Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Span port and Unicast packets

There is a problem with a PIX sending syslogs to a device that is plugged into the same switch as the PIX. From any other switch, in the span port the packets are seen going from the pix's ip port (514) to the device's ip port (514). Why do I see unicast packets propagating through all the switches when both devices are in the same switch? Do I need to hard code the MAC's into the switch? The problem doesn't occur all the time.


Re: Span port and Unicast packets

When a switch receives a unicast packet with a destination address that it has not learned, the default is to flood it to all ports. You can disable flooding in this case on a per-port basis.So, I think in your switches, the default setting of flooding is enabled, VLANs are configured, and also VTP(trunking) is enabled so that even though the source and destination are on same switch, because of same VLANs, trunking and flooding enabled,the packet propagates through all switches.