Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Poor Layer3 vlan Performance issue caused by mac table

Hi All,

We've been battling a very strange problem for the past few weeks.

The issue has been causing packet loss and huge performance degradation on our L3 based VLANs between our server subnet on VLAN1 and our L3 vlans.

Inside the vlans, client to client traffic operates as expected.


Core switch is an SG500x-48

L3 switches are SG500-48 (2 of them) providing separate gateways for different VLANs connected to the 500X

Access switches - SG300 and SG200 connected to the L3 switches.


After much digging and replacing and re-configuring we found that the mac addresses of clients in our L3 vlans were not showing in the Dynamic Address Table of our core L3 switches, resulting in a large amount of arping, poor performance and packet loss when the clients had to move any small volume of data from VLAN1 to any other L3 based vlan.


Manually adding static entries for the clients in the affected vlans to the L3 switches immediately fixed the issue.

Our L2 performance on the 500X is perfect with all clients displaying in the Dynamic address table.


Has anybody got any thoughts on this.



If you are routing from

If you are routing from downstream L3 switches, then client MAC addresses probably won't be in the VLAN1 switch.  Remember that VLAN1 should be sending reply packets back to the GATEWAY for routed clients, and not directly to clients themselves (by design ? ).  If you look at the MAC addresses listed on the Vlan1 switch, you should only have the MAC addresses for all active stations in that VLAN, plus any gateways leading toward the client vlans.

Are you running a routing protocol between the 2 IP address ranges affected, or simply static routes?

Servers should have a default route pointing to THEIR default gateway; and that gateway in turn should have routes to the (other 2 in your case) downstream gateways.

This is a normal design, and shouldn't be a performance issue.  Verify this with tracert from server to client, and client to server.