[c-nsp] Catalyst switches and %C4K_EBM-4-HOSTFLAPPING
Peter Rathlev
peter at rathlev.dk
Thu Oct 13 16:58:34 EDT 2011
On Thu, 2011-10-13 at 16:44 +0200, Henry-Nicolas Tourneur wrote:
> 1. How will the Catalyst react if a MAC Adr flaps within only one
> VLAN? Will the same MAC Adr be impacted inside other VLAN?
The Catalyst switches use per-VLAN tables, so flapping in one table will
not directly affect other tables. You might have secondary effects from
the switch being busy updating the FDB. And the flapping might be a
symptom of a distant loop, which in turn might give you seperate
problems.
> 2. How can we protect against this? Is it possible to disable
> temporary only a VLAN and not a port (some ports being trunks...)?
If you're seeing the effects of a loop inside the customer network
reflecting frames back to you that it shouldn't, then there isn't much
to do AFAIK. It's one of the reasons interfacing at L2 with an untrusted
customer is a problem.
If you explain the topology and what you need to deliver there might be
someone who can propose a solution without these inherent problems.
--
Peter
More information about the cisco-nsp
mailing list