Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

Duplicate MACS

When I run the duplicate MAC report from CM the report shows over 2,500 duplicate MAC addresses on our network.

I'm sure this isn't correct as the MACs that are showing as duplicates show twice on the same port (once on the voice vlan and once on the native vlan)

Is this a bug? Is there a way to fix this? I've attached an example from the report.

14 REPLIES
Cisco Employee

Re: Duplicate MACS

Are these duplicates IP phones?  What version of Campus do you have?

New Member

Re: Duplicate MACS

The version of CM is 5.2.1

I've looked into this a bit more and it would appear that all the devices showing as duplicates are connected to the switches via a trunk. Both PC's and IP Phones show as duplicates however they're all instances where the PC is connected to the phone (CP-7940's or 7941's) and then the phone is trunked to the switch (either 3550 or 3750).

Does this give an clues?

Cisco Employee

Re: Duplicate MACS

How are these MACs learned on the switch?  That is, what does a "show mac address-table" report for these ports?

New Member

Re: Duplicate MACS

Hi Joe,

I've looked into this a bit further today and can now confirm that 99% of the reported duplicates are infact IP Phones. There are a few of PC's and Servers reported as duplicates but these can be explained (ie, clustered servers, etc). I'm still not sure why the IP Phones are being reported as duplicated though?

When I do a "show mac address table int fa0/xx" on a switch I get the output below.

Vlan    Mac Address       Type           Ports
----    -----------       --------    -----
109    000b.fd5d.f173    DYNAMIC     Fa0/14
217    000b.fd5d.f173    DYNAMIC     Fa0/14

000b.fd5d.f173 is an IP Phone

VLAN 109 is the data VLAN

VLAN 217 is the Voice VLAN

Is there away that I can prevent these appearing as duplicates so the report can be more accurate?

Cisco Employee

Re: Duplicate MACS

What does the configuration look like for these ports?

New Member

Re: Duplicate MACS

The config for port fa0/14 is below (this will be pretty typical of almost all our ports which support IP Phones).

interface FastEthernet0/14
switchport trunk encapsulation dot1q
switchport trunk native vlan 109
switchport mode trunk
switchport voice vlan 217
no logging event link-status
mls qos trust device cisco-phone
auto qos voip cisco-phone
wrr-queue bandwidth 10 20 70 1
wrr-queue min-reserve 1 5
wrr-queue min-reserve 2 6
wrr-queue min-reserve 3 7
wrr-queue min-reserve 4 8
wrr-queue cos-map 1 0 1 2
wrr-queue cos-map 2 4
wrr-queue cos-map 3 3 6 7
wrr-queue cos-map 4 5
priority-queue out
spanning-tree portfast trunk
end

Cisco Employee

Re: Duplicate MACS

This is what I thought.  Unfortunately, since the switch reports the phone in both VLANs, UT will learn the MAC in both VLANs.  Ideally, the phone report should show you the unique phone entries, but CM 5.2.1 is currently plagued by CSCtd51845 in which duplicates may show up there.  As for getting a getting a better duplicate report, use the Duplicate MAC and VLAN report.  Anytime you have the same MAC duplicated in a given VLAN, that is a problem.  These phone entries should not show up on that report.

New Member

Re: Duplicate MACS

Thanks Joe..

I ran the duplicate MAC and VLAN report. This still showed some IP Phones as duplicated, however, only 177 of them rather than circa 2,500 shown in the duplicate MAC report. Does the bug you mention above also affect the MAC and VLAN report?

Also, do I need to take these duplicate into account when looking at the "Number of End Hosts" that CM reports on it's main screen. Currently this is showing as 11,311 end host, however, do I need to subtract the 1000 or so IP Phones that are indentified as duplicates?

Re: Duplicate MACS

I would presume there is a valid reason for the switchport to be in trunk mode to the IP phone?

I.e. there are multiple VLAN's connected behind the IP phone?

If there is only 1 VLAN connected behind an IP phone, putting the port in access mode instead of trunk would also solve your problem.

Cisco Employee

Re: Duplicate MACS

You're absolutely right.  The recommended config is to use multi-VLAN access ports to avoid STP overhead.  For example:

interface GigabitEthernet0/1

switchport access vlan 30

switchport mode access

switchport voice vlan 40

no logging event link-status

priority-queue out

mls qos trust dscp

no snmp trap link-status

no mdix auto

spanning-tree portfast

However, even in this case, the phone will appear on both the data and voice VLANs.  The phone report in UT will only show one entry (after the patch for the aforementioned bug is applied), but the end host report will show two.

New Member

Re: Duplicate MACS

Thanks Guys....The trunk example I used above was taken from a 3550 with an older version of IoS...I can't quite remember the exact IoS version but I think the muli-vlan access port only came into affect fairly recently. Our news 3750's are configured with multi-vlan access port config but (as Joe mentions) this also show's duplicates on the UT reports.

It sounds like there's no way around this so I just need to compensate when running reports. Do the total figures shown on the CM main poral (ie, total devices, etc) take into account these duplicates or do I need to subtact circa 50% of the total duplicates from the total?

Any idea when/if the bug fix is available and where I can get it from?

Cisco Employee

Re: Duplicate MACS

No, the metrics seen count all end hosts found.  What you're seeing is not a bug per se.  Based on how UT works, and how the phones associate with the switches, this behavior is expected.  The bug where multiple entries per phone show up in the phone report (i.e. the bug I mentioned previously on this thread), is fixed with a patch from TAC.

New Member

Re: Duplicate MACS

Thanks Joe..

I'm sorry to labour the point but I need to give our senior management an acurate(ish) count of the number of hosts on our network.

Currently CM is reporting 11,211 hosts on the network. Are the 2,104 duplicates shown in the Duplicate Report included in this number? If so, I guess I need to half the 2,104 (1502) and subtract this from the 11,211 acount for the duplicates being counte twice?

Cisco Employee

Re: Duplicate MACS

Yes, the total count will include the duped MACs.  Yep, divide by 2 and subtract to get the count without the duplicate phones.  As I said, you should use the duplicate MAC/VLAN report to get an accurate feel for real duplicates.

568
Views
0
Helpful
14
Replies
CreatePlease to create content