cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
446
Views
0
Helpful
4
Replies

Unicast flooding

Hi all

 

Within our network we are seeing unicast flooding for 3 of our devices.

 

based on the topology attached the SNMP server sends a get request to the UPS which has to be routed to VLAN 20. when I run wireshark on my pc in VLAN 20 I am seeing all of the unicast traffic destined for the UPS.  When I look at the CAM table on the multilayer switch I can see that it has no entry for the MAc address of the UPS but I would expect it to learn it after the intital snmp request.  there are other devices within VLAN 20 also being polled and these are all being learned fine its just this UPS and a couple of other devices.

 

the SNMP server is running on centos

 

Any suggestions?

 

Thanks

 

steven

4 Replies 4

Joseph W. Doherty
Hall of Fame
Hall of Fame

Can you ping the UPS from your L3 switch?  If so, CAM still empty?

I cant ping the device from the L3 swicth i get timeouts but it does add the device to the cam table but then after 5 minutes its removed again even though there is SNMP traffic passing through the switch every minute.

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

I would investigate why the host doesn't respond to pings.

If the L3 switch doesn't see enough frames from the host, it will time out its CAM and new frames sent to that host will flood.

when I ssh onto the core via 192.168.10.1 (the SVI) and try to ping 192.168.20.10 what process does the switch take as its also acting as the default gateway out for VLAN 10?

 

hey...im 192.168.10.1 and I wanna ping 192.168.20.10 so I need to send this to my default gateway... hang on a minute I am the default gateway ok... ill lookup my routing table and see if I have a route for the 192.168.20.0/24 network which ill do so ill pass it to 192.168.20.1

 

Does the above process work or does the core trip up when it tries to send it to itself? hope that make sense! :P

 

Edit: Putting a ststic MAC entry into the cores CAM table resolves the unicast flooding but still doesnt explain why its not learning the MAC address.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco