Relearning of MAC addresses during STP convergence between ports in a switch
I found a problem in STP convergence between two redundant links. when a active link is brought down, traffic is converging into blocked link(port), but relearning of MAC addresses is not happening, which i mean ARP request is not initiated by the switch. Anyone can help in this issue ?
Hey,
Configure uplinkfast. FYI:
http://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/10575-51.html
HTH.
Regards,
RS
Similar Messages
-
Multipe mac addresses entries for the same port (FE)-Switch 3560
Dear All,
I have a problem with a host whitch is connected to 11 port of my cisco 3560. from time to time the, the connection is lost with the host and after some troubleshooting i see two entries of mac-address table for the port 11.
I'm asking if someone has an idee how to explain this issue and how to see if this port is participing to SPT or...
I see also somme error of collision :
===================================
5 minute input rate 1000 bits/sec, 2 packets/sec
5 minute output rate 7000 bits/sec, 1 packets/sec
64677029 packets input, 17167881111 bytes, 0 no buffer
Received 39036768 broadcasts (0 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 39036088 multicast, 0 pause input
0 input packets with dribble condition detected
54722071 packets output, 8588329003 bytes, 0 underruns
0 output errors, 992 collisions, 1 interface resets
0 babbles, 2316 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
======================================
i have two routers in the same switch: my wan router + un other router used to conneced some separated hosts to internet.
If i use statif addressing for the second subnet (2 hosts + internet router), is there any risk for collision or broadcast domains or errors ?
is the second router distrub my LAN or WAN ?
Manay thanks for your help and support.
Best regards,Hello,
For the first part of the question, I guess somebody might be connecting a hub to that port. If the hub is not negotiating the speed/duplex with the 3560 switch, then that port will go to half-duplex mode and you will see collisions on the port. That might also explain why you are seeing multiple MAC addresses on that port. Please check the port to see if the hub is connected and remove it. You can use features like port-security to ensure only one MAC address is registered on that port and people are not connecting hubs/dumb switches on that port.
For the second issue, you can certainly use static IP addresses as long as they are not overlapping with other subnets in your network. If they are overlapping, you do need to configure NAT on the router so that they are not affecting rest of the network.
Hope this helps.
Regards,
NT -
SCCM2012 SP1: rename computer to MAC address during OSD
Dears, i'm trying to rename the computers during the OSD process to it's MAC addresses. i want to do it by SCCM only without MDT integration because we have SCCM SP1 and MDT 2012 and we're tending to deploy Windows 8.1. and we're alredy deploying Windows 8.1
with no issues. i'm using the following script:
Set env = CreateObject("Microsoft.SMS.TSEnvironment")
Set ProgressUI = CreateObject("Microsoft.SMS.TsProgressUI")
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
Set IPConfigSet = objWMIService.ExecQuery("SELECT MACAddress FROM Win32_NetworkAdapterConfiguration " & "WHERE IPEnabled=true" )
ProgressUI.CloseProgressDialog
For Each IPConfig In IPConfigSet
env("OSDComputerName") = Left(Replace(IPConfig.MACAddress,":",""),12)
WScript.Echo env("OSDComputername")
Next
and i'm using it in a package after apply operating system step as shown in the following snapshot:
however the machine get named Minintxxxx and the step gives code 0 as a return code which means successfully completed.
any help please?Dears, so sorry for the late reply. here's a part from the SMSTS.log for the setting computer name step with script in the upper post
TSManager 11/6/2014 9:10:05 AM
1244 (0x04DC)
Expand a string: WinPEandFullOS TSManager
11/6/2014 9:10:05 AM 1244 (0x04DC)
Executing command line: smsswd.exe /run:PR1000DA cmd.exe /c cscript.exe ADEC_ComputerName.vbs
TSManager 11/6/2014 9:10:05 AM
1244 (0x04DC)
[ smsswd.exe ] InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
PackageID = 'PR1000DA' InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
BaseVar = '', ContinueOnError='' InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
ProgramName = 'cmd.exe /c cscript.exe ADEC_ComputerName.vbs'
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
SwdAction = '0001' InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
ResolveSource flags: 0x00000000 InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
SMSTSPersistContent: . The content for package PR1000DA will be persisted
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
DownloadOnDemand flag is true. Attempting to download content locally for Package PR1000DA..
