Line Protocol flapping between 2 routed ports over a 1Gb circuit

Hi,
We currently have a 1Gb circuit between 2 sites that is presented to us as copper ethernet on both ends.
One end is a Cisco 4948, the other a 3750E.
Our switching connect into the ISP NTE devices.
Both our switch ports are routed ports on a P2P subnet.
The A-end (3750E) of the circuit is showing up/up
But the B-end (4948) the interface flaps constantly (up then drops after 3 seconds). The time until the interface shows up again varies between 4-10 seconds.
Throughout the flaps there is not a time when we can ping between both switches.
The B-end switch has been replaced. And the cable between the B-end switch and the B-end NTE has been tested fully.
The configuration on the interfaces are fairly standard:
- ip address
- speed auto
- duplex auto
(I've tried all combinations of speed/duplex settings at both ends)
The ISP attended the B-end NTE and reported a loss of signal from our B-end Switch. They report that a test from the B-end NTE to the A-end is successful.
What further steps could be taken to troubleshoot this?
No configuration changes were made at the time of the issue.
Is this firmly an ISP issue to investigate?
Any suggestions welcome.
Thanks,
Kyle

Hello
i am suprised the ISP didn't investige both end on this circuit !
- Have you check physically on the Nte device for errors ( rx -tx link LEDs etc )
- powered the Nte down -chaned the cabling BOTH of ends?
- used a different port?
- performed a TDR ?
- get the isp to attend site A
res
paul

Similar Messages

Irregular line protocol flapping on HSSI

I have been experiencing flapping (only line protocol) on this interface from time to time.
I contacted our upstream we are connected to via this interface but there were not any error indications on his side.
I would like to ask you to provide me with some recommendations in this issue.
Please find a printout og "sh int HSSI" below.
Hssi11/0 is up, line protocol is up
Hardware is cxBus HSSI
MTU 4470 bytes, BW 44210 Kbit, DLY 200 usec,
reliability 255/255, txload 17/255, rxload 57/255
Encapsulation FRAME-RELAY IETF, crc 16, loopback not set
Keepalive set (10 sec)
LMI enq sent 710362, LMI stat recvd 705854, LMI upd recvd 0, DTE LMI up
LMI enq recvd 0, LMI stat sent 0, LMI upd sent 0
LMI DLCI 0 LMI type is ANSI Annex D frame relay DTE
Broadcast queue 0/256, broadcasts sent/dropped 0/0, interface broadcasts 0
Last input 00:00:01, output 00:00:00, output hang never
Last clearing of "show interface" counters 11w5d
Queueing strategy: fifo
Output queue 0/40, 807776 drops; input queue 0/75, 5732 drops
30 second input rate 9977000 bits/sec, 1672 packets/sec
30 second output rate 3101000 bits/sec, 1296 packets/sec
1689997250 packets input, 2615467679 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 31 throttles
0 parity
67455362 input errors, 0 CRC, 0 frame, 67455362 overrun,, 0 abort
1851303162 packets output, 661571480 bytes, 0 underruns
0 output errors, 0 applique, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
Please fin

You have a very large nuber of errors:
"67455362 input errors" approx 1% traffic.
Reason:
"overrun
Number of times the serial receiver hardware was unable to hand received data to a hardware buffer because the input rate exceeded the receiver's ability to handle
the data."
With that large number of errors the link
can flap (LMI packets dropped).

%SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Gi3/0/1 and port Fa2/0/46.....

Hi Guys,
Iam seeing above issue on two of my switches connected to core switch ....i know there are quite of few discussion open on same issue but mine is diff....
i see same issue on two switches connected via core swicth on same vlan ( 112)....when i do mac address lookup it says the mac thats generating this error is invalid so cant track the source of this mac....also just saw on topoogy change notification on core traced it back to originating switch which is also generating this error but dnt see any change on the switch that is generated topology change notification....prob is vlan 112 all interface on both switches conected via core are generating this message so five interfaces each .....any expert advise on how to approach it as i cant get to source port generating this as nearly five ports in vlan 112 on bloth switches generating this error. thanks
Apr 15 15:56:08: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa3/0/46 and port Gi3/0/1
Apr 15 15:56:50: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa2/0/46 and port Gi3/0/1
Apr 15 15:56:51: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa3/0/46 and port Gi3/0/1
Apr 15 15:58:29: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa2/0/46 and port Gi3/0/1
Apr 15 15:59:27: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Gi3/0/1 and port Fa2/0/46
Apr 15 15:59:45: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa2/0/46 and port Gi3/0/1
Apr 15 16:00:14: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Gi3/0/1 and port Fa3/0/46
Apr 15 16:00:36: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa2/0/46 and port Gi3/0/1
Apr 15 16:02:40: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa3/0/46 and port Gi3/0/1
Apr 15 16:03:22: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa3/0/46 and port Gi3/0/1
Apr 15 16:03:31: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Gi3/0/1 and port Fa2/0/46
Apr 15 16:04:03: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa3/0/46 and port Gi3/0/1
Apr 15 16:04:34: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa2/0/46 and port Gi3/0/1
Apr 15 16:04:41: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Gi3/0/1 and port Fa2/0/46
Apr 15 16:05:05: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Fa2/0/46 and port Gi3/0/1
Apr 15 16:05:13: %SW_MATM-4-MACFLAP_NOTIF: Host 00ff.ffff.ffff in vlan 112 is flapping between port Gi3/0/1 and port Fa3/0/46
sh spanning-tree vlan 112
VLAN0112
Spanning tree enabled protocol rstp
Root ID    Priority    8192
             Address     001e.13c1.5a70
             Cost        3004
             Port        109 (GigabitEthernet3/0/1)
             Hello Time   2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority    49264 (priority 49152 sys-id-ext 112)
             Address     001f.261c.1d80
             Hello Time   2 sec Max Age 20 sec Forward Delay 15 sec
             Aging Time 300
UplinkFast enabled but inactive in rapid-pvst mode
Interface        Role Sts Cost      Prio.Nbr Type
Fa2/0/46         Desg FWD 3019      128.104 P2p
Fa1/0/46         Desg FWD 3019      128.50   P2p
Gi3/0/1          Root FWD 3004      128.109 P2p
Fa3/0/46         Desg FWD 3019      128.158 P2p
Fa3/0/47         Desg FWD 3100      128.159 P2p
Fa3/0/48         Desg FWD 3019      128.160 P2p

