Nexus5K vfc bind mac-address

Similar Messages

• AP 2700 - 2 MAC addresses - problem with joining to the WLC

  Hi,
  I had a problem with joining my new AP 2700 to the controller. I've found workaround but I would like to ask you if you know if this behavior is a some kind of bug or maybe feature :)
  I have DHCP server which assigns IP address base on the binding MAC address with the IP address. Without binding, IP won't be assigned so I added MAC address from the AP sticker (MAC and SN number is on the sticker at the back of each AP) to the DHCP, connected AP to the switch port which was configured exactly the same way like other ports on this switch where older AP are working fine and.... nothing. IP address was not assigned. There was no DHCP request in the DHCP server logs.
  During the investigation I've found that AP present 2 MAC addresses on the switch interface:
  switch#sh mac address-table interface fa1/1
  Mac Address Table
  Vlan Mac Address Type Ports
  11 58f3.54c1.2cb3 DYNAMIC Fa1/1
  11 58f3.54c1.2cb4 DYNAMIC Fa1/1
  The first one (58f3.54c1.2cb3) is a "sticker" MAC address but the second one (58f3.54c1.2cb4) is something new. Looking in to the DHCP logs I've found log that this second MAC address (58f3.54c1.2cb4) tried to get IP address but it was not possible because this MAC was not binding with any IP address so DHCP server refuse. I added this second MAC (58f3.54c1.2cb4) to the DHCP server, AP get IP address, join to the WLC, download software, reboot and ... this MAC address disappear.
  switch#sh mac address-table interface fa1/1
  Mac Address Table
  Vlan Mac Address Type Ports
  11 58f3.54c1.2cb3 DYNAMIC Fa1/1
  Software I had on the AP before joining to the WLC was:
  Version :
  Cisco IOS Software, C2700 Software (AP3G2-RCVK9W8-M), Version 15.2(4)JB5, RELEASE SOFTWARE (fc1)
  now I have (after downloaded from the WLC)
  Version :
  Cisco IOS Software, C2700 Software (AP3G2-K9W8-M), Version 15.2(4)JB6, RELEASE SOFTWARE (fc1)
  Do anyone know what happen?

  (WLC1) >show sysinfo
  Manufacturer's Name.............................. Cisco Systems Inc.
  Product Name..................................... Cisco Controller
  Product Version.................................. 7.6.130.0
  Bootloader Version............................... 1.0.20
  Field Recovery Image Version..................... 7.6.95.16
  Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
  Build Type....................................... DATA + WPS
  System Name...................................... WLC1
  System Location..................................
  System Contact...................................
  System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
  Redundancy Mode.................................. Disabled
  IP Address....................................... 10.10.10.10
  Last Reset....................................... Software reset
  System Up Time................................... 25 days 2 hrs 53 mins 5 secs
  System Timezone Location.........................
  System Stats Realtime Interval................... 5
  System Stats Normal Interval..................... 180
  Configured Country............................... US - United States
  Operating Environment............................ Commercial (0 to 40 C)
  Internal Temp Alarm Limits....................... 0 to 65 C
  Internal Temperature............................. +44 C
  External Temperature............................. +22 C
  Fan Status....................................... OK
  State of 802.11b Network......................... Enabled
  State of 802.11a Network......................... Disabled
  Number of WLANs.................................. 6
  Number of Active Clients......................... 25
  Burned-in MAC Address............................ XX:XX:XX:XX:XX:XX
  Power Supply 1................................... Present, OK
  Power Supply 2................................... Present, OK
  Maximum number of APs supported.................. 25
  (WLC1) >show time
  Time............................................. Thu Apr 9 13:51:00 2015
  Timezone delta................................... 0:0
  Timezone location................................
  NTP Servers
  NTP Polling Interval......................... 3600
  Index NTP Key Index NTP Server NTP Msg Auth Status
  1 0 10.10.10.11 AUTH DISABLED
  It's look like AP doesn't allow for console login or commands it just only show activity. After rebooting the WLC I get information:
  Cisco IOS Software, C2700 Software (AP3G2-RCVK9W8-M), Version 15.2(4)JB5, RELEASE SOFTWARE (fc1)

• Adding mac address manually

  Hi All,
  Can any one suggest, how to add mac address manuall, as I am unable to learn MAC in CAM.

