MAC address learning

Similar Messages

• Switch mac address learning

  Hi all, am i right in saying that if I had 2 switches plugged together, each switch wouldnt know about each others mac addresses until a host is passed through the uplink, can anyone tell me how the switch knows to use the uplink to find the yet un found mac address, does the switch forward the broadcast from the pc, then its learnt ?

  You are right - they do not communicate their MAC tables to each other. The time a switch learns about a device connected to another switch is when a packet hits *that* switch.
  Normally a broadcast will be carried across all switches in the VLAN, so when a PC arps, all switches will hear about it and add it to their tables. If after (by default) 5 mins, no traffic from said device hits the switch, it wll be removed from te table (cam aging).
  So, with a simple network of two switches and everything in VLAN1, and three systems - A, B and C. A wants to talk to B. A&B are in switch 1, C in switch 2.
  It sends a broadcast (ARP) which gets flooded to B, and via switch 2 and this seen by B. Switch 1 adds A to the address table, as does switch 2 - pointing at the inter switch link.
  B unicasts the ARP response to A. Switch 1 adds B to the table and forwards the response to A as A is in the table. This does not get sent to switch 2. A&B talk to each other and the traffic is constrained to switch 1. After 5 mins the entry for A in switch two ages out and is removed.
  A then starts to purely stream data to B. B does not bneed to respond. A stays in the table, but after 5 mins, B ages out. At that point, the traffic will be sent to switch 2, and seen by C as no switch knows where B is.
  Because of whatever imaginary application is sending all this data, C sends a "quench" message to A. This gets flooded everywhere. the address of C is added to tables. A Acknowledges and responds, but carries on sending the traffic. As B is not in the table, the traffic is still flooded, but my totally imaginary application does somethin useful. It triggers a packet that gets a response from B. That puts B back in the filter table of switch1, and stops the traffic being flooded. If B sends anything o B, it will be flooded on switch 2, including to 1, but on 1 it will be sent only to B. any response to C will then put B in both tables.

• MAC Address-Table Move Update Feature

  Hi guys
  Does 6500 SUP720/2T support MAC Address-Table Move Update Feature?
  I cannot find it in anywhere..
  Thanks very much!
  QXZ

  Hi,
  Please refer following link :
  http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a00807347ab.shtml
  CAM
  —All Catalyst switch models use a CAM table for           Layer 2 switching. As frames arrive on switch ports, the source MAC addresses           are learned and recorded in the CAM table. The port of arrival and the VLAN are           both recorded in the table, along with a timestamp. If a MAC address learned on           one switch port has moved to a different port, the MAC address and timestamp           are recorded for the most recent arrival port. Then, the previous entry is           deleted. If a MAC address is found already present in the table for the correct           arrival port, only its timestamp is updated.
  regards,
  Ajay Kumar

• UCS mac address problem

  Hi all,
  simple question....
  may you know if, with release 1.4.1 there is some mac address learning bug?
  i've go a blades with a mix of palo and other cards, some vnic are pinned to uplink with trunk and allowed vlan 501 on both side. On the UCS blades i've got ESX and ESXi. Service console is tagged to VLAN 501 (according to trunk configuration on UCS and uplink switch). Some blade had got these interface pinned on UCS6100 A and other one on B (with failover). The fact is that if i ping from outside UCS to inside UCS (ESX) no mac learning is performed on all infrastructure.
  I'm sure problem is on UCS 'cause if i clear mac table on UCS nothing works......and all work if i begin to ping from UCS. I've also tried to put on uplink switch a static mac (ESX service console) but was not useful.
  i hope is not a 1.4.1 bug......
  tnx and tnx for help
  dan

  Are any of you using Uplink Pin Groups or have a disjointed Layer 2 network by chance?
  Issues like these are ususally related to Pin Groups/Disjoint L2 using the wrong link as the DR port for incoming traffic.  When traffic is generated from within UCS outbound, the MAC table gets updated on the upstream switch which allows traffic to flow, until it ages out.
  If either of these are the case I suggest you have a look at Brad's videos, name video #6:
  http://bradhedlund.com/2010/06/22/cisco-ucs-networking-best-practices/
  Regards,
  Robert

• Dot1x disable mac-address aging

  Hi, all!
  I have configured dot1x on 3560 switches on my network. Switches have been configured to send MAC notification traps. I have set mac address-table aging time to 1800 sec. but only 802.1x not enabled switch send trap periodically.  It seem dot1x technilogy disable mac-address aging process.
  Can anybody explain it.