ASAK Mohammed,
There are lots of thread discussing about this, you should do a search before creating a new post.
Anyway, this is how you approach these types of flapping:
1. Is the the given MAC flapping in the log flapping only 1 time or you see it multiple times over a reasonobly short time?
   If you see it only once or once every 2-3 hours this might be not an issue worth being investigated. Sporadic one time flapping are expected in L2 broadcast domain.
If you see it often continue to step 2.
2. Identify and locate the flapping mac in vlan 125: 3270.990a.a504
Is the mac of a dual-homes server using some kind of load balancing algorithm (active/active) for which the same address is used from both NICs?
If yes, the message is not and issue but just an indication. Fix this type of LB (make it active/standby or make sure the server uses 2 different mac addresses, one per NIC) or if it is not possible leave it like this.
3. Is the MAC a the wireless NIC of a PC?
Make sure that the user was not moving from one AP to another (flapping is normal in this case)
4.
See if you have increasing TCN's and check if they are coming from the same interface.
From this point on you keep on troubleshooting STP until you find the offending link (likely going up and down) or the switch. You also need to check if STP in vlan112 is coherent with the actual L2 topology you have.
=====================================================
2- Some more details information which might be helpfull to you.
http://www.cisco.com/en/US/products/hw/switches/ps663/products_tech_note09186a
00801434de.shtml#subtopic1k
Problem
The switch generates %SYS-3-P2_ERROR: Host xx:xx:xx:xx:xx:xx is flapping
between ports? messages, where xx:xx:xx:xx:xx:xx is a MAC address.
Description
This example shows the console output that you see when this error occurs:
%SYS-4-P2_WARN: 1/Host 00:50:0f:20:08:00 is flapping between port 1/2 and port
4/39
Use the steps and guidelines in this section in order to understand and
troubleshoot the cause of this error message.
The message indicates that your Catalyst 4500/4000 switch has learned a MAC
address that already exists in the content-addressable memory (CAM) table, on
a port other than the original one. This behavior repeatedly occurs over short
periods of time, which means that there is address flapping between ports..
If the message appears for multiple MAC addresses, the behavior is not normal.
This behavior indicates a possible network problem because the MAC addresses
move quickly from one port to another port before the default aging time. The
problem can be looping traffic on the network. Typical symptoms include:
·        High CPU utilization
·        Slow traffic throughout the network
·        High backplane utilization on the switch
For information on how to identify and troubleshoot issues with spanning tree,
refer to Spanning Tree Protocol Problems and Related Design Considerations
<http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800
951ac.shtml> .
If the error message appears for one or two MAC addresses, locate these MAC
addresses in order to determine the cause. Issue the show cam mac_addr command
in order to identify from where these MAC addresses have been learned. In this
command, mac_addr is the MAC address that the error reports as flapping.
After you determine between which ports this MAC address is flapping, track
down the MAC address. Connect to the intermediate devices between your
Catalyst 4500/4000 and the device that has the problem MAC address. Do this
until you are able to identify the source and how this device connects to the
network.
Note: Because the MAC address is flapping between two ports, track down both
of the paths.
This example shows how to track both of the paths from which this MAC address
has been learned:
Note: Assume that you have received this message and you have begun to
investigate it.
%SYS-4-P2_WARN: 1/Host 00:50:0f:20:08:00 is flapping between port 1/2 and port
4/39
In order to track down how this MAC address was learned from both ports,
complete these steps:
1.     Consider port 1/2 first, and issue the show cam dynamic 1/2 command.
If you see the MAC address 00:50:0f:20:08:00 in the list of the MAC addresses
that have been learned on this port, determine if this is a single host that
is connected or if there are multiple hosts that are registered on that port.
2.     On the basis of whether there is a single or multiple hosts,
investigate the device:
o   If there is a single host (00:50:0f:20:08:00) that is connected, check the
other port that is registered and see if the host is dually attached to the
switch.
In this example, the other port is port 4/39.
o   If the host has connections to other devices that can eventually lead back
to this switch, try to track down the intermediate devices.
