[c-nsp] Strange static MAC address entry is cisco 6500, anyone seen this?

Maarten Carels lists at carels.info
Thu Jan 15 09:40:52 EST 2015


Hi list,

I have a strange problem with my dhcpv6 implementation, and I traced it to strange behaviour in both
6500 switches.
My setup is like this: (ascii art)

     +----------+                +------+            +------+
     | router   +================+ 6500 +============+ 6500 +
     +----------+                +------+            +--+---+
         /                                              |
        /                                         +-----+-----+
    +-----+                                       | 4924-10ge |
    |dhcp6|                                       +-----+-----+
    +-----+                                             |
                                                        |
                                                    +---+----+
                                                    | 3560-x |
                                                    +---+----+
                                                        |
                                                        |
                                                      +-+--+
                                                      | PC |
                                                      +----+

All cisco gear (two 6500's, a ME-4924-10GE and a couple of 3560-x access-switches are doing only layer-2
forwarding. The router and the first 6500 are connected by a EtherChannel (of 2 10G lines).
The connection between the two 6500 switches is alsi 2*10G EtherChannel.
Router is a Juniper MX, which runs a dhcpv6 relay agent that forwards to the dhcpv6 server.
It also sends Router Advertisements, directing all clients to use dhcp.

Problem is that the DHCP Sollicit's don't arrive at the Juniper router.
It turned out to be a layer-2 problem, where the 6500 switches didn't forward the frames in the
right direction.
IPv6 multicast address ff01::1:2 leads to a MAC address of 333.0001.0002, so the switch (no multicast
config) should flood that to all ports in the vlan.

Investigation learned however that both the 6500 had static entries in their MAC address tables for
3333.0001.0002, pointing away from the router (the leftmost 6500 had it pointing to the other 6500,
and the rightmost 6500 pointed to the 4924). Even stranger, that entry was a static one, and it only
was present for a single vlan. The entry didn't occur in the config file, and so it wasn't removable.
Obviously, dhcpv6 didn't work in that vlan.

Adding a static MAC address entry for the vlan, indicating the interface in the direction of the
Juniper router fixed the problem. The mac-address table shows the mac-address now for 2 interfaces,
the correct one leading to the router (manually added) and also the incorrect one (leading away).

Has anyone seen this behavour? We run s72033-ipservicesk9_wan-mz.122-33.SXI6.bin on the left 6500, and
s72033-ipservicesk9_wan-mz.122-33.SXJ.bin on the other. Both have dual VS-S720-10G and two
WS-X6748-GE-TX linecards each. How do I remove that static entry?

--maarten

---
In real life: Maarten Carels
              XS4ALL Internet

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 526 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20150115/be28f6e9/attachment.sig>


More information about the cisco-nsp mailing list