Unanswered Question
May 11th, 2007


Could some one suggest what all precautions i should be taking when i start receiving Packet received with invalid source MAC address (00:00:00:00:00:00).Is enabling port security the only options.Because of this i even face the port flapping.Its happening on my backbone switches.

I have also attached the backbone configs and logs.Please suggest.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Manjunatha Jayaram Fri, 05/11/2007 - 01:26


Iam receiving this error message on the interface gig3/2 which is connected to the firewall.And in this case i cannot configure port security to this interface also, as if i do so and in case if i receive any invalid source mac address(00:00:00:00:00:00), it will shut the interface and then there would be chaos, coz that interface connects to the firewall(ies the next hop).Please suggest an alternative.


smothuku Fri, 05/11/2007 - 01:58

Hi JK ,

%C4K_L2MAN-6-INVALIDSOURCEADDRESSPACKET: Packet received with invalid source MAC address ( [mac-addr] ) on port [char] in vlan [dec]

A packet was received with an all zero or a multicast source address. The packet is treated as invalid and no learning is done. Excessive flow of such packets can waste CPU cycles. This message is rate-limited and is displayed only for the first such packet received on any interface or VLAN. Subsequent messages will display cumulative count of all such packets received in given interval on all interfaces.

Recommended Action: Check the switch configuration file to find the source of these packets on the specified port and take corrective action to fix them at the source end. You can also enable port security on that interface to shutdown the port if the incoming rate of packets with invalid source mac address is too high by issuing the switchport port-security limit rate invalid-source-mac command.

Related documents- No specific documents apply to this error message.



Manjunatha Jayaram Mon, 05/14/2007 - 22:06

Hi Satish,

Portfast has already been configured on the switches..Also the flapping mac address which is flapping is that of a VLAN and not of any physical interface?Port security would be tedious, since we have many users here, were many are Laptop users?The port security if it causes the port to be shut, would stop the Internet Traffic, since it is the port which leads to the firewall?



This Discussion