[c-nsp] protecting router MAC addresses

lee.e.rian at census.gov lee.e.rian at census.gov
Wed Oct 13 07:04:12 EDT 2004

> > We've had a couple of times recently where Cisco IP phones
> > together get into a state where they echo frames back to the switch.
> > that happens the switch learns the router MAC address on the user port
> > traffic meant for the router is black-holed.  It finally happened on a
> > switch running 5.x code & we got a lot of these syslog messages
>     Isn't this is sort of a problem that spanning tree is designed to
> Enabling spanning tree or bpduguard on your access ports should solve the

> problem I think... if I understood well what you meant by "daisy chained"
> phones...

We do have spanning tree enabled on all vlans.  We don't have bpduguard
enabled & that sounds like something worth doing.  But I don't know if
enabling bpduguard would prevent the problem or not - we haven't been able
to recreate the problem.  By "daisy chained" I mean
switch == phone == phone == phone
so spanning tree shouldn't make any difference since there's no loop


More information about the cisco-nsp mailing list