Flapping vlan's after guest network setup

mike-greene · ‎02-16-2009

Hi,

I did quite abit of work on our wireless network last night and I'm seeing alot of these logs on our core switch after the work...

069130: Feb 16 12:36:20 CST: %SW_MATM-4-MACFLAP_NOTIF: Host 0018.de81.37ed in vlan 140 is flapping between port Gi1/0/37 and port Po2

069131: Feb 16 12:37:44 CST: %SW_MATM-4-MACFLAP_NOTIF: Host 0021.5c46.12cd in vlan 140 is flapping between port Po2 and port Gi1/0/37

069132: Feb 16 12:39:10 CST: %SW_MATM-4-MACFLAP_NOTIF: Host 001d.e058.f78b in vlan 140 is flapping between port Gi1/0/37 and port Po1

The network here is in the shape of a "V" using 3750-E stacks with the bottom of the "V" being the core 3750-E stack doing the routing for our vlan's. I have 20Gig channels (LACP) creating the "V" between the stacks...Po1 and Po2. I have about 20 1252's and six 1131's connecting back to a 4404 controller...the controller is connected to port 1/0/37 on the core stack.

My vlan's are..

900 - Management vlan

140 - secure wireless

144 - employee guests

145 - guest

I setup our guest networks and H-REAP local switching last night. All wireless networks seem to work fine including the web authentication page for my guest networks. I configured the controller switch interface as a trunk, native vlan 900, and allowed the four vlan's above on the trunk. I did the same to all my AP's...configured the switch interfaces as trunks, native vlan 900, and allowed the four vlan's above on the trunk.

All the AP's were set to H-REAP local switching, native vlan 900 on the controller H-REAP page and the VLAN ID's are correct on the three SSID's I have.

I initally had LAG configured on the controller (this is the last item I did) when I noticed the logs. I removed the three additional interfaces from LAG on the switch, removed the port-channel etc... but the flapping continues.

Did I do something wrong???

Scott Fella · ‎02-16-2009

Post your show run-config and you switch port config.

If you setup all your ap's in h-reap, are they locally switched or still centrally switched? For them to be locally switched, you must configure the local vlan mapping on the ap or else they will all tunnel back to the wlc.

Verify that your port-channels and etherchannel ports are allowing the correct vlans.

When you said you removed the three interfaces from LAG, did you not allow vlan 140 ,144 & 145?

-Scott
*** Please rate helpful posts ***

mike-greene · ‎02-16-2009

Thanks Fella5,

Been on the phone with TAC for 4 hours.

Looks like since I was running H-REAP local switching and the AP interfaces were trunked, the controller interface trunk should not have had the 140,144 and 145 vlans on them.

I now have only the management vlan (900) on the controller trunk and the native vlan is set to 900 as well....do I even need a trunk to the controller??

Anyway, it looks like it's working. I can see clients connected, getting IP addresses, the vlan flapping is gone and I can ping them from around my network.

Thanks for all the posts you and others give on H-REAP, guest networks etc. I did all my configuration from this forum and I really appreciate it.

Scott Fella · ‎02-17-2009

You should keep the trunk port and the native vlan setting. It's best practice and just allow your management vlan.

-Scott
*** Please rate helpful posts ***