collected while you followed the steps. This information makes further
  troubleshooting quicker and more efficient.
  HTH
  REgards
  Inayath
  *Plz rate all usefull posts.

• NX2-5K-60.8 %FWM-6-MAC_MOVE_NOTIFICATION: Host 0025.64ee.f160 in vlan 1 is flapping between port Po10 and port Po15

  hi All ,
  we received multiples  port channel flapping alerts as below mention .the nx5K os :- System version: 5.2(1)N1(3)..
  we connected two NX-5 CONNECTED THROUGH VPC FROM THAT WE CONNECTE 4849 SWITCH.Please suggest what should i do to resolve the issue.
  Thanks
  Sandeeps
  NX2-5K-60.8 %FWM-6-MAC_MOVE_NOTIFICATION: Host 0025.64ee.f160 in vlan 1 is flapping between port Po10 and port Po15
  NX2-5K-60.8 %FWM-6-MAC_MOVE_NOTIFICATION: Host 2c76.8ad0.e56d in vlan 1 is flapping between port Po11 and port Po10
  -NX2-5K-60.8 %FWM-6-MAC_MOVE_NOTIFICATION: Host 2c76.8ad0.e56d in vlan 1 is flapping between port Po10 and port Po11
  -NX2-5K-60.8 %FWM-6-MAC_MOVE_NOTIFICATION: Host 8c6a.e403.159d in vlan 1 is flapping between port Po10 and port Po29
  NX2-5K-60.8 %FWM-6-MAC_MOVE_NOTIFICATION: Host 2c76.8ad0.e56c in vlan 1 is flapping between port Po11 and port Po10

  You need to trace this mac address: - 00ab.cdef.0123 and check if this has dual nic card if yes then check if nic teaming is configured correctly ...then shut down one of the link and see if you are learning the same mac address on two different ports?
  HTH

• Host [MAC] vlan [x] is flapping between port [x/x/x] and port [x/x/x]

  Hi all, I have two switches connected in cross-3750X stack into a single SW 6500., But I get the following error appears.
  18w2d: %SW_MATM-4-MACFLAP_NOTIF: Host 0012.950a.9952 in vlan 10 is flapping between port Gi5/0/46 and port Gi6/0/44
  What can i do?
  Thank you very much¡¡.

  The configuration on the port channel is that all the port must be with the equal configuration :
  For example :
  interface Port-channel1
   description IDC-TO6500 - 192.168.0.12
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 1,54,136,192,432
   switchport mode trunk
   speed 100
   duplex full
  interface GigabitEthernet1/0/1
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 1,54,136,192,432
   switchport mode trunk
   speed 100
   duplex full
   channel-protocol lacp
   channel-group 1 mode active
  interface GigabitEthernet1/0/2
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 1,54,136,192,432
   switchport mode trunk
   speed 100
   duplex full
   channel-protocol lacp
   channel-group 1 mode active
  The same configuration is on the 3750 :
  interface Port-channel1
   description IDC-TO3750 - 192.168.0.12
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 1,54,136,192,432
   switchport mode trunk
   speed 100
   duplex full
  interface GigabitEthernet1/0/1
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 1,54,136,192,432
   switchport mode trunk
   speed 100
   duplex full
   channel-protocol lacp
   channel-group 1 mode active
  interface GigabitEthernet1/0/2
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 1,54,136,192,432
   switchport mode trunk
   speed 100
   duplex full
   channel-protocol lacp
   channel-group 1 mode active

• %SW_MATM-4-MACFLAP_NOTIF: Host 3270.990a.a504 in vlan 125 is flapping between port Fa0/21 and port Gi0/1

  %SW_MATM-4-MACFLAP_NOTIF: Host 3270.990a.a504 in vlan 125 is flapping between port Fa0/21 and port Gi0/1
  Please suggest me how can i fixed it ?

