Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
427
Views
0
Helpful
4
Replies

C4503 Error Message

zheng_asiainfo
Level 1
Level 1

‎11-13-2006 07:06 PM - edited ‎03-05-2019 12:47 PM

Hello there,

We have a C4503 as the core switch, A firewall was connected to G3/7 which is in the same VLAN with G2/5 and G3/4. As Hide NAT was made for firewall LAN interface (192.168.0.2/00:17:08:53:4B:4F) to map DMZ hosts 192.168.2.3~4(DMZ IP) to 192.168.0.248~250 (LAN IP) to the same MAC address as 192.168.0.2(LAN IP). But We found that a lot of Error Messages appeared

as below.

Nov 14 10:16:57: %C4K_EBM-4-HOSTFLAPPING: Host 00:17:08:53:4B:4F in vlan 1 is flapping between port Gi2/5 and port Gi3/7

Nov 14 10:23:29: %C4K_EBM-4-HOSTFLAPPING: Host 00:17:08:53:4B:4F in vlan 1 is flapping between port Gi2/5 and port Gi3/7

Nov 14 10:52:49: %C4K_EBM-4-HOSTFLAPPING: Host 00:17:08:53:4B:4F in vlan 1 is flapping between port Gi2/5 and port Gi3/7

Seems it does not affect network operation, also checked on Cisco Web, told it might be caused by Loop, but I'm sure there is no loop at all.

Anybody knows , does this error message indicate anything else ?

Thanks

Labels:
0 Helpful
4 Replies 4

mahmoodmkl
Level 7
Level 7

‎11-13-2006 08:46 PM

Hi

It is because of the assignment of the same mac-address.because if a switch learns a mac-address on two ports then there is loop.as u know that the switch will be confused to forward the frames for a particular mac-address on two ports.so the error message is correct.

Thanks

Mahmood

0 Helpful

zheng_asiainfo
Level 1
Level 1
In response to mahmoodmkl

‎11-13-2006 09:14 PM

Thanks for your reply first.

I guess you are right , but as you know. Hide NAT is working that way, I mean Multiple DMZ IP mapped into one LAN IP.So multiple LAN IP resolved into one MAC address is inevitable. But I think the firewall LAN interface in connected to G3/7

dedicately, so the firewall LAN interface MAC address should be learnt only

from G3/7, why there is still that flapping message.

And also I'd like to know, if let it be that way . Any negative effect ?

Thanks

0 Helpful

smothuku
Level 7
Level 7
In response to zheng_asiainfo

‎11-14-2006 12:54 AM

Hi ,

Here is the explanation for the message:

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/12_1_12/msg_cds/emsg.htm#wp1147491

So the next step would be to check what are these MAC addresses and what is connected to these ports, in order to see why we are receiving the packets from these MAC on these two different ports. It can be either multiple hosts using the same MAC as source, or a L2 loop / wrong layer 2 topology.

Can you paste the config of both interfaces.

Check the below link for troubleshotting the flapping.

http://www.cisco.com/warp/customer/473/176.html#subtopic1k

Thanks,

satish

0 Helpful

zheng_asiainfo
Level 1
Level 1
In response to smothuku

‎11-14-2006 01:37 AM

Thanks first.

C4503#show ip arp | include 0017

Internet 192.168.0.174 234 0017.0876.4b4f ARPA Vlan1

Internet 192.168.0.251 231 0017.0876.4b4f ARPA Vlan1

Internet 192.168.0.249 15 0017.0876.4b4f ARPA Vlan1

Internet 192.168.0.248 15 0017.0876.4b4f ARPA Vlan1

Internet 192.168.0.255 15 0017.0876.4b4f ARPA Vlan1

Actually ,this is the arp cache we see on 4503, and there is Hide NAT made for these IP into one firewall LAN interface with IP 192.168.0.174 and MAC 0017.0876.4b4f

Was it normal ?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card