Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

mac-address aging-time stuck at 15s

Hi,

I'm hoping someone can help me with this strange situation. We have vlan 1 (i know, i know....) deployed throughout our campus. I noticed a high incidence of unicast flooding recently and delved into the spanning-tree diagnostics. 'show spanning-tree vlan 1 detail' on the root bridge revealed some interesting facts:

#sh spanning-tree vlan 1 detail

VLAN0001 is executing the ieee compatible Spanning Tree protocol

  Bridge Identifier has priority 24576, sysid 1, address 0024.f72c.0400

  Configured hello time 2, max age 20, forward delay 15

  We are the root of the spanning tree

Topology change flag set, detected flag not set

  Number of topology changes 254 last change occurred 1d23h ago

          from GigabitEthernet6/0/8

  Times:  hold 1, topology change 35, notification 2

          hello 2, max age 20, forward delay 15

  Timers: hello 1, topology change 0, notification 0, aging 15

Root bridge = 3750 stack running 12.2(25r) IOS.

As I understand it, mac-address aging-time is knocked down from 300s to 15s in the event of an STP topology change. Assuming no further topology changes, the timer should revert back to 300s after a 35s delay, but the last topology change was 1d23h ago and our timers are stuck on 15s.

I've been through all of our switches with a fine toothcomb and portfast is deployed throughout, so TCNs cannot be triggered by flapping access ports.

One other point that might be worth noting - vlan 1 mac-address aging-time is 15s on every switch, with one exception. I recently deployed a 2960 with RSTP (rapid PVST) configured. Almost every other switch in the network is still running PVST. The output from the RSTP switch is as follows:

#sh spanning-tree vlan 1 det

VLAN0001 is executing the rstp compatible Spanning Tree protocol

  Bridge Identifier has priority 32768, sysid 1, address f47f.350e.0c80

  Configured hello time 2, max age 20, forward delay 15, transmit hold-count 6

  Current root has priority 24577, address 0024.f72c.0400

  Root port is 50 (GigabitEthernet0/2), cost of root path is 8

  Topology change flag set, detected flag not set

  Number of topology changes 201096 last change occurred 00:00:06 ago

          from GigabitEthernet0/2

  Times:  hold 1, topology change 35, notification 2

          hello 2, max age 20, forward delay 15

  Timers: hello 0, topology change 29, notification 0, aging 300

There is a topology change registered roughly every 35s. Curiously the aging timer is always 300s. The switch on other side shows:

#sh spanning-tree vlan 1 det

VLAN0001 is executing the ieee compatible Spanning Tree protocol

  Bridge Identifier has priority 32768, sysid 1, address 0024.5172.8200

  Configured hello time 2, max age 20, forward delay 15

  Current root has priority 24577, address 0024.f72c.0400

  Root port is 49 (GigabitEthernet1/0/49), cost of root path is 4

  Topology change flag set, detected flag not set

  Number of topology changes 108 last change occurred 3w6d ago

          from GigabitEthernet1/0/41

  Times:  hold 1, topology change 35, notification 2

          hello 2, max age 20, forward delay 15

  Timers: hello 0, topology change 0, notification 0, aging 15

Anyone got any idea what's going on here? The unicast flooding isn't a show-stopper at the moment but I fear if I leave it uncorrected it'll spiral out of control. I have thought about attempting to force the 'mac-address aging-time 300s vlan 1' command but I'm not sure if this will override the STP timers. Or is it something to do with PVST - RPVST compatibility at the edge?

Any help would be greatly appreciated.

Thanks,

Martin,

Everyone's tags (4)
255
Views
0
Helpful
0
Replies