[c-nsp] 6500 HSRP unicast flooding

Randy amps at djlab.com
Tue Feb 18 18:14:47 EST 2014


 

Update to #3 -- 

The mac entry is only present on the active HSRP member... and the flood
traffic is coming from standby member, heading out all the backup RSTP
paths (blocked on the remote end). 

core1#show mac address-table address 2a60.7aa6.f6d5
Legend: * - primary entry
 age - seconds since last seen
 n/a - not available

 vlan mac address type learn age ports
------+----------------+--------+-----+----------+--------------------------
Module 4[FE 1]:
* 86 2a60.7aa6.f6d5 dynamic Yes 0 Po2
Module 4[FE 2]:
* 86 2a60.7aa6.f6d5 dynamic Yes 235 Po2

core2#show mac address-table address 2a60.7aa6.f6d5
Legend: * - primary entry
 age - seconds since last seen
 n/a - not available

 vlan mac address type learn age ports
------+----------------+--------+-----+----------+--------------------------
No entries present.

On 02/18/2014 5:54 pm, John Kougoulos wrote: 

> Hi,
> 
> Did you issue "clear arp" after changing the mac aging on both switches so that they update their mac tables?
> 
> Other than that, are there any eg trunk ports flapping without portfast configured that could cause a lot of TCNs ?
> 
> When you see the traffic from the span, does the destination mac appear on the the "show mac address-table" ?
> 
> Regards, John 
> 
> On Tue, Feb 18, 2014 at 11:21 PM, Randy <amps at djlab.com> wrote:
> 
>> I recently duplicated a non-redundant 3BXL setup with a pair of units running HSRP+RSTP. Everything appears to work great, except for almost 100Mbps / 20kpps of flooding. I took a span of the traffic and it's straight up random unicast traffic on all the busy VLANs. Tried setting the global mac aging on both to 14400 with little to no observed change.
>> 
>> Other than the flooding, there doesn't seem to be any routing/switching issues.
>> 
>> The copp policy, and traffic/mac table sizes are pretty much identical to the non-HSRP setup from before that didn't have any issues.
>> 
>> CPU usage is quite low.
>> 
>> Could this be a copp problem or something else I'm overlooking with HSRP?
>> 
>> -- 
>> Randy
>> 
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp [1]
>> archive at http://puck.nether.net/pipermail/cisco-nsp/ [2]

-- 
~Randy
 

Links:
------
[1] https://puck.nether.net/mailman/listinfo/cisco-nsp
[2] http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list