Jon Marshall Thu, 04/24/2008 - 00:28
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

2 switch ports on the same switch should not learn the same mac-address , this would be symptomatic of an STP loop.


Kevin Dorrell Thu, 04/24/2008 - 01:05
User Badges:
  • Green, 3000 points or more

The switch can never learn a unicast MAC address on more than one switchport per VLAN. (Multicast is different, but I shall not go into that here.)

If a switch is seeing frames from the same VLAN on two different ports, then it will forward to the port where it last saw that MAC address. (Unless you have configured port-security, which again I shall not go into here.)

This can happen, for example, if you remove a host from one access switch and plug it into another. The forwarding on the distribution switch will change port to point to the new access switch.

If the MAC adress seems to move too often, then that is called flappping, and should always be investigated. It can happen, for example:

- if you have an old Sun machine, because they had multi-port NICs with the same MAC address on every port by default,

- if you have a loop in your network

- if you have a VMware virtual server that is running one two physical nodes at the same time by mistake

Kevin Dorrell


schmidta Wed, 07/02/2008 - 23:58
User Badges:

I have an identical problem.

We have a cluster firewall with 2 links to a catalyst 3524/2950. The packets to the Cluster is send to a virtual mac-adress which is never learned by the switch, because the outgoing traffic uses the physical mac-address of the cluster-interface. Can i configure on a layer2-switch a static mac-adress which is connected to two ports?

Andreas Schmidt

pccthailand Thu, 04/24/2008 - 01:25
User Badges:

Thanks for reply

In this issue, I have two switch connect to the two firewall. Because the firewall is gateway and load-balancing (Cluster)then i setup virtual ip address and virtual mac-address. Two switch connect each other with trunk port and i configured static arp of virtual mac firewall on each switch and point to port direct connect to firewall and point to trunk port. I use this solution for load-balance traffic and failover but i'm suspected how switch decision when it found the same mac-address on two switch port .



This Discussion