Hello,

I have met real situation in our network, when Cisco 3560 MAC table became full (6 K addresses). It was not due to MAC flooding , but due to increasing network flow patterns. To solve the problem I have just changed sdm profile from default to vlan. Right Now Cisco 3560 allow 12 K MAC, average MAC address count in MAC table is about 8K. So everything is O'k.

But right now I am thinking, how to get notification about exceeding MAC Threshold to SNMP Network Monitoring System from Cisco 3560.

In documentation I have only found how to send SNMP trap about learning/clearing MAC on specific ports.It not my case.

Using Cisco SNMP Navigator I have searched through CISCO-MAC-NOTIFICATION-MIB. Where are some MIB related to my problem.

cmnMACThresholdObjects" "1.3.6.1.4.1.9.9.215.1.4"

cmnMACThresholdFeatureEnabled" "1.3.6.1.4.1.9.9.215.1.4.1"

"cmnMACThresholdLimit" "1.3.6.1.4.1.9.9.215.1.4.2"

"cmnMACThresholdInterval" "1.3.6.1.4.1.9.9.215.1.4.3"

"cmnMACThresholdNotifEnabled" "1.3.6.1.4.1.9.9.215.1.4.4"

I tried to read all CISCO-MAC-NOTIFICATION-MIB OID's from device via snmpwalk. But only OID's I have read are

cmnGlobalFeatureEnabled" "1.3.6.1.4.1.9.9.215.1.1.1"

"cmnNotificationInterval" "1.3.6.1.4.1.9.9.215.1.1.2"

"cmnMacAddressesLearnt" "1.3.6.1.4.1.9.9.215.1.1.3"

"cmnMacAddressesRemoved" "1.3.6.1.4.1.9.9.215.1.1.4"

"cmnNotificationsEnabled" "1.3.6.1.4.1.9.9.215.1.1.5"

This confirms fact, I have found in documentation. (sending trap about learning/clearing MAC on specific problem).

Cisco SW 12.2 (25) SEE3.

So how to know in advance, that MAC table becoming to be full in this case ?

Workarond is simple read MAC count , create a graph and constantly monitor it. But You agree, that get a notification about exceeding MAC table Threshold is much better.

Best Regards,

Tomas.