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
Package Flags: 0x1000000 InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
GetDirectoryListing() entered InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
Initializing HTTP transport. InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
Setting URL = http://APDC01CFG05.adec.ae/SMS_DP_SMSPKG$/PR1000DA.
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
Address=http://APDC01CFG05.adec.ae, Scheme=http, Object=/SMS_DP_SMSPKG$/PR1000DA, Port=80.
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
Setting Authenticator. InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
Set authenticator in transport InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
WinHttp credentials set InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
CLibSMSMessageWinHttpTransport::Send: URL: APDC01CFG05.adec.ae:80 PROPFIND /SMS_DP_SMSPKG$/PR1000DA
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
Request was succesful. InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
DAV response string is:
<?xml version="1.0" encoding="utf-8" ?><D:multistatus xmlns:D="DAV:"><D:response><D:href>http://APDC01CFG05.adec.ae/SMS_DP_SMSPKG$/sccm?/PR1000DA/</D:href><D:propstat><D:status>HTTP/1.1
200 OK</D:status><D:prop><D:getcontenttype/><D:supportedlock/><D:getetag/><D:creationdate/><D:iscollection>1</D:iscollection><D:resourcetype><D:collection/></D:resourcetype><D:ishidden>0</D:ishidden><D:displayname>http://APDC01CFG05.adec.ae/SMS_DP_SMSPKG$/sccm?/PR1000DA/</D:displayname><D:getlastmodified></D:getlastmodified><D:getcontentlanguage/><D:getcontentlength>0</D:getcontentlength></D:prop></D:propstat></D:response><D:response><D:href>http://APDC01CFG05.adec.ae/SMS_DP_SMSPKG$/PR1000DA/sccm?/ADEC_ComputerName.vbs</D:href><D:propstat><D:status>HTTP/1.1
200 OK</D:status><D:prop><D:getcontenttype/><D:lockdiscovery/><D:supportedlock/><D:getetag/><D:getcontentlanguage/><D:iscollection>0</D:iscollection><D:creationdate/><D:resourcetype/><D:ishidden>0</D:ishidden><D:displayname>http://APDC01CFG05.adec.ae/SMS_DP_SMSPKG$/PR1000DA/sccm?/ADEC_ComputerName.vbs</D:displayname><D:getlastmodified>Wed,
05 Nov 2014 12:10:59 GMT</D:getlastmodified><D:getcontentlength>527</D:getcontentlength></D:prop></D:propstat></D:response><D:response><D:href>http://APDC01CFG05.adec.ae/SMS_DP_SMSPKG$/PR1000DA/sccm?/Dump_Var.vbs</D:href><D:propstat><D:status>HTTP/1.1
200 OK</D:status><D:prop><D:getcontenttype/><D:lockdiscovery/><D:supportedlock/><D:getetag/><D:getcontentlanguage/><D:iscollection>0</D:iscollection><D:creationdate/><D:resourcetype/><D:ishidden>0</D:ishidden><D:displayname>http://APDC01CFG05.adec.ae/SMS_DP_SMSPKG$/PR1000DA/sccm?/Dump_Var.vbs</D:displayname><D:getlastmodified>Sun,
02 Nov 2014 10:13:02 GMT</D:getlastmodified><D:getcontentlength>125</D:getcontentlength></D:prop></D:propstat></D:response></D:multistatus>
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
List of files to be downloaded InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
File: http://APDC01CFG05.adec.ae:80/SMS_DP_SMSPKG$/PR1000DA/sccm?/ADEC_ComputerName.vbs
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
File: http://APDC01CFG05.adec.ae:80/SMS_DP_SMSPKG$/PR1000DA/sccm?/Dump_Var.vbs
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
GetDirectoryListing() successfully completed
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
Succeeded loading resource DLL 'X:\sms\bin\x64\1033\TSRES.DLL'
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
Downloaded file from http://APDC01CFG05.adec.ae:80/SMS_DP_SMSPKG$/PR1000DA/sccm?/ADEC_ComputerName.vbs to D:\_SMSTaskSequence\Packages\PR1000DA\ADEC_ComputerName.vbs
InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
Downloaded file from http://APDC01CFG05.adec.ae:80/SMS_DP_SMSPKG$/PR1000DA/sccm?/Dump_Var.vbs to D:\_SMSTaskSequence\Packages\PR1000DA\Dump_Var.vbs
InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
Download done setting progress bar to 100 InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
VerifyContentHash: Hash algorithm is 32780 InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
Failed to open Software\Microsoft\Sms\Mobile Client\Software Distribution registry key. The client should not get checked for RWH OpLock Type
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
Failed to open Software\Microsoft\Sms\Mobile Client\Software Distribution registry key. The client should not get checked for RWH OpLock Type
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
Content successfully downloaded at D:\_SMSTaskSequence\Packages\PR1000DA
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
Resolved source to 'D:\_SMSTaskSequence\Packages\PR1000DA'
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
Command line for extension .exe is "%1" %*
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
Set command line: Run command line InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
Working dir 'D:\_SMSTaskSequence\Packages\PR1000DA'
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
Executing command line: Run command line InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
Process completed with exit code 1 InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
Microsoft (R) Windows Script Host Version 5.8
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
Copyright (C) Microsoft Corporation. All rights reserved.
