11-20-2011 06:47 AM - edited 03-04-2019 02:20 PM
I m receivng the below error in logging buffer.
C4K_L2MAN-6-INVALIDSOURCEADDRESSPACKET: (Suppressed 15 times)Packet received with invalid source MAC address (A1:14:97:1F:26:90) on port Te1/1 in vlan 2.
i have only 2 No's of Servers in vlan 2 and i hope from any one of the server is genenrating the false mac address packet. So i m thinking to apply a mac access-list for the 2 mac-addresses of the servers. pls confirm the below configuration are perfect. OR Suggest me some different solution, i have tried with port security but i m receiving an error found duplicate mac-address. so i have switchover to this solution.
mac access-list extended vlan2
permit host <1st server mac-address> any
permit host < 2nd server mac-address> any
exit
Switch(config)# vlan access-map oracle-server-vlan 10
Switch(config-access-map)# match mac address vlan2
Switch(config-access-map)# action permit
Switch(config-access-map)# vlan access-map oracle-server-vlan 20
Switch(config-access-map)# action drop
Switch(config-access-map)# exit
Switch(config)# vlan filter oracle-server-vlan vlan-list 2
Thanks
11-20-2011 07:05 AM
That does seem to be a bit of a sticky plaster solution rather than actually seeing what's causing the problem. Any access list adds processing load to the router and it would still be dropping bad packets.
Look in the routers arp table to see if the mac is resolved to any ip address then look at the switch forwarding table to see which physical port the mac is seen on!
It could be a dodgy nic or someone has manually entered an illegal value..
Sent from Cisco Technical Support iPad App
11-20-2011 09:55 AM
Hi,
I m using this solution becz i have seen in the arp table there is no other IP resolving except only 1 IP and also i have seen the port as well it is with the same IP and MAC
Other than the above what else i can do to resolve the issue,
Any more hints will be appreciated.
Thanks
11-20-2011 02:23 PM
Sorry but does that mean you know which server is generating the illegal packets?
All I'm saying is either a server nic is configured with a sw overide mac or is faulty. Once you put that filter on you've got to mange that, I.e. you go on hols and someone wants to add a new device on the LAN you'll have to keep adding MACs. What if the hw goes faulty and the new server is plugged in with a new MAC?
Sent from Cisco Technical Support iPad App
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: