we have a core switch 3750 on which are attached a Firewall and several access switches in trunk mode.
We have several VLAN, the L3 between the VLAN is done by the Firewall and in the same time he apply the security policy between them.
We have the following problem
Machine 0006.5bf7.e5b5 is directly attached to port Gi1/0/14 on the 3750
We run the following command:
3750# sh mac-address-table | include 0006.5bf7.e5b5
3 0006.5bf7.e5b5 DYNAMIC Gi1/0/25
6 0006.5bf7.e5b5 DYNAMIC Gi1/0/14
18 0006.5bf7.e5b5 DYNAMIC Gi1/0/25
9 0006.5bf7.e5b5 DYNAMIC Gi1/0/25
Why the same mac-address is shown also on the trunk interfaces that connect the other switches and why are they assigned to different VLANS?
On a 3548 connected in trunk to the 3750 core there's the client 0001.6cca.c5e6 that is directly connected to port fa0/33, if we run the command on the 3548 the result is correct:
sw3548#sh mac-address-table | include 0001.6cca.c5e6
0001.6cca.c5e6 Dynamic 18 FastEthernet0/33
If we run the command on the 3750
3750#sh mac-address-table | include 0001.6cca.c5e6
3 0001.6cca.c5e6 DYNAMIC Gi1/0/25
18 0001.6cca.c5e6 DYNAMIC Gi1/0/27
The entry on port gi/0/27 is correct because this is the trunk port to the 3548 but why the other entry?