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
Input Error: There is no script engine for file extension ".vbs".
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
Command line returned 1 InstallSoftware
11/6/2014 9:10:05 AM 1740 (0x06CC)
Entering ReleaseSource() for D:\_SMSTaskSequence\Packages\PR1000DA
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
reference count 1 for the source D:\_SMSTaskSequence\Packages\PR1000DA before releasing
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
Released the resolved source D:\_SMSTaskSequence\Packages\PR1000DA
InstallSoftware 11/6/2014 9:10:05 AM
1740 (0x06CC)
Process completed with exit code 1 TSManager
11/6/2014 9:10:05 AM 1244 (0x04DC)
TSManager 11/6/2014 9:10:05 AM
1244 (0x04DC)
Failed to run the action: Get OSDComputerName.
Incorrect function. (Error: 00000001; Source: Windows)
TSManager 11/6/2014 9:10:05 AM
1244 (0x04DC)
i'm so confused about the "Input Error: There is no script engine for file extension ".vbs"."
any help please!! -
Hi all, I have two switches connected in cross-3750X stack into a single SW 6500., But I get the following error appears.
18w2d: %SW_MATM-4-MACFLAP_NOTIF: Host 0012.950a.9952 in vlan 10 is flapping between port Gi5/0/46 and port Gi6/0/44
What can i do?
Thank you very much¡¡.The configuration on the port channel is that all the port must be with the equal configuration :
For example :
interface Port-channel1
description IDC-TO6500 - 192.168.0.12
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,54,136,192,432
switchport mode trunk
speed 100
duplex full
interface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,54,136,192,432
switchport mode trunk
speed 100
duplex full
channel-protocol lacp
channel-group 1 mode active
interface GigabitEthernet1/0/2
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,54,136,192,432
switchport mode trunk
speed 100
duplex full
channel-protocol lacp
channel-group 1 mode active
The same configuration is on the 3750 :
interface Port-channel1
description IDC-TO3750 - 192.168.0.12
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,54,136,192,432
switchport mode trunk
speed 100
duplex full
interface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,54,136,192,432
switchport mode trunk
speed 100
duplex full
channel-protocol lacp
channel-group 1 mode active
interface GigabitEthernet1/0/2
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,54,136,192,432
switchport mode trunk
speed 100
duplex full
channel-protocol lacp
channel-group 1 mode active -
Hello,
In one of our core switches, the output of the mac-address-table shows some mac addresses which come up as MPLS Multicast address when I looked them up under MAC Manufacturer(See below). Also, in the mac-address-table under the port column, those mac addresses display several ports associated with them and the word Router(see attachement). My question is, why are these MAC addresses come up as MPLS Multicast and why under the ports is it has the word Router?
Thanks in advance...
Prefix
Vendor
01005E
Internet Multicast (01:00:5E:00:00:00 to 01:00:5E:7F:FF:FF)
01005E
MPLS Multicast (01:00:5E:80:00:00 to 01:00:5E:8F:FF:FF)
01005E
Internet reserved by IANA (01:00:5E:90:00:00 to 01:00:5E:FF:FF:FF)
01005E
Internet reserved by IANA (01:00:5E:90:00:00 to 01:00:5E:FF:FF:FF)
01005E
MPLS Multicast (01:00:5E:80:00:00 to 01:00:5E:8F:FF:FF)
01005E
Internet Multicast (01:00:5E:00:00:00 to 01:00:5E:7F:FF:FF)Hi,
Yes multiple MAC addresses are supported on each port. The switch learns the MAC by noting the source address of the packet received on each port and on that basis it builds what we call MAC address table. There is an aging mechanism in place which removes the inactive MAC addresses and allows new ones to be learned as devices are connected and disconnected.