  Sachin,
  those are by no mean errors! they are informative messages which, in some circumnstances, can represent issues.
  As I wrote in step 1, very first step is to determine how often you see a given mac flapping between 2 interfaces.
  How often do you see that?
  I am reiterating the concept as, according to your description, what you see can be pretty normal in your scenario.
  Maybe it is worth clarifying that the message only means that a frame learned via Fa0/21 is now seen from Gi0/1. In static and stable networks traffic from a given host should always come from the same path and therefore should not be re-learned from another port. Every time a switch notices that a MAC which was previously learned from a port is now seen and learned from another one it trigeers that message as this behaviour might represent an ongoing L2 loop, but as I wrote this is not always true.
  However since you have an AP connected to Fa0/21 it is likely that a host with mac 32:70:99:0a:a5:04 was connected to it for some time, and then it browsed and connected to another AP. This is why your switch started seeing traffic from that mac coming from a distribution/switch switch connected to gi0/1, as the l2 path changed.
  I was not able to find the vendor of 32:70:99 as this is not an assigned OUI. Also since this is an unicast locally administered address it could besome kind of application/protocol using it.
  What you have to do is
  - Check in stable condition where this mac is learned from, that is following it switch by switch until you find the port. Since it comes from an AP most likely it is learned from the radio antenna of the AP. You need to check wheter this is an addressed learned over the radio or local to your motorola AP.
  - Once you identify you you will be able to udnerstand why it flapped.
  Having said that you will understand that the majority of your questions don't have too much sense now.. however
  1. They are messages and not errors. see above why you see them.
  2. Check on APs mac address table and see where that address is learned from. I don't know if your AP has some kind of mac notification feature logging all the changes. This is somethign you have to work out yourself. The focus is to first understand what is the mac address in the first place.
  3. This question means nothing. If the flapping address is the mac of some kind of wireless NIC (laptop, smartphone etc.) you cannot prevent users from moving from a site to another. This is waht wireless networks are about. Still, sporadic flapping messages are expected as they just represent how the network is being utilized and you cannot fix them as there is nothing to fix.
  4. The message itself has no impact. If they represent users moving from a wireless location to another there is no harm. If they are continuous and are not related to wireless networks they might indicate a L2 loop. To verify that you need to look for other symptoms which normally are associated with l2 loops: high cpu on the switches in the path, interface drops (on l2 and l3 interface, if present), increasing STP TCNs (not all the times),  unstable STP topology, unstable control plane, similar logs logged in all/many switches. Some or all symptoms can occurr.
  5. plenty.... google it and spend some time reading the docs you find 
  Riccardo

• %SW_MATM-4-MACFLAP_NOTIF: Host 4025.c225.d9f0 in vlan 16 is flapping between port Gi1/0/27 and port Gi1/0/12

  Hi all ,
          we have a network with CORE4507 access 2960x24port+4portSFP
  CORE configured to allowed vlan all till access switch SFP interface Gi1/0/27 when i show log to switch i found error below.
  \%SW_MATM-4-MACFLAP_NOTIF: Host 4025.c225.d9f0 in vlan 16 is flapping between port Gi1/0/27 and port Gi1/0/12
  In access switch port Gi1/0/12 and port Gi1/0/24 is configured as trunk and WAP121 wirelessAP is connected tow SSID,s are configured  SSID1=VLAN 10 SSID2=VLAN16 
  interface GigabitEthernet1/0/12
   switchport trunk allowed vlan 10,16
   switchport mode trunk
  interface GigabitEthernet1/0/24
   switchport trunk allowed vlan 10,16
   switchport mode trunk
  Any Help
  Regards

  Hello Akash,
                 Thanks for repley port 1/0/27 is configured as trunk and allowed Vlan All
  interface GigabitEthernet1/0/27
   switchport mode trunk
  this is sh cdp ne
  V35#sh cdp neighbors 
  Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                    S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, 
                    D - Remote, C - CVTA, M - Two-port Mac Relay 
  Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
  CORE1            Gig 1/0/27        176             R S I  WS-C4507R Gig 1/23
  Regards

• Difference between Port Channel and VPc

  Hi Friends,
  Could you please provide the difference between Port Channel and VPC.
  Regards,
  Zaheer

