[c-nsp] VSS 1440 issues

C and C Dominte domintefamily at yahoo.co.uk
Mon Aug 17 09:01:47 EDT 2009 

Hi,

I am still experiencing unknown unicast flooding with the Catalyst 6509 VSS 1440 configuration. 

I have tried two more tests, to check if the flood will stop:

1. I turned off the routed-mac feature

#sh mac-addr aging-type routed
 Routed MAC aging : disabled

2. I configured the arp timeout for each VLAN interface to 900 seconds

To test if this solved the problem, I enabled 4 interfaces on Switch 2, and as soon as that was done, 100 mbps flood of unknon unicast was sent to all trunk ports.

I pasted below the MAC address aging time that is currently 3 times the syncronisation time:

Syncronisation time:

    Global Status:
Status of feature enabled on the switch             :  on
Default activity time                               :  160
Configured current activity time                    :  640

Mac address aging:

#sh mac-addr aging-time
Vlan    Aging Time
----    ----------
Global  1920
no vlan age other than global age configured

I am really out of ideas as to what can cause this loop, that then generates the unknown unicast flood. Has anyone experienced anything similar and can offer any advice on why this is happening?

Thank you

Catalin

--- On Fri, 7/8/09, Eric Cables <ecables at gmail.com> wrote:

From: Eric Cables <ecables at gmail.com>
Subject: Re: [c-nsp] VSS 1440 issues
To: "Kevin Loch" <kloch at kl.net>
Cc: "cisco-nsp at puck.nether.net" <cisco-nsp at puck.nether.net>
Date: Friday, 7 August, 2009, 8:43 AM

Agreed, your mileage may vary on the exact timers to use (I ended up at 900
seconds), but synchronizing MAC and ARP aging timers should solve your
unicast flooding issues, assuming the traffic is to legitimate destinations.

Have you captured any traffic to identify the destination of flooded
traffic?

-- Eric Cables


On Thu, Aug 6, 2009 at 9:35 PM, Kevin Loch <kloch at kl.net> wrote:

> C and C Dominte wrote:
>
>  Thank you for your advice, however, increasing the timers
>> did not work.
>>
>>
>> I powered down the active linecards from switch 2
>> yesterday to see if it stopped the unicast flood, which it did.
>>
>> Today I increased the mac address syncronisation activity
>> time to 640 and the mac address aging time to 1920 (3x640) as below:
>>
>
> While I have not run 6500's in VSS mode I have run into similar unicast
> flooding with certain non-VSS configurations of 6500's.  The most
> reliable fix I have found is "arp timeout 120" in the affected vlan
> interfaces.
>
> - Kevin
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list