With Cisco devices, issue the show cdp neighbors mod/port detail command. The
output provides information about intermediate devices.
Here is sample output:
Cat4K> (enable) show cdp neighbors 1/2 detail
Port (Our Port): 1/2
Device-ID: brigitte
Device Addresses:
IP Address: 172.16.1.1
Novell address: aa.0
Holdtime: 171 sec
Capabilities: ROUTER
Version:
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-JS-L), Version 12.0(7)T, RELEASE SOFTWARE (fc2)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Mon 06-DEC-99 17:10 by phanguye
Platform: cisco 2500
Port-ID (Port on Neighbors's Device): Ethernet0
VTP Management Domain: unknown
Native VLAN: unknown
Duplex: half
System Name: unknown
System Object ID: unknown
Management Addresses: unknown
Physical Location: unknown
Cat4K> (enable)
3.     Establish a Telnet session with the device and follow the path of the
MAC address.
In this example, the IP address is 172.16.1.1.
Repeat the procedure for all MAC addresses that the error message reports as
flapping.
4.     Create a simple diagram of the source device with that MAC address and
of the physical connections (the Catalyst 4500/4000 ports) from which and to
which this MAC address is flapping.
The diagram enables you to determine if this is a valid port and path for your
network layout.
If you verify that both ports on which the MAC address is flapping provide a
path toward that network node, there is a possibility that you have a
spanning-tree failure issue. Refer to Spanning Tree Protocol Problems and
Related Design Considerations
<http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800
951ac.shtml> in order to isolate and troubleshoot this loop.
In large networks in which multiple hosts from multiple vendors are
interconnected, difficulty arises as you try to track down the host with use
of just the MAC address. Use the search utility for the IEEE OUI and
Company_id Assignments <http://standards.ieee.org/regauth/oui/index.shtml> in
order to track down these MAC addresses. This list is the front end of the
database where IEEE has registered all MAC addresses that have been assigned
to all vendors. Enter the first three octets of the MAC address in the Search
for: field of this page in order to find the vendor that is associated with
this device. The first three octets in the example are 00:50:0f.
These are other issues that can cause this message to appear:
·        Server NIC redundancy problem?There is a server with a dual-attached
NIC that misbehaves and does not follow the standards. The server uses the
same MAC address for both ports that connect to the same switch.
·        Hot Standby Router Protocol (HSRP) flapping?Flapping HSRP can cause
these messages to appear in the Supervisor Engine console. If you notice that
HSRP implementation in your network is unstable, refer to Understanding and
Troubleshooting HSRP Problems in Catalyst Switch Networks
<http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a00800
94afd.shtml> in order to resolve the problem.
·        EtherChannel misconfiguration?A misconfigured EtherChannel connection
can also cause these symptoms. If ports that the flapping message reports are
members of the same channel group, check your EtherChannel configuration and
refer to Understanding EtherChannel Load Balancing and Redundancy on Catalyst
Switches
<http://www.cisco.com/en/US/tech/tk389/tk213/technologies_tech_note09186a00800
94714.shtml> in order to troubleshoot the configuration.
·        Host reflects packets back onto the network?The reflection of packets
back onto the network by a host can also cause flapping. Typically, the root
cause of this packet reflection is a broken NIC or any failure of the physical
interface of the host that is connected to the port.
If the reflection of packets by the host is your root cause, obtain a sniffer
trace and examine the traffic that goes to and from the ports on which the
messages have appeared. If a host reflects packets, you typically see
duplicate packets in the trace. The duplicate packets are a possible symptom
of this flapping of the MAC address.
Refer to Configuring SPAN and RSPAN
<http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/6.3and6.4/configura
tion/guide/span.html> for details on how to configure a port for use with a
sniffer.
·        Software or hardware defect?If you have tried to troubleshoot the
flapping message with the instructions in this section but you still notice
the issue, seek further assistance from Cisco Technical Support
<http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html> . Be
sure to mention and provide documentation of the information that you have
collected while you followed the steps. This information makes further
troubleshooting quicker and more efficient.
HTH
REgards
Inayath
*Plz rate all usefull posts.