  Read :)
  http://www.cisco.com/c/en/us/products/collateral/switches/nexus-3000-series-switches/white_paper_c11-685753.html
  Virtual PortChannel Technology
  Virtual PortChannels (vPCs) allow links that are physically connected to two different Cisco® switches to appear to a third downstream device to be coming from a single device and as part of a single PortChannel. The third device can be a switch, a server, or any other networking device that supports IEEE 802.3ad PortChannels.
  Cisco NX-OS Software vPCs and Cisco Catalyst® Virtual Switching Systems (VSS) are similar technologies. For Cisco EtherChannel technology, the term “multichassis EtherChannel” (MCEC) refers to either technology interchangeably.
  vPC allows the creation of Layer 2 PortChannels that span two switches. At the time of this writing, vPC is implemented on the Cisco Nexus® 7000 and 5000 Series platforms (with or without Cisco Nexus 2000 Series Fabric Extenders).

• MAC flapping reported between 2 port channels on Nexus 5596

  Hi all, I'm seeing messages like the following reported on a Nexus 5596:
  2015 Jan  7 12:40:48.954 Switch-5596A %FWM-6-MAC_MOVE_NOTIFICATION: Host 00ab.cdef.0123 in vlan 104 is flapping between port Po5 and port Po10
  Po5 is connected to a storage cluster and is configured as an access port. It is connected to 2 Nexus 5596 switches using vpc.
  interface port-channel5
    description Storage Shelf 1
    priority-flow-control mode off
    switchport access vlan 104
    spanning-tree port type edge
    spanning-tree bpduguard enable
    speed 10000
    flowcontrol receive on
    vpc 5
  Po10 is the uplink to the core switch:
  interface port-channel10
    description uplink
    switchport mode trunk
    switchport trunk native vlan 2702
    switchport trunk allowed vlan 64,94,104,124
    spanning-tree port type network
    speed 10000
    vpc 10
  Any ideas on why we would be seeing these log messages?
  Thank you.

  You need to trace this mac address: - 00ab.cdef.0123 and check if this has dual nic card if yes then check if nic teaming is configured correctly ...then shut down one of the link and see if you are learning the same mac address on two different ports?
  HTH