  You can control mac-address learning for a VLAN by using this switchport command on a trunk.
  Router(config-if)# switchport port-security maximum 3 vlan 102
  Or simply use this to allow only a certain number of mac's per access port.
  Router(config-if)# switchport port-security maximum 1
  Here is the command reference.
  http://www.cisco.com/univercd/cc/td/doc/product/software/ios122sr/cr/srir_r/ir_s4sr.htm#wp1015189
  PS: you cannot totally stop mac learning as the valid values are from 1-4097 so you cant set it to zero and i believe you dont want to as well , since you have a layer2/3 environment.
  HTH-Cheers,
  Swaroop

• Nexus 7k F1/F2 SoC MAC Table Learning

  In case of M1 cards, understand the MAC addresses learned are communicated to all other forwarding engines.
  Can someone explain how this happens in case of F1/F2 cards. Understand the full MAC address table doesn't get downloaded to all SoCs considering the limited resourses per SoC.
  So how does MAC learning (from other SoCs / from M1 cards) and L2 forwarding happen on F1/F2?
  TIA
  Shijo George

  Thanks manaik, bank-mapping did the trick! In the default vdc configure: "hardware access-list resource feature bank-mapping" and then I was able to have netflow and dhcp relay on the same interface.
  I found another thread on the subject as well: https://supportforums.cisco.com/discussion/12075471/nexus-7k-dhcp-relay-w-ingress-netflow-sampling
  Again, thanks alot!

• Simple : Which src MAC address when WLC bridges 802.11to 802.3 ?

  When a WLC bridges 802.11 to 802.3, after extracting the original 802.11 frame from LWAPP, does it put the 802.11 senders
  MAC address as the source addr in the new 802.3 frame ?
  Or does it put the WLC's AP manager interface ? (Or the WLC's Management Interface) ?
  If you refer to :-
  http://www.cisco.com/en/US/docs/wireless/technology/controller/deployment/guide/dep.html#wp1050985
  One of the bullet points reads :-
  After processing the 802.11 MAC header, the WLC extracts the payload (the IP packet from Host A), encapsulates it into an Ethernet frame, and then forwards the frame onto the appropriate wired network, typically adding an 802.1Q VLAN tag.
  Should it include :-
  and adds the MAC address of the Wireless client as the SOURCE MAC ADDRESS to the outgoing Ethernet Frame??
  Also, will an ARP for a wireless client yeild the mac address of the WLC or the AP ???
  Thanks

  It looks like the src address of the original 802.11 client goes to the 802.3 frame as the source.
  So am I correct in thinking that (in a flat topology, no L3 routing) the WLC will appear as to an attached switchport as trunk
  (not necessarly 802.1q, but usually) with  multiple mac address learned from it.
  Any host on the LAN will send a packet for DEST MAC, which will eventually be SWITCHED (via L2 switching), upto the WLC.
  The WLC will then send it over lwapp to the AP, and the AP will send it to the client.
  But as far as the mac-address-table is concerned of any switch directly attached to the WLC, it will see
  all client MAC address for ALL wireless stations for ALL AP's... Correct ?
  Thanks

• Switch learning mac addresses

  In a video that I watched a few days ago someone explained a basic process of booting up a switch and how a switch learns mac addresses. He said something that I would like to discuss. I know... it is not important but want to clarify :)
  PC1---SW1----PC2
  PC1 wants to send sth to PC2. In the video it was said:
  'a frame arrives at SW1 and SW1 learns the mac address of pc1 but it does not know the mac address of pc2 so it will flood this frame to all ports'
  My uderstanding is that it all starts with an arp message: pc1 does not know the mac address and sends an arp and it will allow the switch to learn both mac addresses: pc1 and pc2. I am too lazy to do it in wireshark but did that in PT and that's what I saw as well. After the arp - switch learnt both macs and did not flood the frame.
  Am I correct? I know it is not important but... ;-)