The default aging time is 300 seconds, however if need arises you can change the same by giving the command - 'mac address-table aging time number vlan vlan-id'.
Have a look at the following link-->
http://www.cisco.com/en/US/products/hw/switches/ps5213/products_configuration_guide_chapter09186a00801cdf85.html#wp1063713
Hope this helps!
Regards,
AbhisheK
Please rate all helpful posts!!! -
WRT610N: Cannot enter MAC address in MAC address filter list
My WRT610N cannot accept a very specific MAC address in any position of the MAC address filter list. It is a valid address and it was working fine in the filter list of my WRT54G but the 610N will just not take that specific address! What is this all about?
Solved!
Go to Solution.gv wrote:
There is nothing like a "non-critial setup". It's enough to drive by with a car and within a few minutes your network is hacked. Or it's the bored teenager next door...
I recommend to replace the WEP only device instead of taking the risk of a hacked network.
And just forget about the wireless mac address filter. Anyone, who wants to crack your WEP network will collect enough accepted MAC addresses during the cracking process. It's just not worth the trouble to set up the filter and keep the list current...
Thanks for the diligent follow-up gv but I can't replace the WEP-only device for now. (I need to go through a conversion process for that device to accept WAP and that will take a fair amount of time) I understand your point about getting accepted MAC addresses but, at least, it requires a bit more effort... Maybe I will return the WRT610 and stick with my old WRT54 until the 610 gets fixed... -
LRT214 Access Policy using MAC address
I recent upgraded to the LRT214 from a Cisco RVS4000 On the RVS4000 I used the Access policy to block internet access to certain devices identified by their MAC address during certain times of the day. This was very helpful for enfocing the time rules for my daughters Xbox to play games using the internet. That functionality seems to be gone in the LRT214. I see I can bind a MAC address to a IP and then retrict that IP but that seems cumbersome-- wondering if there is a way to restrict access using ONLY the MAC address? thanks in advance.
This is interesting!
I believe the Linksys device (LRT214) by design does not have the same feature as the Cisco's but basing from what I saw in the LRT's userguide, what you are trying to do can be achieved.
The LRT has the a Firewall Access Rule feature that allows blocking by creating a "deny" rule via IP where you can specify the time of duration. I think since you are going to bind the ip to a specific mac, it could help.
I have not tried it myself since I do not have the device at hand. I hope it will be work. -
Detemining MAC addresses on WS-C2950G switches
On my old WS-C3500XL switches (running IOS ver 12.0(5)WC5(fc1), I could input the following IOS command and figure out the MAC address of hosts that are connected to any switch port interface (int fa0/1 in the example below):
3500xl# show mac int fa0/1
Non-static Address Table:
Destination Address Address Type VLAN Destination Port
0800.20a4.eefe Dynamic 6 FastEthernet0/1
I work in the aerospace industry and this was very useful for me to verify hosts were connected to the correct switch port (especially in remote locations). It also allowed me to verify more easily find out if someone who shouldn't be connected to the net is (i.e. a user that might disconnect a Sun host to put his PC on the net).
On my newer WS-C2950G Catalyst 2950 switches running IOS ver 12.1(22)EA1b(fc1), it no longer supports this same IOS command. Is there another command I can use to get this info?
Thanks,
ScottHi Scott,
You can achieve the same with the following command
sh mac-address-table interface
eg
2950#sh mac-address-table interface fa 0/1
Non-static Address Table:
Destination Address Address Type VLAN Destination Port
0015.2bd7.1821 Dynamic 25 FastEthernet0/1
HTH
Narayan -
Duplicate MAC Addresses effect
Hi All,
I have a query regarding the entry of duplicate MAC entries in switch. I tried issuing the following command:-
Switch(config)#mac address-table static 0007.e9f6.4fd2 vlan 1 interface fa0/2
Switch(config)#mac address-table static 0007.e9f6.4fd2 vlan 1 interface fa0/3
And after issuing the command, the resultant MAC table was as follows:-
1 0007.e9f6.4fd1 STATIC Fa0/2 Fa0/3
What does this signify. Where would a packet destined to this MAC address reach (I mean the port that it will reach)
Does it mean that there could be Network Load Balancing?
