[c-nsp] 6500 HSRP unicast flooding

Peter Rathlev peter at rathlev.dk
Tue Feb 18 18:57:58 EST 2014


On Tue, 2014-02-18 at 18:14 -0500, Randy wrote:
> The mac entry is only present on the active HSRP member... and the
> flood traffic is coming from standby member, heading out all the
> backup RSTP paths (blocked on the remote end). 

This probably means that the standby member is receiving traffic from
elsewhere that it forwards upon receiving it because it has a connected
route. You should be able to tell from where it comes by looking at the
source IP addresses.

Make sure traffic from elsewhere (other VLANs, other routers) arrives at
the HSRP primary device. Alternatively, that the traffic when forwarded
into the VLAN flows in a way that makes both your core devices see the
traffic.

Regarding TCNs, which might still be relevant since not only trunk
interface flaps can trigger them, take a look at the output from:

   show spanning-tree detail | include last change|executing

And see if any VLANs (or instances) have changed recently and often.

(P.S.: I can imagine one could suggest VSS as a solution to this
problem, which would technically be correct. OTOH VSS might introduce
other problems and/or be precluded for other reasons and it would not
really cast any light on the actual problem.)

-- 
Peter




More information about the cisco-nsp mailing list