  You can statically bind mac address to a switch port 
  by using command 
  mac-add-table static "mac-id" "vlan-id" "interface-port" 

• Facing issues on binding VFC to a MAC-Address on Nexus 5010

  Hello,
  After creating a VFC interface, I am binding it to Ethernet MAC-Address of the CNA. On the wireshark trace it is observed that the initiator is sending a VLAN request but there is no response from the switch hence no FLOGI is seen.
  Although when I bind the VFC to the ethernet interface, everything works well and the initiator logs into the switch. Is there a extra config that needs to be done while a VFC is bound to a MAC?
  Thanks,
  Somayajulu

  No other special configuration.. Just make sure the MAC address is correct one. If this interface connects to a single CNA/Server, you could just bind it to physical ethernet interface. Binding to a MAC address is needed only if you have multiple servers connected on the interface through a FIP snooping device.

• Bind interfaces and mac addresses

  I have a server with arch linux installed.
  The server has 2 interfaces, and my problem is that sometimes, whenever I reboot the server, I find that the interface names switch - I.E., what was eth0 is now eth1 and vice versa...
  Of course, this is a major connectivity problem, which forces me to reboot again, and hope that this time Arch will "get it right"...
  I also have several centos/redhat servers in which i found it pretty simple to just add the HWADDR to the ifcfg.ethX file, but i couldn't find anyplace where i can bind the interfaces to a specific mac address in Arch...
  Anyone had the same problem before?

  attila wrote:
  These may be in a future version of Arch's network scripts
  I use udev to get a specific name for my network:
  KERNEL=="eth*", SYSFS{address}=="MAC_ADRESS", NAME="lan"
  This works about a half year without any problems so i hope there will be a warning before doing this because than perhaps i have to change my configuration.
  the udev method will continue to work as long as udev doesnt change it's syntax. the method i've suggested will not replace it, rather it will work alongside it.
  James

• Use TCP, UDP, or other to communicate with UUT using MAC address instead of IP address

  I want to verify that the Ethernet port on my UUT works. 
  My plan was to ping the UUT and verify that I got a response.  However, the UUTs will come to test with an IP that I cannot use on the network.  [Please don't ask me to explain why -- the IT group has their rules, and rules are rules after all . . . ] 
  I can query the UUT (via the serial port) for it's MAC address.  But I cannot find any LabView VIs, or DOS executables which use the MAC address as a parameter to invoke a response from the device.
  Does anybody have an idea of how I can verify the UUT Ethernet port without having to divorce myself from the company network and set up my own private network?  [Oh and by the way, before somebody suggests it, the IT group won't let me put a 2nd network card in my PC -- rules are rules after all . . . .]

  I wouldn't worry too much about the address shown in the Remote Management tab.  The ARDAgent process, which is what is listening on his computer for connections from Remote Desktop, binds to all active network interfaces and ultimately that's all that matters. Of out curiosity though, to what IP address does the "unknown-b8-8d-##-##-##-##.home" dns name resolve?  Is it the WAN address?  I can't imagine it resolves to a private address like a 192.168.
  In any event, let's focus back on the network structure. Does the BT router have both a hard wired LAN ethernet port as well as a WiFi radio for LAN connections?  My guess is yes. I am also assuming that he does *not* have another router attached to the BT LAN ethernet port like an Airport basestation that is serving the WiFi connections.  Typically, the LAN ethernet port is given, via DHCP, a real Internet accessible address but the addresses served via DHCP for wireless clients are private network addresses only.  It's seems unlikely to me that the router is automatically forwarding incoming connections to a private network address on the WiFi network.  But if he plugs his Mac in to the ethenert LAN port on the BT router then you should be able to connect directly to the address given to it via DHCP because it *should* be a real Internet accessible address.

• Mac address table corruption?