  It may be possible that there was some aspect of the switch environment in the video that would change the behavior (perhaps something like a long timer for the ARP cache in the PC and a short MAC ageing timer on the switch). But in general you are correct. PC1 would send an ARP request as a broadcast, the switch would learn the MAC of PC1 and forward the ARP request. When PC2 sends its response to the ARP request the switch would learn the MAC of PC2 and forward the ARP response. So the switch should have both MAC addresses when data traffic begins to flow.
  HTH
  Rick

• Fails to learn mac address on Fiber interface with ISP

  Hi,
  We have a problem to bring a new 3750 switch interface up with the ISP.
  Current interface configuration on the router 7500 with SC/Single mode 1000 Base LX is
  interface GigabitEthernet4/0/0
  description ###### ISP #######
  ip address 1.1.1.2 255.255.255.252
  no ip redirects
  no ip unreachables
  load-interval 30
  no negotiation auto
  no cdp enable
  end
  works perfectly fine.
  we are trying to move this link to a Cisco 3750G on SFP single mode 1000 baase LX with the same configuration as below
  interface GigabitEthernet1/0/51
  no switchport
  ip address 1.1.1.2 255.255.255.252
  load-interval 30
  no ip redirects
  no ip unreachables
  no cdp enable
  speed nonegotiate
  we dont get any errors on the link but it fails to learn the mac address from the isp.
  checked the following.
  1. tried changing the SFP and the fiber.
  2. checked internally connecting back to back with another cisco device - works fine .
  3. checked with the isp for any static arp on their side and it is a no.
  I am wondering why it fails to learn the mac-address when it can self ping its own ip address and also the layer stays up with no errors on both the sides.
  Thanks

  Doesn't feel like a fiber/optical issue but a configuration mismatch on one of the end devices.

• Multicast mac address isn't learned, igmp-snooping

  I have PIM router which connects to the cat 2960 switch and also I have host which connects to another port on the same switch. Host was joined to the IGMP group 224.1.1.1. I see that the router generates igmp-query and the host respons. IGMP-snooping process sees that process and updates appropriate entries:
  2960-5#sh ip igmp snooping mrouter
  Vlan    ports
    15    Gi2/0/32(dynamic)
  2960-5#sh ip igmp snooping groups
  15        224.1.1.1                igmp        v2          Gi2/0/32, Gi2/0/33
  But when I command "sh mac address-table multicast" I see nothing:
  2960#sh mac address-table multicast
  Vlan    Mac Address       Type        Ports
  What is reason of this problem?

  There is the following statement from the "CCNP Practical Studies: Switching:
  the process of populating the bridge table with multicast MAC addresses is based upon inspection of the destination MAC address, unlike unicast MAC addresses where the source MAC address of unicast frames is examined to generate bridge table entries.
  And this book describes other parts of the mac learning process and says that after exchanging IGMP-message MAC-table must be populated by multicast mac-addresses. But later I found some Cisco and Jupiner documentation which says there is two way to perform multicast forwarding - MAC and IP. Default metod is IP multicast forwarding. When this metod is used multicast MAC-addresses isn't learnt and process of packet forwarding uses special forwarding cache which includes list of mapping IP and appropriate interfaces. It all means that this book isn't actual. All modern switchs perform multicast forwarding by IP metod and MAC-addresses don't populate CAM. 