%SW_MATM-4-MACFLAP_NOTIF: Host 3270.990a.a504 in vlan 125 is flapping between port Fa0/21 and port Gi0/1

%SW_MATM-4-MACFLAP_NOTIF: Host 3270.990a.a504 in vlan 125 is flapping between port Fa0/21 and port Gi0/1
Please suggest me how can i fixed it ?

Sachin,
those are by no mean errors! they are informative messages which, in some circumnstances, can represent issues.
As I wrote in step 1, very first step is to determine how often you see a given mac flapping between 2 interfaces.
How often do you see that?
I am reiterating the concept as, according to your description, what you see can be pretty normal in your scenario.
Maybe it is worth clarifying that the message only means that a frame learned via Fa0/21 is now seen from Gi0/1. In static and stable networks traffic from a given host should always come from the same path and therefore should not be re-learned from another port. Every time a switch notices that a MAC which was previously learned from a port is now seen and learned from another one it trigeers that message as this behaviour might represent an ongoing L2 loop, but as I wrote this is not always true.
However since you have an AP connected to Fa0/21 it is likely that a host with mac 32:70:99:0a:a5:04 was connected to it for some time, and then it browsed and connected to another AP. This is why your switch started seeing traffic from that mac coming from a distribution/switch switch connected to gi0/1, as the l2 path changed.
I was not able to find the vendor of 32:70:99 as this is not an assigned OUI. Also since this is an unicast locally administered address it could besome kind of application/protocol using it.
What you have to do is
- Check in stable condition where this mac is learned from, that is following it switch by switch until you find the port. Since it comes from an AP most likely it is learned from the radio antenna of the AP. You need to check wheter this is an addressed learned over the radio or local to your motorola AP.
- Once you identify you you will be able to udnerstand why it flapped.
Having said that you will understand that the majority of your questions don't have too much sense now.. however
1. They are messages and not errors. see above why you see them.
2. Check on APs mac address table and see where that address is learned from. I don't know if your AP has some kind of mac notification feature logging all the changes. This is somethign you have to work out yourself. The focus is to first understand what is the mac address in the first place.
3. This question means nothing. If the flapping address is the mac of some kind of wireless NIC (laptop, smartphone etc.) you cannot prevent users from moving from a site to another. This is waht wireless networks are about. Still, sporadic flapping messages are expected as they just represent how the network is being utilized and you cannot fix them as there is nothing to fix.
4. The message itself has no impact. If they represent users moving from a wireless location to another there is no harm. If they are continuous and are not related to wireless networks they might indicate a L2 loop. To verify that you need to look for other symptoms which normally are associated with l2 loops: high cpu on the switches in the path, interface drops (on l2 and l3 interface, if present), increasing STP TCNs (not all the times), unstable STP topology, unstable control plane, similar logs logged in all/many switches. Some or all symptoms can occurr.
5. plenty.... google it and spend some time reading the docs you find
Riccardo

IPsec over GRE tunnel's line protocol is down but able to ping the tunnel destination

