Actual i have the following log-message in a Catalyst 4503.
001247: Jan 3 17:04:32.239: %C4K_L2MAN-6-INVALIDSOURCEADDRESSPACKET: (Suppressed 51495 times)Packet received with invalid source MAC address (01:50:5A:E7:41:ED) on port Gi3/22 in vlan 65
It's coming from a nokia firewall running checkpoint IPSO cluster. The log message is explained here
What i want to know is, what means the sentence "The packet is treated as invalid and no learning is done."? Does it means the packet will be dropped by switch or does it mean the packet will be forwarded but the source MAC-address will not be learned?
Many thanks in advance!
When a frame is ingress on a layer-2 interface on a 4500, the hardware checks the CAM table for both the destination and source ethernet addresses of the frame.
In this case, the source address does not exist in CAM, so a source-address-miss interrupt is generated, and the packet is punted to software (the 4500 does MAC learning in software). This is why you have a host-learning queue, where you see these drops.
While the hardware is responsible for punting the frame due to SA miss, the actual learning is done by software. The software sees the frame is a multicast mac address (least significant bit of the most significant octet is set), and rather than learning the host and forwarding the frame it discards it.
So yes, the switch drops it. This accounts for your host-learning queue drops.
Additionally, as one poster mentioned, a multicast mac is not a valid source-address for an ethernet frame.