• Port Channel Flapping

  Hi guys,
  Would appreciate if you could find out what was going as per below output? I am not sure what they've done. At that time, one onsiteguy replace a new switch(2950C workgroup) and power on hub(connected to coreswitch). The 2 Vlans segment have changed to listen state(notice the subnet). I couldn't check on the switch because they've power down switch and hub at the same time. The problem has been rectified. I am not sure whether the hub caused the problem or the switch.
  Also the port-channel interface was up and running during the problem occurred
  Aug 31 12:27:13: %C4K_EBM-4-HOSTFLAPPING: Host 00:11:21:F9:4A:3F in vlan 2 is fl
  apping between port Gi3/44 and port Po2
  Aug 31 12:27:13: %C4K_EBM-4-HOSTFLAPPING: Host 00:11:21:F9:4A:3F in vlan 200 is
  flapping between port Gi3/9 and port Po2
  Aug 31 12:27:17: IP-EIGRP: Neighbor 10.10.40.77 not on common subnet for Vlan2
  (10.10.47.2 255.255.255.0)
  Aug 31 12:27:26: %C4K_EBM-4-HOSTFLAPPING: Host 00:11:21:F9:4A:3F in vlan 2 is fl
  apping between port Gi3/44 and port Po2
  Aug 31 12:27:27: IP-EIGRP: Neighbor 10.10.47.10 not on common subnet for Vlan20
  0 (10.10.40.23 255.255.252.0)
  Aug 31 12:27:28: %C4K_EBM-4-HOSTFLAPPING: Host 00:11:21:F9:4A:3F in vlan 200 is
  flapping between port Gi3/9 and port Po2
  Aug 31 12:27:34: %STANDBY-3-DIFFVIP1: Vlan200 Group 0 active routers virtual
  IP address 10.10.47.1 is different to the locally configured
  address 10.10.40.1
  Aug 31 12:27:38: IP-EIGRP: Neighbor 10.10.40.23 not on common subnet for Vlan2
  (10.10.47.2 255.255.255.0)
  Aug 31 12:27:43: %C4K_EBM-4-HOSTFLAPPING: Host 00:11:21:F9:4A:3F in vlan 2 is fl
  apping between port Gi3/44 and port Po2
  Aug 31 12:27:46: %C4K_EBM-4-HOSTFLAPPING: Host 00:11:21:F9:4A:3F in vlan 200 is
  flapping between port Gi3/9 and port Po2
  Aug 31 12:27:49: IP-EIGRP: Neighbor 10.10.40.25 not on common subnet for Vlan2
  (10.10.47.2 255.255.255.0)
  Aug 31 12:27:55: %C4K_EBM-4-HOSTFLAPPING: Host 00:11:21:F9:4A:3F in vlan 2 is fl
  apping between port Gi3/44 and port Po2<<<
  Aug 31 12:28:00: IP-EIGRP: Neighbor 10.10.47.10 not on common subnet for Vlan20<<<
  0 (10.10.40.23 255.255.252.0)
  Aug 31 12:28:00: %C4K_EBM-4-HOSTFLAPPING: Host 00:11:21:F9:4A:3F in vlan 200 is
  flapping between port Gi3/9 and port Po2<<<<<<
  Problem when showed the output below
  Coreswitch00#show standby brie
  Interface Grp Prio P State Active addr Standby addr Group addr
  Vl2 0 200 Active local 10.10.40.23 10.10.47.1
  Vl200 0 200 Standby 10.10.47.2 local 10.10.40.1
  Coreswitch01#show standby brie
  P indicates configured to preempt.
  |
  Interface Grp Prio P State Active addr Standby addr Group addr
  Vl2 0 100 Listen 10.10.47.2 10.10.40.23 10.10.47.1
  Vl200 0 100 Listen 10.10.47.2 10.10.40.23 10.10.40.1
  ==============================================================================
  Problem has been rectified. They have power down the hub and workgroup
  Coreswitch00#show standby brie
  P indicates configured to preempt.
  |
  Interface Grp Prio P State Active addr Standby addr Group addr
  Vl2 0 200 Active local 10.10.47.10 10.10.47.1
  Vl200 0 200 Active local 10.10.40.25 10.10.40.1
  Coreswitch01#show standby brie
  P indicates configured to preempt.
  |
  Interface Grp Prio P State Active addr Standby addr Group addr
  Vl2 0 100 Standby 10.10.47.2 local 10.10.47.1
  Vl200 0 100 Standby 10.10.40.23 local 10.10.40.1

  Hi,
  The error messages shows that there was an STP loop or physical layer problem in the n/w. Generally these error messages indicate a possible Layer-2 loop in the n/w. I think there was some redundent link between the Work group switch and the hub due to which a loop was there and hence the Mac-address was seen on two diff ports and reported a host is flapping.
  Please see the link below :
  http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094afd.shtml#t3
  HTH,
  -amit singh

• Host flapping

  hi
  two 4503 core switches are connected eachother with sfp, each switch has supervisor engine II+TS and two fast ethernet line modules.
  on the hyper terminal menu, i am getting the message below when I use Gigabit port (on the supervisor engine II +TS) and fast ethernet ports (on line modul of 4503)
  000010: *Jan 04 05:09:42: %C4K_EBM-4-HOSTFLAPPING: Host 00:04:CB:4D:C1:5A in vlan 1 is flapping between port Fa2/1 and port Gi1/15
  000011: *Jan 04 05:10:55: %C4K_EBM-4-HOSTFLAPPING: Host 00:04:CB:4D:C1:5A in vlan 1 is flapping between port Fa2/1 and port Gi1/15
  000013: *Jan 04 06:46:46: %C4K_EBM-4-HOSTFLAPPING: Host 00:05:BA:02:E5:2F in vlan 1 is flapping between port Fa2/1 and port Gi1/15
  000014: *Jan 04 06:46:47: %C4K_EBM-4-HOSTFLAPPING: Host 08:01:32:B4:24:92 in vlan 1 is flapping between port Fa2/1 and port Gi1/15
  keeps sending these messages...
  I dont get any of above messages when I use only fast ethernet ports on the line modul.
  I dont understand what am I doing wrong? 10/100/1000 gigabit ethernet ports on SE should work with fast ethernet ports on the line modules without any trouble shouldnt they?
  how can i prevent those error messages?
  thank you in advance.