>>both routers are located in different countries and connected with ISP
>>IPsec over GRE tunnel is configured on both the routers
>>tunnel's line protocol is down for both the ends but able to reach the tunnel destination with tunnel source
>>Packet is not receiving on the router_1 and but could see packets are getting encrypting on the Router_2
>>ISP is not finding any issue with their end
>>Please guide me how i can fix this issue and what need to be check on this ????
========================
Router_1#sh run int Tunnel20
Building configuration...
Current configuration : 272 bytes
interface Tunnel20
bandwidth 2048
ip address 3.85.129.141 255.255.255.252
ip mtu 1412
ip flow ingress
delay 1
cdp enable
tunnel source GigabitEthernet0/0/3
tunnel destination 109.224.62.26
end
===================
Router_1#sh int Tunnel20
Tunnel20 is up, line protocol is up>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>Keepalive is not set
Hardware is Tunnel
Description: *To CRPrgEIQbaghd01 - 2Mb GRE over Shared ISP Gateway*
Internet address is 3.85.129.141/30
MTU 17916 bytes, BW 2048 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
Tunnel source 195.27.20.14 (GigabitEthernet0/0/3), destination 109.224.62.26
Tunnel Subblocks:
src-track:
Tunnel20 source tracking subblock associated with GigabitEthernet0/0/3
Set of tunnels with source GigabitEthernet0/0/3, 32 members (includes iterators), on interface <OK>
Tunnel protocol/transport GRE/IP
Key disabled, sequencing disabled
Checksumming of packets disabled
Tunnel TTL 255, Fast tunneling enabled
Tunnel transport MTU 1476 bytes
Tunnel transmit bandwidth 8000 (kbps)
Tunnel receive bandwidth 8000 (kbps)
Last input 1w6d, output 14w4d, output hang never
Last clearing of "show interface" counters 2y5w
Input queue: 0/375/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/0 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
1565172427 packets input, 363833090294 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
1778491917 packets output, 1555959948508 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
=============================
Router_1#ping 109.224.62.26 re 100 sou 195.27.20.14
Type escape sequence to abort.
Sending 100, 100-byte ICMP Echos to 109.224.62.26, timeout is 2 seconds:
Packet sent with a source address of 195.27.20.14
Success rate is 92 percent (92/100), round-trip min/avg/max = 139/142/162 ms
Router_1#
============================================
Router_1#sh cry ip sa pe 109.224.62.26 | in caps
#pkts encaps: 831987306, #pkts encrypt: 831987306, #pkts digest: 831987306
#pkts decaps: 736012611, #pkts decrypt: 736012611, #pkts verify: 736012611
Router_1#sh clock
15:09:45.421 UTC Thu Dec 25 2014
Router_1#
===================
Router_1#sh cry ip sa pe 109.224.62.26 | in caps
#pkts encaps: 831987339, #pkts encrypt: 831987339, #pkts digest: 831987339
#pkts decaps: 736012611, #pkts decrypt: 736012611, #pkts verify: 736012611>>>>>>>>>>>>>>>>>>>>Traffic is not receiving from Router 2
Router_1#sh clock
15:11:36.476 UTC Thu Dec 25 2014
Router_1#
===================
Router_2#sh run int Tu1
Building configuration...
Current configuration : 269 bytes
interface Tunnel1
bandwidth 2000
ip address 3.85.129.142 255.255.255.252
ip mtu 1412
ip flow ingress
load-interval 30
keepalive 10 3
cdp enable
tunnel source GigabitEthernet0/0
tunnel destination 195.27.20.14
end
Router_2#
=======================
Router_2#sh run | sec cry
crypto isakmp policy 10
authentication pre-share
crypto isakmp key Router_2 address 195.27.20.14
crypto isakmp key Router_2 address 194.9.241.8
crypto ipsec transform-set ge3vpn esp-3des esp-sha-hmac
mode transport
crypto map <Deleted> 10 ipsec-isakmp
set peer 195.27.20.14
set transform-set ge3vpn
match address Router_2
crypto map <Deleted> 20 ipsec-isakmp
set peer 194.9.241.8
set transform-set ge3vpn
match address Router_1
crypto map <Deleted>
Router_2#
====================================
Router_2#sh cry ip sa pe 195.27.20.14 | in caps
#pkts encaps: 737092521, #pkts encrypt: 737092521, #pkts digest: 737092521
#pkts decaps: 828154572, #pkts decrypt: 828154572, #pkts verify: 828154572>>>>>>>>>>>>Traffic is getting encrypting from router 2
Router_2#sh clock
.15:10:33.296 UTC Thu Dec 25 2014
Router_2#
========================
Router_2#sh int Tu1
Tunnel1 is up, line protocol is down>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>Down
Hardware is Tunnel
Internet address is 3.85.129.142/30
MTU 17916 bytes, BW 2000 Kbit/sec, DLY 50000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive set (10 sec), retries 3
Tunnel source 109.224.62.26 (GigabitEthernet0/0), destination 195.27.20.14
Tunnel Subblocks:
src-track:
Tunnel1 source tracking subblock associated with GigabitEthernet0/0
Set of tunnels with source GigabitEthernet0/0, 2 members (includes iterators), on interface <OK>
Tunnel protocol/transport GRE/IP
Key disabled, sequencing disabled
Checksumming of packets disabled
Tunnel TTL 255, Fast tunneling enabled
Tunnel transport MTU 1476 bytes
Tunnel transmit bandwidth 8000 (kbps)
Tunnel receive bandwidth 8000 (kbps)
Last input 1w6d, output 00:00:02, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 14843
Queueing strategy: fifo
Output queue: 0/0 (size/max)
30 second input rate 0 bits/sec, 0 packets/sec
30 second output rate 0 bits/sec, 0 packets/sec
1881547260 packets input, 956465296 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
1705198723 packets output, 2654132592 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
=============================
Router_2#ping 195.27.20.14 re 100 sou 109.224.62.26
Type escape sequence to abort.
Sending 100, 100-byte ICMP Echos to 195.27.20.14, timeout is 2 seconds:
Packet sent with a source address of 109.224.62.26
Success rate is 94 percent (94/100), round-trip min/avg/max = 136/143/164 ms
Router_2#
=========================

Hello.
First of all, try to reset IPSec (clear crypto isakmp sa ..., clear crypto session ...).
Configure inbound ACL on the router to match esp protocol and check if the packets arrive.
Please provide full output "show crypto ipsec sa"
from both sides.

%SW_MATM-4-MACFLAP_NOTIF: Host 4025.c225.d9f0 in vlan 16 is flapping between port Gi1/0/27 and port Gi1/0/12

Hi all ,
we have a network with CORE4507 access 2960x24port+4portSFP
CORE configured to allowed vlan all till access switch SFP interface Gi1/0/27 when i show log to switch i found error below.
\%SW_MATM-4-MACFLAP_NOTIF: Host 4025.c225.d9f0 in vlan 16 is flapping between port Gi1/0/27 and port Gi1/0/12
In access switch port Gi1/0/12 and port Gi1/0/24 is configured as trunk and WAP121 wirelessAP is connected tow SSID,s are configured SSID1=VLAN 10 SSID2=VLAN16
interface GigabitEthernet1/0/12
switchport trunk allowed vlan 10,16
switchport mode trunk
interface GigabitEthernet1/0/24
switchport trunk allowed vlan 10,16
switchport mode trunk
Any Help
Regards

Hello Akash,
Thanks for repley port 1/0/27 is configured as trunk and allowed Vlan All
interface GigabitEthernet1/0/27
switchport mode trunk
this is sh cdp ne
V35#sh cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay
Device ID Local Intrfce Holdtme Capability Platform Port ID
CORE1 Gig 1/0/27 176 R S I WS-C4507R Gig 1/23
Regards

