×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Regarding L2 loop detection

Unanswered Question
Jul 26th, 2014
User Badges:

Hi All,

My network consists 82 switches (core , distribution and access). Recently I find mac address flapping in the switch logs and also sometimes overall network becomes slow. I assume there might be l2 loop in the network.

Now can you please help my by letting  me know the process of detecting loop from the switch console.

 

Thanks

Arijit

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
atultrivedi Sun, 07/27/2014 - 01:27
User Badges:

Hi You can try to find out that mac address belongs to ? first..

Start at the router or L3 switch that holds the IP to MAC address in the ARP cache.  That's step one.  You need the MAC address.  You can get that from the ARP cache.  If the ARP cache has timed out and flushed the binding, you can ping the computer from the router/L3 switch to get a new binding.  Once you know the MAC address, you can use the show mac-address-table address <mac address> command to find the path through the network.

 

Router/L3 Switch------Trunk----SW1------Trunk-----SW2------Trunk----SW3--Computer

 

Suppose we wanted to find the port for the computer if we have the IP address.

 

1.  Use the ARP cache (show ARP command) on the router/L3 switch to get the MAC addres

 

2.  Use the show mac-address-table address command to find the outgoing port. In the above topology, the show mac-address-table command will reference the trunk port to the next switch inline to the destination.

 

3.  You can use the show cdp neighbor detail command to get the IP address of the next switch inline to the computer.

 

Repeat the show mac-address-table address command on each switch inline to the computer until you reach the switch that has the computer attached.  You'll know that you found it when your show mac-address-table address command stops referencing trunk ports and finally references the access port the computer is attached to.

Once you found the device having that mac address remove that from the network and check the status if that helps.

 

 

Peter Koltl Sun, 07/27/2014 - 13:05
User Badges:
  • Silver, 250 points or more
  • Community Spotlight Award,

    Member's Choice, March 2016

just look at the interface reported in MAC flap message, there you have the loop

 

a wrongly cabled Port-channel may cause it

 

do you have a spanning-tree in all VLANs?

Actions

This Discussion