Thanks,
Sridhar.HI
It will reach to the port where the end system is connected.u just deifined the mac-address as static on two ports u will not connect the end system to two ports so on the port which u r end system will connected will be up/up and on the port which the end system is not connected it will be in down state.hope i am correct in this if not plz correct me.
Thanks
Mahmood -
Mac-Address Different format for Authorization on Cisco ISE
Dear All,
I have problem with my Cisco ISE,
This is the design :
ISE ---- Core Switch ---- 3Com Switch --- PC User
My Case:
Authorization is based on Mac-address and Active Directory,
But user with PC that connect to 3Com swtich is Deny by ISE because the Format Mac-address is different with Cisco,
Mac-address Cisco format : XX:XX:XX:XX:XX:XX
Mac-address 3Com format : XXXX-XXXX-XXXX
3Com Switch type is TRICOM 4210 26-PORT.
Anyone have experience with this? and how change the mac-address format in 3Com so user can authorized by Cisco ISE.
note:
authorization based on Active Directory is not problem with 3Com Switch.
Based on my experience, Different product is different format mac-address, so this case not only for 3Com Switch.
Thanks,
Arika WahyonoI do not think Cisco will add these vendors to the supported switch matrix because then it would be a support issue that cisco would have to deal with, much like most of the AD issues I experienced when I worked in TAC. Your best bet would be to run the evaluation license instance in a lab and have a 3com switch point against that.
Other than that I do not recommend upgrading to 1.2 without validating that the new "multi-vendor" MAB support will work on your switch.
PS- Keep in mind that my comments is just my opinion so you may need to open a TAC case for an official answer.
Tarik Admani
*Please rate helpful posts* -
802.1x sticky mac address
Hi,
We have a problem with 802.1x configuration via IP Phone.
PC (win7 with certificate)-------IP Phone (7911, 9.2.1s firmware)-----switch (2960, lab base 12.2(58)SE2)
Configuration on the port on the switch:
interface FastEthernet0/3
switchport access vlan 699
switchport mode access
switchport voice vlan 746
switchport port-security maximum 2
switchport port-security
switchport port-security mac-address sticky
switchport port-security mac-address sticky 0019.dbdd.42d4
switchport port-security mac-address sticky 001f.ca35.43c4 vlan voice
srr-queue bandwidth share 10 10 60 20
priority-queue out
authentication event fail retry 0 action authorize vlan 357
authentication event server dead action authorize vlan 82
authentication event no-response action authorize vlan 357
authentication event server alive action reinitialize
authentication port-control auto
authentication timer restart 0
mls qos trust device cisco-phone
mls qos trust cos
macro description cisco-phone
dot1x pae authenticator
dot1x timeout tx-period 5
auto qos voip cisco-phone
spanning-tree portfast
spanning-tree bpdufilter enable
spanning-tree bpduguard enable
service-policy input AutoQoS-Police-CiscoPhone
After shutting down the PC, port are moving in the d0t1x unauthorized state, but it is also removing sticky MAC address from the port configuration! Without sticky keyword, with adding static mac address via portsecurity on the port, everything is working fine, but I can not understand why dot1x port state are also removing sticky mac address ?
Most interesting part is that this is not happening if PC is directly connected to the switch, not via IP Phone.
Any idea?
Thank You in advanceHi Ted,
802.1X supports the port-based autehnticaion only but you can use it along with port-security to limit the MAC-addresses on the ports.
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3750/12119ea1/3750scg/sw8021x.htm
HTH,
-amit singh -
I have noticed a lot of bad traffic coming from one particular computer on the network. Normally not a big deal, I found the MAC Address in my DHCP Table, logged into a switch, did a 'sh mac-address-table address <mac address>', found what port it was connected to (it was another switch), I then did a 'sh cdp neighbor detail' got the ip address, telneted to that switch, rinsed and repeated... until I hit a switch that had CatOS.
My question is how do I do this same type of thing on CatOS? I know how to get everything else except which port it is on like the 'sh mac-address-table address <mac address>' command gives me.just type show cam it will clearly tell where the mac-address is residing.
eg. lets say that 6509--->2950---->(my pc)
in 6509 type show cam
it show some thing like this...
Cat6509> (enable) sh cam 00:02:B3:87:EA:10
* = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry.
X = Port Security Entry $ = Dot1x Security Entry
VLAN Dest MAC/Route Des [CoS] Destination Ports or VCs / [Protocol Type]
194 00-02-b3-87-ea-10 4/7 [ALL]
on 4/7 2950 is connected, in that again you type the pc mac address.
2950#sh mac-address-table address 00-02-b3-87-ea-10
Mac Address Table
Vlan Mac Address Type Ports
194 0002.b387.ea10 DYNAMIC Fa0/2
Total Mac Addresses for this criterion: 1
which means the pc is connected on fasethernet 0/2 port.
hope this helps,
rate this post. -
Stopping MAC addresses on 3560 switch interfaces
Hi,
I would like to stop certain MAC addresses connecting to the network via a 3560 switch and have configured the config below for VLAN 1. All interfaces belong to VLAN 1. Can anyone tell me if this is the correct config or have I missed something?
mac access-list extended Bad_Hosts
permit host 0011.434c.d9bf any 0x806 0x0
permit host 0011.434a.8026 any 0x806 0x0
permit host 000b.5d2a.23e3 any 0x806 0x0
permit host 000b.5d0e.4019 any 0x806 0x0
vlan access-map MAC 10
action drop
match mac address Bad_Hosts
vlan access-map MAC 20
action forward
vlan filter MAC vlan-list 1
Regards
Mark
Network SpecialistIt look like, all the host 'll be reject.
Try:
mac access-list extended Bad_Hosts
deny host 0011.434c.d9bf any 0x806 0x0
deny host 0011.434a.8026 any 0x806 0x0
deny host 000b.5d2a.23e3 any 0x806 0x0
deny host 000b.5d0e.4019 any 0x806 0x0
permit any any
vlan access-map MAC 10
match mac address Bad_Hosts
action forward
vlan access-map MAC 20
action drop
vlan filter MAC vlan-list 1
Please, hope this help and rate this post. -
All physical interfaces on ACE 4710 share the same MAC address. Also, VIP addresses share the same MAC address. ACE 4710 is connected to a switch. How is the switch supposed to know which interface to send the packet to if it is doing layer2 switching.
Thank you in advance for the explanation.You can't put 2 interfaces in the same vlan
switch/Admin(config-if)# switchport access vlan 20
vlan 20 is associated with GigabitEthernet 1/3.
switch/Admin(config-if)#
So, the L2 switch will have an entry for the mac-address in each vlan and this entry can point to different interfaces.
Gilles. -
How to find MAC address for WAN port for Airport Express 2nd Gen.
The New Airport Express has a LAN and a WAN ethernet ports. How can I find the MAC address for the WAN ethernet port as my Service Provider needs it for provisioning....I can fid MAC address for Ethernet and for two wireless 2.4 & 5GHz but not for WAN ethernet port using Airport Utility 6.1
Many thanks for the swift response. However, there is no WAN MAC address on the box or on the device anywhere. I even used magnifying glass to find one .
The airport utility shows only three mac addresses. One for 2.4GHz, one for 5GHz and one fo the ethernet (LAN port) whereas there is another ethernet port in the device mentioned as WAN port and I am still not able to find the MAC address for the WAN ehternet port for Airport Express (2nd Generation).
Will appreciate a response to make th device work wiht my service provider as providing them the WAN mac address is a must. Had there been an option for cloning mac address, the issue would have not been there.
Many thanks again - in advance.
Maybe you are looking for
-
Error 03113 while executing java procedure with pl.sql
Hi All, I am using oracle 10g on linux server. Client machine is on xp. I hava a java procedure which executes the sqlldr on server. Earlier it was working fine, but after reinstalling the oracle 10g on server. It started giving "end of Communication
-
I can't play MPEG4.avi, or any other, video - all I get is "The video player has stopped working. Please relaunch". Please tell me what to do.
-
How to use Category relationships in MDM ?
I have created one matching set to define category-level relationship in Data manager (Taxonomy mode). But i could not find how to excute it on records. Please explain how to proceed after creating matching set?
-
Before I updated to Maverick, I was able to get rss feeds. Now I can't. Any help or insight?
-
This may be a sign of Google releasing that BUZZ thing, but I have noticed gmail to very slow with Safari. Getting a lot of "still working" messages. I have BUZZ turned off. But I am assuming that BUZZ might be dragging their network down with high t