Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

1 virtual mac address on 2 ports, auto-disable?

A server technician recently added a multi-homed SQL server to our switch and because of either a hardware or software error, we had a virtual mac address appear simultaneously on two different ports on our 4510. I understand that this seriously impacts CPU utilization, causes network slowdowns and other issues, and that a "flapping" error message is generated in the log. We were able to quickly track down the problem and fix it, but my question is: Why doesn't the switch automatically disable a port if/when it learns a mac-address that is already in its table? Shouldn't this be its default behavior?

New Member

Re: 1 virtual mac address on 2 ports, auto-disable?

MAC addresses must be unique with in a vlan only.switch always looks at pair.

If you need more security against these kind of issues you need to consider implementing port security feature.

New Member

Re: 1 virtual mac address on 2 ports, auto-disable?

Thanks, ok, In this case, however, the ports in question were all in the same vlan. So are you saying that the switch should have 'blocked' the duplicate mac address when it appeared in the same vlan?

As I recall, the port security feature learns the first mac address it sees on a port and then 'binds' only that mac to that port preventing any other macs from connecting to that port. Does that also prevent the same mac from appearing on any other ports? Guess, I should go read up on that feature and how it relates to IP Phones, laptop and desktop mobility, etc..

CreatePlease login to create content