I have a switch that is connected back to our core and it only has a single VLAN configured VLAN 1)(management VLAN). We have a few servers conneced to it on a private network (i.e, completely separate IP scheme from our infrastructure). I need to get the mac-address-table but when I run the command I only get the entries for like 4 ports rest of the connected ports are not giving me the mac entry on them.
I have tried to generate ICMP traffic but that is not showing me the mac address on the port either. Any ideas what else I can do?
Can you please let us know what is the version of IOS your running and kind of swich? When you are running one management IP range and no IP range on the vlan of your servers, the IP's don't show up in the ARP table. A copy of your configuration would also be helpfull for us to help you with what is going on.
Hello Kimberly, thank you for the reply here are the answers to your questions:
1- Switch Model: 3560
2- IOS: 12.2(35)SE5 C3560-IPBASE-M
3- IP Range on the servers is a private network (For instance VLAN 1 on the switch is 10.1.1.0/24, and the servers are in a 192.168.1.0/24 network and there is no VLAN for that network)
If you have another vlan configured on your switch for the servers, then when you run show mac address-table you should see the dynamic hardware addresses.
For example, I have one management address configured on a switch but several vlans configured. In order to get the hardware addresses to show up in the mac table, there has to be more then one vlan configured on the switch.
Thanks and let me know if this helps or if I can be of more assistance.
Then all you need to do is go into configuration mode and run the following commands:
SW-3560(config)# vlan ?
WORD ISL VLAN IDs 1-4094
access-map Create vlan access-map or enter vlan access-map command mode
dot1q dot1q parameters
filter Apply a VLAN Map
internal internal VLAN
SW-3560(config)# vlan 50 (the number is an example, you can choose the number you want)
SW-3560(config-vlan)# name Test-LAN (What ever name you want to lable the vlan with)
SW-3560(config)# interface fa0/X (What ever interface number your servers are on)
SW-3560(config-if)# switchport access vlan 50 (or what ever number you selected)
Don't forget to do a write memory to save the configuration changes.
This should help you with being able to see the vlans and mac addresses. Please let me know if this helps or if you need more assistance.
I believe that Kimberly made a very good suggestion when she asked that a copy of the switch config be posted. I believe that something is going on that we do not know about and the config might show what that is.
While I agree with Kimberly that configuring a separate VLAN and assigning these devices to it is a good idea I do not believe that this explains why the devices do not show up in the mac address table. If the ports that these devices are connected to are not in a separate VLAN then they would be in VLAN 1. And the devices connected to these ports should be in the mac address table as part of VLAN 1. If they are not showing up in the mac address table then something else is going on.
Thank you for the suggestions however this is a production environment so can't make any changes on the switch. And switches are fine there is nothing wrong with them. This is just a private network so that is the issue. I got a work around will post the solution if all goes well.
Before doing any changes it would be better to check whether the servers are configured in teaming ? Some teaming softwares that are configured as active-standby do not announce the mac-address on the standby link even though the link is physically up. In the case of failure of the primary link the server announces the mac on the standby link which becomes active and causes the mac to move in that particular vlan.
Can you post the output of 'sh mac-address-table' and 'sh int' for that particular interface on which you do not see any mac-address.
Just to udpate every one, this was not an issue on the switch itself. Apparently these were AIX servers and there was security setup on the NIC's which was causing this.
Thank you for posting back to the forum and indicating that your problem was resolved. You said several times that you thought that your switch was fine and it is good to find out that the problem was with the servers and not with the switch.
It helps make the forum more useful when people can read about an issue and can also read the solution to the issue. Now that you have resolved the issue perhaps you can click the option to indicate that the issue is answered/resolved and then readers would know that they will find a solution here (and be reminded that sometimes problems that seem to be network problems are really not network problems at all).
You are very welcome, absolutely I totally agree with you. I however can't find the option to click on "Issue Resolved" or something along those lines. Can you point me in the right direction please. Thank you.
In order to mark a question as resolved all you need to do is click on the "Correct Answer" icon in the response. Attached is what it should look like. Just as reminder to all only the author can mark a response as resolved and you need to be logged in.
If none of the answers provided solved your problem there is no need to use the "correct answer" feature. However, I always recommend if the responses to you question are of value to rate them accordingly. It acknowledges the efforts by those who helped try answer your question as well as makes it easier to identify valuable content on CSC.
Talha had suggested that the reason for the behaviour could be caused by how the server NICs were configured, so its answer is close to your findings and also Rick has suggested that could be something else.
From the few details you have provided it was not possible to make more then an educated guess.
I agree that you have been kind to provide a feedback on this thread.
I have rated your feedback and the above posts from Talha and Rick. This will make this thread likely consulted by other people having similar issues.