• ICloud to Mac Address Book - Two Questions

  Okay, I have learned/accepted that iCloud is not the sync'ing deal that MobileMe was (missed that in the fine print as I have been a loyal .mac user from its inception and like the MM syncing). I understand that everything is updated in the cloud and pushed to various devices (for me, iPhone 4S, new iPad and 2009 MBP).  So, how is it possible for my iCloud address book to have more contacts than my MBP address book?  Wouldn't all of the ones in iCloud be pushed to the MBP?  The only thing I can think is that before I understood the concept that there are two address books resident on the MBP, I starting deleting what I thought were duplicates since I wasn't able to merge them due to two different sources.  I could not find a way at that time to tell me which line was from what source.  Then, once I get the two address books matching - mostly to ensure that I am not missing anything in the iCloud one - what purpose does the Mac based address book serve?  I just had a nightmare of dragging various cards from my iCloud address page on the right into the iCloud group on the left and only to realize after doing at least 20 cards that after the first one, the left page registers back up putting the Mac based group across from the iCloud contact list so I dropped many of them into the Mac group instead of the iCloud group. The iCal doesn't maintain a Mac version and an iCloud version, why does the address book?  BTW, all software on all devices is up to date as of this posting.

  Please pardon what may be a silly question.  This is my first ever post...
  I was thinking about deleting "On My Mac" address book per your above instructions, and sticking with the one iCloud contacts.  The problem I am afraid of running into is this:  In iTunes, when I sync contacts, the groups that show available for syncing all come from "On My Mac".  If I delete from the Mac, will that make my "Contacts" icon on my iPad 'dead'?  Thereby, forcing me to log onto iCloud to view my Contacts, instead of a handy shortcut??? 
  Or will I simply get to forgo the iTunes syncing... and the "contacts" icon on my iPad will reflect what was synced thru iCloud?
  If the latter is true, does that simply mean I will need to recreate my "groups" in iCloud?
  Thanks in advance, I certainly need some guidance.

• Changing MAC address on wrt300n

  So what did I learn today ... never let your little brother on your PC when logged in at a forum ! Result = kicked out, profile deleted, IP banned !
  So I gather that my ISP has only static IP's and they suggest to change my MAC address to get a new IP so I can return to the forum and sign up again with a new profile. So the question is ... how the heck do I change the MAC address on the router ? Anyone have a source that I can read up on this ? This is all very new to me.
  Thanks in advance.

  MAC addresses are like DNA. There are no two matching ANYWHERE in the world (each device in the world has a unique hexidecimal MAC address and no two are alike). Therefore you cannot change your MAC address.
  What I can tell you is what your ISP really means. When you connect your router (which has a MAC address) to their modem, their modem memorizes your devices MAC address and assigns it an IP address. You need to make the modem forget this MAC to get a new IP. 
  To do this, turn off your modem and old router and leave it off for a bit (10 min). Borrow someone elses router (or if you have an old router, use it). Connect it. Turn on modem and new router. Leave on for about 15 min so that your ISP forgets the old MAC address of your original router and creates a new IP address under the new MAC address of the newly connected router.
  After 15 min, power them both down again, disconnect the temp router and connect your original router. Power them back up and wait 15 min again. You *should* get a new static IP from your ISP as it thinks it's a new MAC again. The ISP doesn't remember MAC addresses, only their modem does and once it forgets, it should give you a new IP when you connect the router again.
  Hope this helps!!

• 6509E with Sup720 - Show mac address

  I have seen very strange behavior. The following two commands show different outputs...
  core2#sho mac address-table dynamic | in cc04
       7  0009.0fbb.cc04   dynamic  Yes        150   Po10
  core2#sho mac address-table address 0009.0fbb.cc04
  Legend: * - primary entry
          age - seconds since last seen
          n/a - not available
    vlan   mac address     type    learn     age              ports
  ------+----------------+--------+-----+----------+--------------------------
  No entries present.
  Po10 is etherchannel to core1. The MAC address is on the core2 and should never be learned on core1. Core1 doesn't learn this MAC address at all.
  The commands are run at the same time. I repeated many times and it is the same... Any idea why?
  Thanks!
  Difan