Host Flapping Between Port Channel

Hi,
I have 2 VSS Pair (4X6509E) Switch. First VSS Pair is configured as Server Core and Second VSS Pair is configured as LAN Core. There is a port channel Port 10 with 4Port configured between Server and LAN Core. We have also couple Wireless LAN Controllers (5508) Connected to Server Core. PortChannel 25 from Wireless LAN Controller 1 and Portchannel 26 from Wireless LAN Controller 2. (Only 1 controller will be acitve at a time)
My issue is that am getting a MAC Flapping error between Port Channel 25 and Port Channel 10. I tried cleard the MAC entry and from ARP found the IP is LAN Core SVI.
"%MAC_MOVE-SW1_SP-4-NOTIF: Host ec30.91e1.2f80 in vlan 80 is flapping between port Po26 and port Po10"
show arp#
Internet 10.50.200.254          23   ec30.91e1.2f80 ARPA   Vlan50
VLAN 80 is WIreless Guest VLAN.
Please guide me in isolating the issue.
Toplolgy file is attached and also 6509-E is ruuning IOS "s72033-ipservicesk9_wan-mz.122-33.SXI3.bin"

SERVER-CORE
interface Port-channel10
switchport
switchport trunk encapsulation dot1q
switchport trunk native vlan 50
switchport trunk allowed vlan 2-4094
switchport mode trunk
no mls qos channel-consistency
interface TenGigabitEthernet1/6/1
switchport
switchport trunk encapsulation dot1q
switchport trunk native vlan 50
switchport trunk allowed vlan 2-4094
switchport mode trunk
channel-protocol pagp
channel-group 10 mode desirable non-silent
nterface TenGigabitEthernet1/6/3
switchport
switchport trunk encapsulation dot1q
switchport trunk native vlan 50
switchport trunk allowed vlan 2-4094
switchport mode trunk
shutdown
channel-protocol pagp
channel-group 10 mode desirable non-silent
interface TenGigabitEthernet2/6/1
switchport
switchport trunk encapsulation dot1q
switchport trunk native vlan 50
switchport trunk allowed vlan 2-4094
switchport mode trunk
channel-protocol pagp
channel-group 10 mode desirable non-silent
interface TenGigabitEthernet2/6/3
switchport
switchport trunk encapsulation dot1q
switchport trunk native vlan 50
switchport trunk allowed vlan 2-4094
switchport mode trunk
channel-protocol pagp
channel-group 10 mode desirable non-silent
interface Port-channel25
description *****Connected to QOC-WLC1*****
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
interface GigabitEthernet1/1/3
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 25 mode on
interface GigabitEthernet1/1/4
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 25 mode on
interface Port-channel26
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
interface GigabitEthernet2/1/3
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 26 mode on
interface GigabitEthernet2/1/4
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 26 mode on
SERVER-CORE#show etherchannel summary
Group Port-channel Protocol    Ports
------+-------------+-----------+-----------------------------------------------
1      Po1(RU)          -        Te1/5/4(D)     Te1/5/5(P)
2      Po2(RU)          -        Te2/5/4(D)     Te2/5/5(P)
10     Po10(SU)        PAgP      Te1/6/1(P)     Te1/6/3(D)     Te2/6/1(P)     Te2/6/3(P)
25     Po25(SU)         -        Gi1/1/3(P)     Gi1/1/4(P)
26     Po26(SU)         -        Gi2/1/3(P)     Gi2/1/4(P)

Host [MAC] vlan [x] is flapping between port [x/x/x] and port [x/x/x]

Hi all, I have two switches connected in cross-3750X stack into a single SW 6500., But I get the following error appears.
18w2d: %SW_MATM-4-MACFLAP_NOTIF: Host 0012.950a.9952 in vlan 10 is flapping between port Gi5/0/46 and port Gi6/0/44
What can i do?
Thank you very much¡¡.

The configuration on the port channel is that all the port must be with the equal configuration :
For example :
interface Port-channel1
description IDC-TO6500 - 192.168.0.12
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,54,136,192,432
switchport mode trunk
speed 100
duplex full
interface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,54,136,192,432
switchport mode trunk
speed 100
duplex full
channel-protocol lacp
channel-group 1 mode active
interface GigabitEthernet1/0/2
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,54,136,192,432
switchport mode trunk
speed 100
duplex full
channel-protocol lacp
channel-group 1 mode active
The same configuration is on the 3750 :
interface Port-channel1
description IDC-TO3750 - 192.168.0.12
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,54,136,192,432
switchport mode trunk
speed 100
duplex full
interface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,54,136,192,432
switchport mode trunk
speed 100
duplex full
channel-protocol lacp
channel-group 1 mode active
interface GigabitEthernet1/0/2
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,54,136,192,432
switchport mode trunk
speed 100
duplex full
channel-protocol lacp
channel-group 1 mode active

100 Mbps bandwidth between 2 location over Ethernet which router model is suitable?

Hi,
We want use 100 Mbps bandwidth between 2 location over Ethernet which router model is suitable?
Sanjay Nalawade.

