MAC Full

Unanswered Question
Jun 14th, 2010

Hi Experts

Below is the output of "show mac-address-table count" output from L3 Switch. PLease help me to understand meaning of all lines. I am also seeing the MAC address count available is 32768 and in Use Mac-address table is also close to 32768. We are getting some problem due to this and looking for some solution to solve this problem.

MAC Entries for all vlans:
Dynamic Unicast Address Count:                  32356
Static Unicast Address (User-defined) Count:    0
Static Unicast Address (System-defined) Count:  45
Total Unicast MAC Addresses In Use:             32401
Total Unicast MAC Addresses Available:          32768
Multicast MAC Address Count:                    135
Total Multicast MAC Addresses Available:        16384


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Giuseppe Larosa Mon, 06/14/2010 - 11:39

Hello Netbeginner,

what device is this?

Total Unicast MAC Addresses In Use:             32401

there is some device misbehaving, or you are under a MAC flood attack

performance is highly impacted when CAM table is full

you can use sh mac address-table count vlan X to see if most of these MAC addresses are learned in a single Vlan (likely)

you can try to use port security with action shutdown to find out the port where the misbehaving device (if external) is connected

Hope to help


netbeginner Tue, 06/15/2010 - 09:54

Hi Giuseppe,

Thxns..this is cisco 4507 switch

--> Yes we have tryed this command "sh mac address-table count vlan X" and found some huge MACs are learning on some particular VLAN. How to reduce this.. ?

--> For "port security with action shutdown" ...If we'll use this feature on devive port. there may be possibility that it will shutdown the respective port and may cause our critical sites to isloate. by d way...wht is the command to enable this feature...

Please suggest how to stop MAC address flooding.

Giuseppe Larosa Tue, 06/15/2010 - 11:04

Hello Netbeginner,

if you find out that most MAC addresses are learned by the same port it is enough to shut it


sh mac address-table it should be evident if there is a single port where you learn a lot of MAC addresses

this works if the problem is originated outside the switch

Hope to help



This Discussion