  We are running Cisco 4500 chassis at the access layer, and have been for a few years without issue. Recently we started to experience issues where a mac address will just randomly "jump" to another port. User will call us and say their computer is not working. We will locate the mac, and its showing on the wrong port. We shut that port, do a no shut, and the mac jumps back to the correct port. In the example below, the mac address jumps to port 3/2, but is physically connected to 2/12.
  !--issue before shut/no shut
  mdf#show mac address-table | inc 9ebf
   236      782b.cb8c.9ebf    static ip,ipx,assigned,other GigabitEthernet3/2  
  !--port security knows the correct info however
  mdf#show ip dhcp snooping  binding | inc 9E:BF
  78:2B:CB:8C:9E:BF   xxx.xxx.236.193   76145       dhcp-snooping   236   GigabitEthernet2/12
  mdf#show mac address-table int gi2/12
  Unicast Entries
   vlan     mac address     type        protocols               port
  ---------+---------------+--------+---------------------+-------------------------
  3908      20bb.c021.ae58    static ip,ipx,assigned,other GigabitEthernet2/12   !--ip phone
  mdf#show mac address-table int gi3/2
  Unicast Entries
   vlan     mac address     type        protocols               port
  ---------+---------------+--------+---------------------+-------------------------
   236      1803.7339.d93d    static ip,ipx,assigned,other GigabitEthernet3/2         
   236      782b.cb8c.9ebf    static ip,ipx,assigned,other GigabitEthernet3/2         !--mac in question
   236      782b.cb8c.c366    static ip,ipx,assigned,other GigabitEthernet3/2         
  3908      b414.89a2.2ae0    static ip,ipx,assigned,other GigabitEthernet3/2   
  !--fixing issue
  mdf(config)#int gi3/2
  mdf(config-if)#shut
  !-- issue resolved
  mdf#show mac address-table | inc 9ebf
   236      782b.cb8c.9ebf    static ip,ipx,assigned,other GigabitEthernet2/12
  Switch is running cat4500e-entservicesk9-mz.151-2.SG2.bin , but also happened on cat4500e-entservicesk9-mz.151-2.SG4.bin and cat4500e-entservicesk9-mz.150-2.SG4.bin. Other switches have also had this issue occur.

  Looks to be me like a bug.
  could you please provide me some more details on this:
  1- How often this issue is occurring?
  2- Is this occurring to specific ports or specific laptops which are connecting to this ports or is it irrespective of devices?
  3- Is there any possibilities that you try rebooting one of the switch if the issue is very often? (I know this is not a feasible solution , I know it is some issue iwth the firmware but in case to avoid high impact you can reboot the switch and update me?
  4- Provide me with the logs from the switch?
  5- I will do the bug scrub and let you know.
  HTH

• Bind Local Address Book to Server?

  A priority for our firm, and a main reason we are setting ups an SLS, is to be able to use Group Address Books to share contacts across the Groups we would like to set up. The documentation says this is possible, but as I see in other posts, this doesn't actually appear to have been implemented yet. Has anyone noticed Page 11 of the Address Book Server Administration Manual, posted at Apple's SLS documentation page:
  "To use Address Book Server on a client, you need to bind the client to Address Book Server. Before binding a client computer, make sure Address Book Server is running (see “Starting or Stopping Address Book Server” on page 15).
  To bind Address Book on a client to Address Book Server:
  1 Open Address Book on the client computer.
  The only versions of the Address Book application that support using Address Book
  Server are those in Mac OS X version 10.6. Earlier versions of Address Book don’t
  support binding to Address Book Server.
  2 Choose Address Book > Preferences, and then click Accounts.
  3 Click the Add button.
  4 In the Add Account dialog, select Mac OS X Server as the Account Type.
  5 Enter the user’s name and password. Enter the URL of the Address Book Server.
  6 Click Create.
  An account is now added to the account list. The Address Book application now shows a new group with the user’s name and your server designated. Any groups in the shared address book are displayed below this via a disclosure triangle."
  All of this sounds great: once "bound" to the server, manual appears to be saying that the local Address Book app will show the user's address book as well as any Group the user is a part of. Perfect. Only problem is that when I go to create an Address Book account with the type "Mac OS X Server", there is no such option under the pull down account type menu.
  I have all the latest versions of everything on the server as well as client computers, and this option simply isn't there. Address Book Server is running, and there are no configuration choices that would appear to "turn on" this option or otherwise make it available to the client computers. Anybody have an explanation? Has Apple just not implemented this yet? If not, why Apple would put this in their current documentation? Am I missing a configuration setting of some type?