  I think the simplest way to monitor the transition states is, like mentioned yesterday, with debug-commands and, if possible, a logging server like e. g. the (free) Kiwi Syslog Daemon. For a perfect look, make sure that the timestamps show the real time (e.g. ‘service timestamps debug datetime localtime’ and taking the local time from a ntp-server). Debugging ‘spanning-tree events’ should notify detailed about the transition states (you can test it easily by disconnecting/connecting an uplink). Access-ports should be configured with ST portfast because (among other things) you don’t want to monitor their transition states.
  However, of cause you can also see the actual state with show-commands but this is hard going.
  Another option is a protocol analyzer tool like Ethereal or Packetyzer to monitor the BPDUs themselves. But this is also hard going and you need to have quite a bit experience and knowledge. So, again: The easiest way should be to operate with some debug-commands (but don’t overdo it!).
  To your second question: With our access-switches I have to use the ports of the SE, because those are the only GBit-Ports I have (The core-switches are 6500s). In deed we had several faulty SE III that caused effects like those you see in your network. The SE IV seems to be much better.
  What I finally did is optimize the spanning-tree with tool like BpduGuard, UDLD, RootGuard etc.
  Some good sources are http://www.cisco.com/warp/public/473/16.html, http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a0080136673.shtml
  You’ll need some time to study but it’s worth it! The good thing with faults like that is that you learn a lot of details about how ST works.

• Host flapping during startup

  Hi everybody,
  I have a slight problem with host flapping.
  First, let me give you an overview of (a part of) the network in question.
  I have two 8 ports 2960 switches (C2960PD-8TT-L), both with five terminal client computers attached to them, connected via PoE to two ports of a 4503.
  The configuration of the two ports on the 4503 switch is as follows:
  Current configuration : 233 bytes
  interface FastEthernet3/46
  description to 2960 Switch1 G0/1
  switchport trunk encapsulation dot1q
  switchport trunk native vlan 88
  switchport trunk allowed vlan 88,991
  switchport mode trunk
  switchport port-security maximum 3
  end
  interface FastEthernet3/47
    description to 2960 Switch2 G0/1
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 88
    switchport trunk allowed vlan 88,991
    switchport mode trunk
    switchport port-security maximum 3
  end
  The configuration of the 2960 switches is as follows:
  interface GigabitEthernet0/1
  description to 4503 Switch1 F3/47
  switchport trunk native vlan 88
  switchport trunk allowed vlan 88,991
  switchport mode trunk
  end
  interface FastEthernet0/1
  description PC terminal
  switchport access vlan 991
  switchport mode access
  no snmp trap link-status
  no mdix auto
  end
  Rapid spanning-tree is enabled on all switches. There are no loops (the 2960 switches are connected with only 1 uplink to the 4503) anywhere.
  =========
  now my problem. The terminals connected to the 2960 switches are turned on every morning. Some terminals won't show the startup screen (no connection) but when you refresh, the connection is fine. The log of the 2960's show the following on april 7:
  2960 Switch1:
  nothing
  2960 Switch2:
  Apr  7 09:00:04.360 GMT+1: %SW_MATM-4-MACFLAP_NOTIF: Host 00e0.c549.0446 in vlan 991 is flapping between port Gi0/1 and port Fa0/5
  Apr  7 09:00:04.628 GMT+1: %SW_MATM-4-MACFLAP_NOTIF: Host 00e0.c549.038b in vlan 991 is flapping between port Gi0/1 and port Fa0/1
  4503:
  Apr  7 09:00:09.871 GMT+1: %C4K_EBM-4-HOSTFLAPPING: Host 00:E0:C5:49:04:46 in vlan 991 is flapping between port Fa3/46 and port Fa3/47
  Apr  7 09:00:11.027 GMT+1: %C4K_EBM-4-HOSTFLAPPING: Host 00:E0:C5:49:03:8B in vlan 991 is flapping between port Fa3/46 and port Fa3/47
  -------- April 8--------
  2960 Switch1:
  Apr  8 09:02:39.168 GMT+1: %SW_MATM-4-MACFLAP_NOTIF: Host 00e0.c549.0431 in vlan 991 is flapping between port Gi0/1 and port Fa0/5
  2960 Switch2:
  Apr  8 09:02:39.445 GMT+1: %LINK-3-UPDOWN: Interface FastEthernet0/2, changed state to down
  Apr  8 09:02:42.465 GMT+1: %SW_MATM-4-MACFLAP_NOTIF: Host 00e0.c549.0431 in vlan 991 is flapping between port Fa0/5 and port Gi0/1
  Apr  8 09:02:42.926 GMT+1: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
  Apr  8 09:02:43.530 GMT+1: %LINK-3-UPDOWN: Interface FastEthernet0/2, changed state to up
  4503:
  Nothing
  MAC 00e0.c549.0446 is physically connected to 2960 switch2, Fa 0/5 and the MAC address table on 2960 Switch 1 shows the address on Gi 0/1 (which is correct).
  So, can someone explain to me why I see these flapping messages wihtout loops of etherchannels or whatsoever? Just simple access ports over single trunks?
  Any help is much appreciated.
  Thanks,
  Ian

