We have a C4503 as the core switch, A firewall was connected to G3/7 which is in the same VLAN with G2/5 and G3/4. As Hide NAT was made for firewall LAN interface (192.168.0.2/00:17:08:53:4B:4F) to map DMZ hosts 192.168.2.3~4(DMZ IP) to 192.168.0.248~250 (LAN IP) to the same MAC address as 192.168.0.2(LAN IP). But We found that a lot of Error Messages appeared
Nov 14 10:16:57: %C4K_EBM-4-HOSTFLAPPING: Host 00:17:08:53:4B:4F in vlan 1 is flapping between port Gi2/5 and port Gi3/7
Nov 14 10:23:29: %C4K_EBM-4-HOSTFLAPPING: Host 00:17:08:53:4B:4F in vlan 1 is flapping between port Gi2/5 and port Gi3/7
Nov 14 10:52:49: %C4K_EBM-4-HOSTFLAPPING: Host 00:17:08:53:4B:4F in vlan 1 is flapping between port Gi2/5 and port Gi3/7
Seems it does not affect network operation, also checked on Cisco Web, told it might be caused by Loop, but I'm sure there is no loop at all.
Anybody knows , does this error message indicate anything else ?
It is because of the assignment of the same mac-address.because if a switch learns a mac-address on two ports then there is loop.as u know that the switch will be confused to forward the frames for a particular mac-address on two ports.so the error message is correct.
I guess you are right , but as you know. Hide NAT is working that way, I mean Multiple DMZ IP mapped into one LAN IP.So multiple LAN IP resolved into one MAC address is inevitable. But I think the firewall LAN interface in connected to G3/7
dedicately, so the firewall LAN interface MAC address should be learnt only
from G3/7, why there is still that flapping message.
And also I'd like to know, if let it be that way . Any negative effect ?
So the next step would be to check what are these MAC addresses and what is connected to these ports, in order to see why we are receiving the packets from these MAC on these two different ports. It can be either multiple hosts using the same MAC as source, or a L2 loop / wrong layer 2 topology.
Can you paste the config of both interfaces.
Check the below link for troubleshotting the flapping.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...