  Hi
  Unfortunately for you the admin manuals are not that clear - what a surprise. It's not really your fault but you're taking the instructions too literally. By "Address Book Server" the manual means the Server the Address Book Service is running on. This would be whichever server is the Open Directory Master.
  Preceeding the part you quoted is:
  +"Address Book Server is integrated with Mac OS X Server’s foundation technologies. Address Book users are authenticated from Open Directory and Kerberos."+
  This certainly implies an OD Master environment.
  In a multiple server environment (Master/Replica or Connected Server) it's not clear if the Service can only be used/accessed on the OD Master.
  To 'bind/join' clients to an OD Master (and in essence the Address Book Server) you use Directory Utility. In 10.6 client this is accessed via the Accounts tab. In 10.5 the application exists as standalone in the Utilities folder. In 10.4 the application is in the same place but is known as Directory Access. As far as the manual says only Address Book in 10.6 seems to be supported?
  For LDAP Services to work as they should DNS Services must be configured correctly and resolving on both pointers. For the best experience clients must be using the Server for their DNS (assuming the Server is the only Server on the network) or a suitable DNS Server that can resolve the Server properly.
  I personally don't think there is a Group Address Book feature available. If the iCal service is anything to go by you're really talking about individual address books which have then been delegated read/write access to other users in the LDAP node. If you consider carefully what it is you want there is no reason why you can't offer a 'group-type' address book with what's available?
  Tony

• AEBS and Comcast (can I clone a MAC address?)

  I am currently an Earthlink DSL subscriber. I love Earthink, but DSL is giving me all kinds of trouble. Covad owns the lines in my area and they are aweful... in any case...
  I am going to switch to Comcast Cable Broadband. I have set up many people in the area with Comcast and a wireless router. It seems that Comcast does not do this everywhere, but in my area they "bind" to the MAC address of the NIC that you use to setup the connection (MAC Address Authentication).
  If I want to use NAT on my router, it will not work unless I can spoof the MAC address. This is easily done with a Netgear or Linksys router. This does not seem to be a setting in the Airport Admin Utility.
  Is there a hidden setting or a third party utility that I can use for spoofing the WAN MAC address on my Airport Extreme Base Station?
  I could switch to a different wireless router or put a small router between my Cable modem and the AEBS, but I would rather not add a layer of hardware or switch hardware if I don't have to (I really like my AEBS).
  Thanks for any advice.
  WT

  It should be possible, if manual registration of the MAC address of connected equipment is required on Comcast's service in your area, to get them to either clear the binding to allow a new device (ie the Base Station) to associate with the connection, or to ask them to manually register the MAC address of the Base Station's WAN port. I realize you would rather not have to deal with Comcast's tech support people, but (as pointed out above) the only other option is to use a different wireless router that does support MAC address cloning.

• MAC address change under MacBook Pro MB133PL/A (Penryn) with Mac OSX 10.5.2

  Hi,
  Do you know how to change MAC address of ethernet LAN card (not Wi-Fi) under MacBook Pro MB133PL/A (Penryn) with Mac OSX 10.5.2 (Leopard) ?
  Thanks,

  I use the terminal.
  sudo ifconfig en0 lladdr /enter valid mac address here without the slashes/
  press return
  enter superuser password
  press return
  This will change the regular wired ethernet port on you MBP. To change the wireless MAC you should replace the en0 with an en1 but if you have a Airport v1.0 card then it will not work. It might work if you have a v2.0 but people seem to have off an on success with that. Also you can attempt putting ether in place of lladdr if you still have issues that need troubleshooting.
  I know there are some legit reasons to change the MAC address and many non-legit ones but lets just say for instance a friend of yours has a network or wireless and they forgot their password to control the settings on that network. Long ago when they made the network they limited access to it by binding it to certain MAC addresses namely theirs. Now they have given you permission to use the network but you can't because your computer does not have their mac address. They cannot make the network give you permission because they forgot their password so they give you thier MAC address and let you trick their network into thinking your computer is actually your friend's and then you are able to surf the internet. They won't just let you use their computer cause they need to write an essay offline for a few hours. This does not violate any terms of service, you got permission and unless there are some other extenuating circumstances this is a legit move. I assume this is the exact reason you want this information.