  Hi everybody,I have a slight problem with host flapping.First, let me give you an overview of (a part of) the network in question.
  I have two 8 ports 2960 switches (C2960PD-8TT-L), both with five
  terminal client computers attached to them, connected via PoE to two
  ports of a 4503.The configuration of the two ports on the 4503 switch is as follows:Current configuration : 233 bytes
  interface FastEthernet3/46
  description to 2960 Switch1 G0/1
  switchport trunk encapsulation dot1q
  switchport trunk native vlan 88
  switchport trunk allowed vlan 88,991
  switchport mode trunk
  switchport port-security maximum 3
  end!
  interface FastEthernet3/47
    description to 2960 Switch2 G0/1
    switchport trunk encapsulation dot1q
  Hi Ian,
  The problem of Mac flapping between the ports in switches can be due to network switches for misconfigurations that might cause a data-forwarding loop
  - It could be a wrong setup
  - It could be resolved by disabling unused NIC cards in the servers connected 
    to the switch could fix the problem of MAC address Flapping.
  - It could resolve by bad Hardware replacement(switch).
  and more specifically check the e server providers to see if the OS and server platform support 'NIC' Teaming (NIC Bonding).
  FYI - NIC teaming allows users to group two or more physical NICs into a single logical network device called a bond. Once a logical NIC is configured, the virtual machine is not aware of the underlying physical NICs. Packets sent to the logical NIC are dispatched to one of the physical NICs in the bond and packets arriving at any of the physical NICs are automatically directed to the appropriate logical NIC.
  If one of the underlying physical NICs is broken or its cable has been unplugged, server will detect the fault condition and automatically move traffic to another NIC in the bond. This capability eliminates a single point of failure for any one physical NIC and makes the overall network connection fault-tolerant.
  Hope to Help !!
  Ganesh.H
  Remember to rate the helpful post

• WLC Port Channel Host Flapping

  Hello,
  I have setup LAG for one of our 5508 controllers and have connected 4 of the 8 ethernet ports to a 4507 switch. After configuring 2 port channels on the switch we are receiving a host flapping error between the port channels and it seems to be causing a serious slowdown on the switch. When I shutdown one of the port channels the error goes away and traffic returns to normal. I have the same configuration at other locations with the only difference being the switches used are 3750G-12S and I do not see the host flapping error. It appears to only be a problem with modular switches.
  One other thing of note: I read a Cisco white paper on LAG and it suggested creating the port channels over 2 different modules. For example, put ports G4/24 and G5/24 in port channel 1 and G4/25 and G5/25 in port channel 2. I tried this but I still got the host flapping error.
  I searched the forum and found a few threads on the subject but no resolution. Any insight on a fix will be greatly appreciated.
  Thanks
  Mark

  Mark,
       Just to double check.  You configured two port channels on the switch, and connected these to the WLC?
  If that is the case, that is currently not a supported config.  You can split the ports across the modules, but you can't link two different etherchannels to the WLC.
  HTH,
  Steve
  Please remember to rate helpful posts or to mark the question as answered so that it can be found later.

