4548 Host Flapping problem

Unanswered Question
Nov 27th, 2008

Hi,


We have 6509 as backbone, 4948G as server swithces and 3560 as client switches. Yesterday 4548G switches did not work for two minutes. And produces that log:


Nov 27 14:00:46.113 TURKEY: %C4K_EBM-4-HOSTFLAPPING: Host 00:0C:6E:6E:F9:15 in vlan 106 is flapping between port Te1/49 and port Gi1/32


Every 4584G switch generated these hostflaping log. When i checked the error, cisco says: his error message appears on the switch when the switch detects the specified host address as a source address on multiple ports.


Te1/49 is trunk link to backbone(6509) and G1/32 is the of the server whose mac address is 00:0C:6E:6E:F9:15. So i understand that that mac adress advetised by another switch and then 4948 switch generated this log.


How can i find, which switch is producing this problem.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ariesc_33 Fri, 11/28/2008 - 00:16

check on which port this Host 00:0C:6E:6E:F9:15 is connected to. i had a similar problem before and found out that the host has two interface connected to the same switch. Make sure your STP works well.



Muhammed AKYUZ Fri, 11/28/2008 - 01:08

There are lots of mac address like 00:0C:6E:6E:F9:15. This mac address is one of them. STP works well. Our system has been working for one year and we had no problem.

glen.grant Fri, 11/28/2008 - 09:26

Someone looped a connection somewhere on vlan 106 and probably 106 is trunked to multiple switches . Sometimes you can use cdp neighbor and you will see multiple port where the switch actual see's itself as a neighbor . If the messages have stopped and the loop is gone you will have a hard time finding where it was . I would still hunt down that mac address , its probably in the arp table of the l3 device and then do a show mac to see where the device is that it is hooked to .

ullasupendran Fri, 11/28/2008 - 09:34

i totally agree with Glens observation of a loop.I faced such an issue when we had a physical loop, which sometimes may not n=be detected by the cisco switches ,if the loops are created by a thirdparty switch which wont send BPDU's. So best way to trouble shoot this issue is to find out whether you have added any thirdparty switch added in recent days in ur network or u have done any physical changes recently.That may help u to find the culprit.


Ullas

Muhammed AKYUZ Fri, 11/28/2008 - 11:03

Thank you for the response. the thing is only 4500 affected, we have 10 of them, only 4500 switches effected from this. Why 3560s or 6509s not effected or not created any trap?


We disable all cdps for security reasons. is that possible to only enable on trunk ports?


we have esx servers which have trunk connections to switches. do esx servers can create loops?

ullasupendran Mon, 12/01/2008 - 07:23

Hi


Enabling CDP only on trunk ports wont help in detecting the loops in this scenario.

Ullas

ullasupendran Mon, 12/01/2008 - 08:01

Loop detection is not always easy if we dont understand the physical topology.If you know the physical topology well ,the identfy the root bridge and find the up link trunks from it to all non root bridges. See for any inconsistent ports . See for more uplink paths to the root brige than the usual ones.

A good document which explains the whole process follows

http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800951ac.shtml


HTH


Ullas

Actions

This Discussion