[c-nsp] Unicast flooding?

Frank Bulk - iName.com frnkblk at iname.com
Wed Jan 13 09:48:51 EST 2010



> -----Original Message-----
> From: Phil Mayers [mailto:p.mayers at imperial.ac.uk]
> Sent: Wednesday, January 13, 2010 3:18 AM
> To: frnkblk at iname.com
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] Unicast flooding?
> 
> > While the event is occurring I have verified the ARP and CAM entry.
> The CAM
> > entry is associated with one of the first two Ethernet interfaces,
> not the
> > third.  I can clear the ARP and CAM entry from the CLI and they are
> > re-learned with the same information, yet the traffic continues to
> egress
> > the wrong Ethernet port.
> 
> Ugh.

Agreed.

> > I've set the ARP timeout to 4 minutes so that it's less than the CAM
> table's
> > default configuration of 5 minutes, but there was no improvement.
> One more
> > observation -- the errant port is the root of the bridge.
> >
> > Any ideas why the 7609 would be sending traffic out an Ethernet port
> to a
> > device that the CAM table says is on a different Ethernet port?
> 
> What module is the traffic coming in via? Which of the modules have
> DFCs?
> 
> Have you looked at:
> 
> http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_not
> e09186a00807347ab.shtml#dfc
> 
> ...specifically the 1st item "Loss of Dynamic MAC Addresses with
> Distributed Switching" which could possibly be related, though that is
> a
> wild guess.

Thanks for reminding me about this article.  When I do a "sh
mac-address-table", am I looking at what's on the Supervisor or line card's
DFC?

When I turn it on, I get this message:

	Mutual_7609(config)#mac-address-table synchronize
	 % Current activity time is [160] seconds
	 % Recommended aging time for all vlans is at least three times the
activity interval

The aging time of the CAM?  By default it's 300 seconds, so working
backwards, I would want a "Current activity time" of 100 seconds, but that
doesn't appear to be an option.  So I've now increased the mac address-table
aging time for that VLAN to 480 seconds (3 x 160) and the arp timeout also
to 480 seconds.

> How long has this been happening for?

We've had the first two interfaces in production for several months. We just
turned up this third interface two or three weeks, and started moving
customers on there and they started complaining last week, so extrapolating
from that I'm pretty confident it's been doing this the whole time.

Frank




More information about the cisco-nsp mailing list