[c-nsp] Same MAC addresses from two ports on different VLAN

Gert Doering gert at greenie.muc.de
Fri Mar 12 17:48:23 EST 2010 

Hi,

On Fri, Mar 12, 2010 at 02:21:32PM -0500, Jay Nakamura wrote:
> We have an Extreme Summit switch where I found that if you have two
> separate ports on different VLANs, and the same MAC address enters the
> switch on those two completely different VLANs, the switch will start
> having problems forwarding traffic.  (Or only use the first entry in
> the FDB, I am not sure what it actually does other than half of the
> traffic drops.)  Extreme support has confirmed that this is by design.
> 
> The reason I am posting this here is simple, does Cisco switches do
> the same thing?  Or if MAC address comes from two ports on different
> VLAN, would it just forward per VLAN?  Or would it depend on the
> model?

Cisco switches have completely independent MAC forwarding tables for
each VLAN.  That's the way it needs to be :-)

Especially if you use one if the Cisco switch/router platforms, e.g.
tbe 6500 series, which is using the same MAC address for every single
SVI (vlanXX) Layer3 interface...  here's an example - 0014.1cd2.30c0
is the SVI interfaces of one our 6506/Sup720s:

switch> sh cam 00-14-1c-d2-30-c0
* = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry.
X = Port Security Entry

VLAN  Dest MAC/Route Des    [CoS]  Destination Ports or VCs / [Protocol Type] 
----  ------------------    -----  -------------------------------------------
711   00-14-1c-d2-30-c0             2/1 [ALL]
64    00-14-1c-d2-30-c0             7/5-8 [ALL]
712   00-14-1c-d2-30-c0             2/1 [ALL]
609   00-14-1c-d2-30-c0             2/1 [ALL]
305   00-14-1c-d2-30-c0             2/1 [ALL]
63    00-14-1c-d2-30-c0             7/5-8 [ALL]
8     00-14-1c-d2-30-c0             2/1 [ALL]
462   00-14-1c-d2-30-c0             7/3-4 [ALL]
...
Total Matching CAM Entries Displayed = 21


> I can think of so many possible problems with this that I want to see
> if this is common design of switches or just Extreme and I need to
> start using different L2 switches.

"just Extreme".  But it wouldn't surprise me to see similar engineering
shortcuts in 3com and such, too.

gert

-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 305 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20100312/338255f9/attachment.bin>

More information about the cisco-nsp mailing list