Hello Sanjay,
I'm afraid the question is too generic to be addressed in a forum post, since the answer may depend on several variables.
My suggestion is to contact your Cisco Account Manager and ask for the assistance of a System Engineer who can make a project for your needs.
Regards,
Antonio

Host flapping between port

Hi All,
I have spent quite long to fix the flapping port, How to fix this problem?
---------from the log------------
Nov 15 11:47:52 CCT: %C4K_EBM-4-HOSTFLAPPING: Host 00:13:E8:73:5A:47 in vlan 66 is flapping between port Gi1/13 and port Fa3/12
Nov 17 12:11:12 CCT: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 000e.5308.f3bd on port FastEthernet3/4.
Nov 17 12:31:48 CCT: %C4K_EBM-4-HOSTFLAPPING: Host 00:1D:E0:8B:8E:99 in vlan 62 is flapping between port Fa3/10 and port Gi1/17
Nov 17 15:05:17 CCT: %C4K_EBM-4-HOSTFLAPPING: Host 00:16:6F:60:DE:AB in vlan 62 is flapping between port Gi1/15 and port Fa3/10
Nov 17 18:40:16 CCT: %C4K_EBM-4-HOSTFLAPPING: Host 00:1B:9E:AB:C3:F7 in vlan 62 is flapping between port Gi1/17 and port Fa3/10
Nov 17 20:35:19 CCT: %C4K_EBM-4-HOSTFLAPPING: Host 00:16:6F:60:D5:8E in vlan 66 is flapping between port Gi1/13 and port Fa3/12
-- cut --
Thanks

We had multiple redundant links between switches, and then the servers were connected to each switch. It was a mess. I removed many of the links and left only two.
Do you have all of your SSIDs in the same VLANs across the ports? In other words, do you have it like:
guest - vlan 100
secured - vlan 105
If that's the case, and the access points are all configured this way, you shouldn't see a flapping I wouldn't think. I would verify that it's an access point in these ports that are flapping, and then work backwards from there.
--John

MAC flapping reported between 2 port channels on Nexus 5596

Hi all, I'm seeing messages like the following reported on a Nexus 5596:
2015 Jan 7 12:40:48.954 Switch-5596A %FWM-6-MAC_MOVE_NOTIFICATION: Host 00ab.cdef.0123 in vlan 104 is flapping between port Po5 and port Po10
Po5 is connected to a storage cluster and is configured as an access port. It is connected to 2 Nexus 5596 switches using vpc.
interface port-channel5
description Storage Shelf 1
priority-flow-control mode off
switchport access vlan 104
spanning-tree port type edge
spanning-tree bpduguard enable
speed 10000
flowcontrol receive on
vpc 5
Po10 is the uplink to the core switch:
interface port-channel10
description uplink
switchport mode trunk
switchport trunk native vlan 2702
switchport trunk allowed vlan 64,94,104,124
spanning-tree port type network
speed 10000
vpc 10
Any ideas on why we would be seeing these log messages?
Thank you.

You need to trace this mac address: - 00ab.cdef.0123 and check if this has dual nic card if yes then check if nic teaming is configured correctly ...then shut down one of the link and see if you are learning the same mac address on two different ports?
HTH

NX2-5K-60.8 %FWM-6-MAC_MOVE_NOTIFICATION: Host 0025.64ee.f160 in vlan 1 is flapping between port Po10 and port Po15

hi All ,
we received multiples port channel flapping alerts as below mention .the nx5K os :- System version: 5.2(1)N1(3)..
we connected two NX-5 CONNECTED THROUGH VPC FROM THAT WE CONNECTE 4849 SWITCH.Please suggest what should i do to resolve the issue.
Thanks
Sandeeps
NX2-5K-60.8 %FWM-6-MAC_MOVE_NOTIFICATION: Host 0025.64ee.f160 in vlan 1 is flapping between port Po10 and port Po15
NX2-5K-60.8 %FWM-6-MAC_MOVE_NOTIFICATION: Host 2c76.8ad0.e56d in vlan 1 is flapping between port Po11 and port Po10
-NX2-5K-60.8 %FWM-6-MAC_MOVE_NOTIFICATION: Host 2c76.8ad0.e56d in vlan 1 is flapping between port Po10 and port Po11
-NX2-5K-60.8 %FWM-6-MAC_MOVE_NOTIFICATION: Host 8c6a.e403.159d in vlan 1 is flapping between port Po10 and port Po29
NX2-5K-60.8 %FWM-6-MAC_MOVE_NOTIFICATION: Host 2c76.8ad0.e56c in vlan 1 is flapping between port Po11 and port Po10

You need to trace this mac address: - 00ab.cdef.0123 and check if this has dual nic card if yes then check if nic teaming is configured correctly ...then shut down one of the link and see if you are learning the same mac address on two different ports?
HTH

