Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

unexpected packets on port

my szenario:

i have several cisco 6500 switches, and user switched connected to them.

in my example i have a global service vlan, where some access ports are directly connected on the 6500, and this vlan is also allowed on the trunks to the access switch.

now i am connected with ma laptop on a access switch, where my port is in the same vlan. when i do a show mac address-table on my access port, i can see my own mac-address, nothing else.

when i start wireshark to see the traffic, all i should see is traffic from or to my MAC, or broadcasts/multicasts.

But i can see other unicast traffic with different source/destination mac than mine.

What could be the reason for this issue?

It seem slike these packets get broadcasted over the whole VLAN, but its no broadcast MAC nor IP..

thanks in advance,

Roland

1 ACCEPTED SOLUTION

Accepted Solutions
Green

unexpected packets on port

Roland,

YES the unicast flooding happens with VRRP too.

The solution is the same as HSRP.

You need to adjust the mac table time out to equal the ARP cache of 4 hours

!

mac-address-table aging-time 14400

!

See link

http://www.cisco.com/en/US/docs/solutions/Enterprise/Campus/HA_campus_DG/hacampusdg.html#wp1108782

Regards

Alex

Regards, Alex. Please rate useful posts.
4 REPLIES
Green

unexpected packets on port

Hi,

This is a problem caused on 6500s running HSRP.

You are seeing UNICAST flooding.

Look at these links.

http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a00801d0808.shtml

http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a00807347ab.shtml#broadcast

Basically you need to set the the 6500 mac address timout to be the same as the ARP cache on the switches that are running L3-HSRP

!

mac-address-table aging-time 14400

!

This will then equal 4 Hours, same as the ARP cache.

Regards

Alex

Regards, Alex. Please rate useful posts.
New Member

unexpected packets on port

thanks for the links, but they only helped me on another problem though

at least i will now set the unicast flood protection (action = syslog) to see exactly what is happening.

actually i dont use HSRP at all, does it also apply to VRRP?

and in special conditions i can create packets myself (for example normal PINGs) which gets flooded too

thanks

Roland

Green

unexpected packets on port

Roland,

YES the unicast flooding happens with VRRP too.

The solution is the same as HSRP.

You need to adjust the mac table time out to equal the ARP cache of 4 hours

!

mac-address-table aging-time 14400

!

See link

http://www.cisco.com/en/US/docs/solutions/Enterprise/Campus/HA_campus_DG/hacampusdg.html#wp1108782

Regards

Alex

Regards, Alex. Please rate useful posts.
New Member

unexpected packets on port

thank you, helped a lot.

things getting clear now ;-)

388
Views
0
Helpful
4
Replies