  Hi Jon,
  Correct, I am not using VSS. However it is not standard set up. The vlan 7 is extended to many other switches. The root is actually not core1 or core2. It also passes some provider to different location as well. However like you said, all the correct ports are blocked. Please trust me on this.. If there is a loop, we will have much more serious problem... At least our CPU will hike and link will congested, right?
  I know your concern that the same packet could be somehow loopped back through core1, which makes core2 to learn the MAC on the port-channel interface to core1. However when this happens, core1 doesn't learn the MAC anywhere and on core2 some command show the MAC but not the other command...
  Also something interesting, even that MAC in the command will eventually disappear. Please note the aging time. The aging time configured on the vlan is 480 seconds. At last the MAC address is pointing to another interface like G1/1. That interface doesn't even have vlan 7 allowed on the trunk link.
  core2#sho mac address-table address 0009.0fbb.cc04
  Legend: * - primary entry
          age - seconds since last seen
          n/a - not available
    vlan   mac address     type    learn     age              ports
  ------+----------------+--------+-----+----------+--------------------------
  No entries present.
  core2#
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        285   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        290   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        300   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        305   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        315   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        320   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        320   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        330   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        335   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        340   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        375   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        405   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        425   Po10
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        465   Gi1/1
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        480   Gi1/1
  core2#show mac address-table | in 0009.0fbb.cc04
       7  0009.0fbb.cc04   dynamic  Yes        480   Gi1/1
  core2#show mac address-table | in 0009.0fbb.cc04
  core2#show mac address-table | in 0009.0fbb.cc04
  core2#sho mac address-table address 0009.0fbb.cc04
  Legend: * - primary entry
          age - seconds since last seen
          n/a - not available
    vlan   mac address     type    learn     age              ports
  ------+----------------+--------+-----+----------+--------------------------
  No entries present.
  core2#sh int g1/1 trunk
  Port                Mode         Encapsulation  Status        Native vlan
  Gi1/1               on           802.1q         trunking      1
  Port                Vlans allowed on trunk
  Gi1/1               64,72,156,214-216,300,600
  Port                Vlans allowed and active in management domain
  Gi1/1               64,72,156,214-216,300,600
  Port                Vlans in spanning tree forwarding state and not pruned
  Gi1/1               64,72,156,214-216,300,600
  Is it a bug?
  Thanks!

• CNA 5.5 and show mac address-table

  When trying to Monitor/Search for MAC address in C2960 network I got an error reply that a CLI command is not supported. Analyzing network traffic shows that CNA 5.5 is issueing 'show mac-address-table' command but the latest Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 12.2(55)SE does not support 'show mac-address-table' anymore but does support 'show mac address-table' command. How can I change the command for showing mac address tables in CNA 5.5?
  M.

  hi john,
  the show mac-address-table command should be valid.
  check if you've got MAC learning enabled on the ASA interface using show mac-learn command.
  edit: could you post show firewall? the above command works on transparent firewall only.

• How to verify VPLS mac-address forwarding

  I think VPLS know how to forward by mac-address. but how to verify it ?
  for example I show mac-address vlan 100. But I can not find a command to verify How mac-address is forwarding ?
  at 6509:
  PA_C76_1>sh mpls l2transport vc
  Local intf Local circuit Dest address VC ID Status
  VFI PA-LA-test VFI 203.160.227.88 100 UP
  VFI PA-LA-test VFI 203.160.227.95 100 UP
  PA_C76_1>show mac-address-table vlan 100
  Legend: * - primary entry
  age - seconds since last seen
  n/a - not available
  vlan mac address type learn age ports
  ------+----------------+--------+-----+----------+--------------------------
  * 100 000b.45b6.bc40 dynamic Yes 95 Router
  * 100 0012.d946.59c1 dynamic Yes 10 Gi4/1

  Hi,
  VPLS provides the medium to for a E-LAN, and in Cisco implementations, the MAC learning is not actually done by a VPLS instance.
  This can be best explained by an example.
  PE(SW)-A ---- PE(SW)-B
  PE(SW)-C
  Now these three PE nodes under VPLS, are only provided the medium to connect to each other using P2P PW forming a full mesh.
  For simplicity you can assume they are three switches connected in the above manner using copper. So this copper connecitivity is provided by VPLS.
  And at the end of the day the end nodes learn mac addresses using the conventional method of flooding and learning. So you wont find any VPLS specific commands to see what mac address is the VPLS instance flooding. As its only providing a medium for connectivty. And the flooding is done by the end nodes. as they treat the VPLS VC as one of the outgoing port.
  HTH-Cheers,
  Swaroop