• Create port channel between UCS-FI and MDS 9124 (F Mode)

  Dear Team,
  We were trying to create  port channel between UCS FI and MDS 9124
  But the port channel not getting active in F mode on MDS 9124
  FI is in FC End Host Mode
  We have enabled FC uplink trunking on FI
  We have enabled NPIV on MDS
  We have enabled trunk on MDS
  FI and MDS in default VSAN
  To check we changed the FI mode to FC Switching mode and port channels became active but in E mode
  when we enabled FC uplink trunking on FI and FC Switching mode port channels became active in TE mode
  but in both the above cases showflogi database shows WWPN of SAN alone not showing any from FI.
  How to achive this?
  Have read that no need to change the swicthing mode to FC Switching mode and keep as FC Endhost mode
  SO how to achieve Port channel with F mode in MDS and FI ( Mode showing as NProxy)
  Does it has to do anything with MDS NX-OS version? (https://supportforums.cisco.com/thread/2179129)
  If yes how to upgrade as license for ports came along with Device and we do not have any PAC/PAK or license file as it came
  with license
  Also we have seen 2 files availabe for download (m9100-s2ek9-kickstart-mz.5.2.8b.bin and m9100-s2ek9-mz.5.2.8b.bin) which to use
  Thanks and Regards
  Jose

  Hi Jo Bo,
  what version of software if your MDS running?
  On your UCS do connect nxos and show inteface brieft and look at the mac address.
  it is possible that you might be hitting the bug below. if this is the case you might need to upgrade the firmware on your MDS.
  Add MAC OUI "002a6a", "8c604f", "00defb" for 5k/UCS-FI
  http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCty04686
  Symptom:
  Nexus switch unable to connect any other Nexus or other Cisco Switch in NPV mode with a F port-channel.   Issue might be seen in earlier 5.1 releases like
  5.1.3.N1.1a
  but not the latest
  5.1.3.N2.1c
  release. Issue is also seen in
  5.2(1)N1(1)
  and
  6.0(2)N1(1)
  and later releases.
  Conditions:
  Nexus configured for SAN PortChannels or NPIV trunking mode Nexus connected to UCS via regular F port channel where UCS in NPV mode  NPV edge switch: Port WWN OUI from UCS FI  or other Cisco manufactured switch:  xx:xx:00:2a:6a:xx:xx:xx   OR  xx:xx:8c:60:4f:xx:xx:xx
  Workaround:
  Turn-off trunking mode on Nexus 5k TF-port Issue does not happen with standard  F-PORT Remove SAN Portchannel config
  Further Problem Description:
  To verify the issue please collect  show flogi internal event-history errors  Each time the port is attempted OLS, NOS, LRR counters will increment. This can be determined via the following output,  show port internal info all show port internal event-history errors

• FC port channels between MDS and UCS FI best practice?

  Hi,
  We would like to create FC port channels between our UCS FI's and MDS9250 switches.
  At the moment we have 2 separate 8Gbps links to the FI's.
  Are there any disadvantages or reasons to NOT do this?
  Is it a best practice?
  Thanks.

  As Walter said, having port-channels is best practice.  Here is a little more information on why.
  Let's take your example of two 8Gbps links, not in a port-channel ( and no static pinning ) for Fibre Channel connectivity:
  Hosts on the UCS get automatically assigned ( pinned ) to the individual uplinks in a round-robin fashion.
  (1)If you have some hosts that are transferring a lot of data, to and from storage, these hosts can end up pinned to the same uplink and could hurt their performance. 
  In a port-channel, the hosts are pinned to the port-channel and not individual links.
  (2)Since hosts are assigned to an individual link, if that link goes down, the hosts now have to log back into the fabric over the existing working link.   Now you would have all hosts sharing a single link. The hosts will not get re-pinned to a link until they leave and rejoin the fabric.  To get them load balanced again would require taking them out of the fabric and adding them back, again via log out, power off, reload, etc...
  If the links are in a port-channel, the loss of one link will reduce the bandwidth of course, but when the link is restored, no hosts have to be logged out to regain the bandwidth.
  Best regards,
  Jim