[c-nsp] VSS 1440 issues

Eric Cables ecables at gmail.com
Mon Aug 17 13:09:41 EDT 2009 

You need to put a sniffer on those ports to discover the destination for the
unicast flooding.

-- Eric Cables


On Mon, Aug 17, 2009 at 6:01 AM, C and C Dominte
<domintefamily at yahoo.co.uk>wrote:

>  Hi,
>
> I am still experiencing unknown unicast flooding with the Catalyst 6509 VSS
> 1440 configuration.
>
> I have tried two more tests, to check if the flood will stop:
>
> 1. I turned off the routed-mac feature
>
> #sh mac-addr aging-type routed
>  Routed MAC aging : disabled
>
> 2. I configured the arp timeout for each VLAN interface to 900 seconds
>
> To test if this solved the problem, I enabled 4 interfaces on Switch 2, and
> as soon as that was done, 100 mbps flood of unknon unicast was sent to all
> trunk ports.
>
> I pasted below the MAC address aging time that is currently 3 times the
> syncronisation time:
>
> Syncronisation time:
>
>     Global Status:
> Status of feature enabled on the switch             :  on
> Default activity time                               :  160
> Configured current activity time                    :  640
>
> Mac address aging:
>
> #sh mac-addr aging-time
> Vlan    Aging Time
> ----    ----------
> Global  1920
> no vlan age other than global age configured
>
> I am really out of ideas as to what can cause this loop, that then
> generates the unknown unicast flood. Has anyone experienced anything similar
> and can offer any advice on why this is happening?
>
> Thank you
>
> Catalin
>
> --- On *Fri, 7/8/09, Eric Cables <ecables at gmail.com>* wrote:
>
>
> From: Eric Cables <ecables at gmail.com>
> Subject: Re: [c-nsp] VSS 1440 issues
> To: "Kevin Loch" <kloch at kl.net>
> Cc: "cisco-nsp at puck.nether.net" <cisco-nsp at puck.nether.net>
> Date: Friday, 7 August, 2009, 8:43 AM
>
>
> Agreed, your mileage may vary on the exact timers to use (I ended up at 900
> seconds), but synchronizing MAC and ARP aging timers should solve your
> unicast flooding issues, assuming the traffic is to legitimate
> destinations.
>
> Have you captured any traffic to identify the destination of flooded
> traffic?
>
> -- Eric Cables
>
>
> On Thu, Aug 6, 2009 at 9:35 PM, Kevin Loch <kloch at kl.net<http://mc/compose?to=kloch@kl.net>>
> wrote:
>
> > C and C Dominte wrote:
> >
> >  Thank you for your advice, however, increasing the timers
> >> did not work.
> >>
> >>
> >> I powered down the active linecards from switch 2
> >> yesterday to see if it stopped the unicast flood, which it did.
> >>
> >> Today I increased the mac address syncronisation activity
> >> time to 640 and the mac address aging time to 1920 (3x640) as below:
> >>
> >
> > While I have not run 6500's in VSS mode I have run into similar unicast
> > flooding with certain non-VSS configurations of 6500's.  The most
> > reliable fix I have found is "arp timeout 120" in the affected vlan
> > interfaces.
> >
> > - Kevin
> >
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net<http://mc/compose?to=cisco-nsp@puck.nether.net>
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net<http://mc/compose?to=cisco-nsp@puck.nether.net>
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
>

More information about the cisco-nsp mailing list