VPC trouble - link flapping between C3750 stack and Nexus 5596

Hi All,
I have configured 1 vPC's between 2 Nexus 5596 and 1 stack C3750 switch. The links in the stack are distributed over both members.
Gi1/1/1 -> Eth 1/44 NX 5596-02
Gi 2/1/1 -> Eth 1/45 NX 5596-02
Gi 1/1/2 -> Eth 1/46 NX 5596-01
Gi 2/1/2 -> Eth 1/47 NX 5596-01
The same logic is for another stack C3750 to the same pair of Nexus 5596 switches.
The problem is that the links from the vPCs keep flapping at random moments - 1-2 times per hour.
The network is not loaded at this time and the same issue is on both vPC's.
the flaps in the nexus 5596 looks like this
%ETH_PORT_CHANNEL-5-PORT_DOWN: port-channel108: Ethernet1/44 is down
%ETH_PORT_CHANNEL-5-FOP_CHANGED: port-channel108: first operational port changed from Ethernet1/44 to Ethernet1/45
%ETHPORT-5-IF_DOWN_INITIALIZING: Interface Ethernet1/44 is down (Initializing)
%ETH_PORT_CHANNEL-5-PORT_UP: port-channel108: Ethernet1/44 is up
%ETHPORT-5-IF_UP: Interface Ethernet1/44 is up in mode trunk
On the stack is just up/down the pair interface.
I started few debugs on the stack and captured the folowing output:
C3750X-02#im_if_stack_relationship_add: Posting the ACP job for stack add for 5018.10902
im_if_stack_relationship_add: Posted the ACP job for stack add successfully
im_add_ifstackentry: higher_if_index = 5018 lower_if_index = 10902
im_add_ifstackentry: Failed to delete nolayerelem from NoLowerLayerTree for higher_ifIndex = 5018
im_add_ifstackentry: Failed to delete nolayerelem from NoHigherLayerTree for lower_ifIndex = 10902
im_add_ifstackentry: Deleted nolayerelems from NoHigherLayerTree and NoLowerLayerTree
im_add_ifstackentry: Failed to insert stackelem into StackTree
Jul 12 03:35:26.122: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet2/1/2, changed state to downim_if_stack_relationship_add: Posting the ACP job for stack add for 5018.10902
im_if_stack_relationship_add: Posted the ACP job for stack add successfully
im_add_ifstackentry: higher_if_index = 5018 lower_if_index = 10902
im_add_ifstackentry: Failed to delete nolayerelem from NoLowerLayerTree for higher_ifIndex = 5018
im_add_ifstackentry: Failed to delete nolayerelem from NoHigherLayerTree for lower_ifIndex = 10902
im_add_ifstackentry: Deleted nolayerelems from NoHigherLayerTree and NoLowerLayerTree
im_add_ifstackentry: Failed to insert stackelem into StackTree
Jul 12 03:35:29.058: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet2/1/2, changed state to up
Do someone have any idea what happens here ?
The configuration is ok because i have another vPC connected to FEX's and is working fine.
Kind regards,

Hello,
Problem solved after upgrade to the last version of NX OS 6.0.2.N2.3
BR,

Line protocol question

Okay, this might seem like a really stupid question but it's got me stumped.
What the hell does "line protocol down" mean and how the hell do I fix it? I'm using a Cisco 2500 series router, and it's occuring on serial port 0 on BOTH routers. I've checked, double checked, re double checked, and triple checked (quadruple checked?) the wiring and the physical wiring is fine...
Can anyone provide any insights to this at all for me? I'd greatly appreciate it.
TIA

The line protocol state (up or down) reflects the layer 2 status of the interface. If your serial interface is saying that its state is up/down it means that it knows that it is plugged into something on the interface but that there is a layer 2 connectivity problem.
The nature of how the router determines the layer 2 status depends somewhat on the type of interface. On Serial interfaces the determination is based on the keepalives. So basically what the router is saying is that keepalives are not working on the router. There are a couple of things that can prevent keepalives on the serial interface, such as different protocols being configured (one end may be Cisco HDLC and the other end is PPP). If it was Frame Relay a mismatch of LMI type may cause it. Given your comment about using 2500 and that both sides are showing protocol down I am going to guesss that you have the routers configured back to back. And I am going to guess that you have not configured clock rate on whichever router has the DCE serial cable connected. When routers are back to back and do not connect to provider equipment, you need one of them to generate clocking (and it needs to be the one with the DCE cable). So check your cables, find which one is DCE, and configure clock rate on that router.
HTH
Rick

What trigger Line Protocol Down?

Hi,
Recently I encountered a problem on "line protocol down" as I'd posted on 4th April.
Could anyone direct me to any webpage or sites where there's a detail explaination of how & what would trigger a line protocol down. Or these kinda data-link failure. Thanks!
With regards

Hi Friend,
There could be few reasons majorly physical layer issue when the line protocol goes down.
Can you please update which interface was showing line protocol down. Logical interface (SVI) on layer 3 switch, physical port on layer 2/3 switch or any physical interface on router?
If it is a physical interface on layer 2 switch it is majorly a physical layer issue or may be that particular vlan asscosiated to that port got deleted.
If it is a layer 3 logical interface showing line protocol down may be there is no vlan associated to that vlan configured on layer 2 switch port or no trunk carrying that vlan on that switch.
HTH, if yes please rate the post.
Ankur

Line Protocol flapping between 2 routed ports over a 1Gb circuit

Similar Messages

Maybe you are looking for