• User + Mac Address Authorization Policy

  Hi,
  Is there any option to bind a user who is authorized correctly from external identity with the mac-address of his workstation ?
  The point is to give him access to the network only from a specific Workstation and denied him from any other workstation.
  Thanks

   1.  ISE 1.2 is having the role of Radius
   2. Really i don't know I guess the binding should be happen before the login as i don't want the user to login from any other PC.
       The key point on this scenario is a user to login on the corporate wired network only from his PC (User+MAC) and denied from any other PC.
  If you want describe me both ways to understand which might fit in my case. 
   3. The PC has the native supplicant of Windows and authenticated through PEAP MS CHAPv2
  Thanks in advance

• LRT214 Access Policy using MAC address

  I recent upgraded to the LRT214 from a Cisco RVS4000 On the RVS4000 I used the Access policy to block internet access to certain devices identified by their MAC address during certain times of the day.  This was very helpful for enfocing the time rules for my daughters Xbox to play games using the internet.  That functionality seems to be gone in the LRT214.  I see I can bind a MAC address to a IP and then retrict that IP but that seems cumbersome-- wondering if there is a way to restrict access using ONLY the MAC address?  thanks in advance.

  This is interesting!
  I believe the Linksys device (LRT214) by design does not have the same feature as the Cisco's but basing from what I saw in the LRT's userguide, what you are trying to do can be achieved.
  The LRT has the a Firewall Access Rule feature that allows blocking by creating a "deny" rule via IP where you can specify the time of duration. I think since you are going to bind the ip to a specific mac, it could help.
  I have not tried it myself since I do not have the device at hand. I hope it will be work.

• How to find which port on the switch that it connected with Mac address?

  Hi,
  I am trying to find which port of the switches it connected to thru mac-address?
  I am able to get the mac-address from the ip address when i do
  "show ip dhcp binding snooping" at the core switch.
  But when I move on to the Edge switch to check which PC with this Mac address connected to the port,i returned with no result.(onli trunk port result)
  I use sh ip arp | inc 000d.60cb.445d
  but didn't give me which port it connected to.
  How to solve this problem?
  thanks!
  KL

  Hi KL,
  If you are already on the edge switch you can run a command "sh mac-address-table address " and it will give you the port number.
  Incase you get a port which is a trunk port that means the end device does not exist on this switch and exist on some downstream switch. So you can just find out the ip address of the downstream switch with "sh cdp neigh detail" command and connect to that downstream switch and then again issue the command "sh mac-address-table address " and check the port number and follow the above steps till the time you get the switch on whcih end host is connected.
  HTH, if yes please rate the post.
  Ankur

• BE 5K CUCM and CUC Mac-Address registering license

  Hi All,
  I am really confused for registering CUC license to which mac-address. (CUCM or CUC)
  I have CUCM be 5k on Server 7828 both CUCM and CUC is installed on same server. For CUCM i got the mac address from show status, but how about registering the license to CUC it should be registered on same CUCM Mac address or CUC has different mac-address.
  I uploaded the licenses in CUCM and need to upload the license in CUC.
  Thank you all in advance.
  Best Regards,
  Mohammed SaberUddin

    MAC address changes should NOT effect the BI 4 server in any way, everything binds to the Server Name & IP Address.
  Regards,
  Ajay

• NAM shows MAC address instead of IP address in host

  Hi,
  Product: Cisco Prime NAM Appliance 2304
  Version: 5.1(3)
  Problem: We only can see MAC address on Hosts table in NAM, not IP address.
  Does anyone know what happen and how to fix it?
  Thanks!!!

  I wouldn't worry too much about the address shown in the Remote Management tab.  The ARDAgent process, which is what is listening on his computer for connections from Remote Desktop, binds to all active network interfaces and ultimately that's all that matters. Of out curiosity though, to what IP address does the "unknown-b8-8d-##-##-##-##.home" dns name resolve?  Is it the WAN address?  I can't imagine it resolves to a private address like a 192.168.
  In any event, let's focus back on the network structure. Does the BT router have both a hard wired LAN ethernet port as well as a WiFi radio for LAN connections?  My guess is yes. I am also assuming that he does *not* have another router attached to the BT LAN ethernet port like an Airport basestation that is serving the WiFi connections.  Typically, the LAN ethernet port is given, via DHCP, a real Internet accessible address but the addresses served via DHCP for wireless clients are private network addresses only.  It's seems unlikely to me that the router is automatically forwarding incoming connections to a private network address on the WiFi network.  But if he plugs his Mac in to the ethenert LAN port on the BT router then you should be able to connect directly to the address given to it via DHCP because it *should* be a real Internet accessible address.