Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
650
Views
0
Helpful
2
Replies

MAC address table is automagically cleared (3560-X, maybe generic?)

s.huelbrock
Level 1
Level 1

‎12-17-2013 12:22 AM - edited ‎03-07-2019 05:06 PM

Hi all,

we utilize some 3560-X as well as older 3560-switches for client pc access. Client ports are set with spanning-tree portfast  / bpduguard.

The switches uplink through their Gi1/x-interfaces to 2  650x switches that use rpvst+ / hsrp for redundancy. In most cases VLANs are small, covering only one access switch and the core switches.

Funnily the switches seem to see reason to (repeatedly) flush the mac address table entries from the uplink interfaces from time to time.

This means that for all the VLANs on the uplink port the switch needs to relearn these unicast addresses, therewhile flooding the unicasts to all ports.

This happens roughly all 5-20 minutes and repeats between 1 and 80(!!!) times, then about once a second.

Browsing the Internet I found 3 "sane" reasons why mac addresses are flushed from the table

- normal aging -- we tried between 300 and 21600 seconds without any influence.

- spanning tree topology change -- there is none. show spanning-tree vlan <xx> detail doesn't show actual topology changes for *all* vlans.

- someone calling clear mac address-table

Doing a "debug matm bulkdelete" on a 3560-X IOS15.0(2)SE4 we see that the switch calls

mat_delete_all_addrs: mat_instance:0 table_type:1 addr_type:2049, port:0x<varying hex number>

at these times (like I said, repeatedly). Unfortunately we can't identify who or what calls this function...

Can anyone point me to other reasons why the switch should flush the mac address table from these interfaces?

Best regards and thank you!

Stefan

Labels:
0 Helpful
2 Replies 2

daniel.dib
Level 7
Level 7

‎12-17-2013 01:21 AM

That sounds very strange. No interfaces that are flapping? If you didn't already I would open a TAC case and let's see if someone else has the same experience with these switches.

The only thing similar I could find was https://supportforums.cisco.com/thread/2136289

The root cause there was STP TC though.

Daniel Dib
CCIE #37149

Daniel Dib
CCIE #37149
CCDE #20160011

Please rate helpful posts.
0 Helpful

s.huelbrock
Level 1
Level 1
In response to daniel.dib

‎12-17-2013 02:03 AM

Hi,

TAC case is already on it's way...

Yes, the article you quoted seems to point to a very similar symptom, but I figure the cited reasons don't apply:

- our end hosts all (at least within a sane margin of error, I wouldn't swear on >4000 ports) are configured with access ports and portfast.

- unfortunately for pvst+ there is no "debug ... tc" command, but I debugged on pvst+ and spanning-tree events, there is nothing happening there. Also like I said, show span vlan detail doesn't tell any topology changes for the VLANs on the switch.

Best regards and thanks

Stefan

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card