Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

MAC Full

Hi Experts

Below is the output of "show mac-address-table count" output from L3 Switch. PLease help me to understand meaning of all lines. I am also seeing the MAC address count available is 32768 and in Use Mac-address table is also close to 32768. We are getting some problem due to this and looking for some solution to solve this problem.


MAC Entries for all vlans:
Dynamic Unicast Address Count:                  32356
Static Unicast Address (User-defined) Count:    0
Static Unicast Address (System-defined) Count:  45
Total Unicast MAC Addresses In Use:             32401
Total Unicast MAC Addresses Available:          32768
Multicast MAC Address Count:                    135
Total Multicast MAC Addresses Available:        16384

***

3 REPLIES
Hall of Fame Super Silver

Re: MAC Full

Hello Netbeginner,

what device is this?

Total Unicast MAC Addresses In Use:             32401

there is some device misbehaving, or you are under a MAC flood attack

performance is highly impacted when CAM table is full

you can use sh mac address-table count vlan X to see if most of these MAC addresses are learned in a single Vlan (likely)

you can try to use port security with action shutdown to find out the port where the misbehaving device (if external) is connected

Hope to help

Giuseppe

Community Member

Re: MAC Full

Hi Giuseppe,

Thxns..this is cisco 4507 switch

--> Yes we have tryed this command "sh mac address-table count vlan X" and found some huge MACs are learning on some particular VLAN. How to reduce this.. ?

--> For "port security with action shutdown" ...If we'll use this feature on devive port. there may be possibility that it will shutdown the respective port and may cause our critical sites to isloate. by d way...wht is the command to enable this feature...

Please suggest how to stop MAC address flooding.

Hall of Fame Super Silver

Re: MAC Full

Hello Netbeginner,

if you find out that most MAC addresses are learned by the same port it is enough to shut it

use

sh mac address-table it should be evident if there is a single port where you learn a lot of MAC addresses

this works if the problem is originated outside the switch

Hope to help

Giuseppe

344
Views
0
Helpful
3
Replies
CreatePlease to create content