[e-nsp] x650 - hardware FDB table empty

Marcin Kuczera marcin at leon.pl
Tue Apr 16 06:16:55 EDT 2013 

On 2013-04-16 11:27, Erik Bais wrote:
>
> Hi Marcin,
>
> If the hardware FDB is empty, you either do something specific which 
> results in software switching only …
>
> Which isn’t very likely …
>
> You should see at least some entries in the HW FDB … if the switches 
> are linked together, and you have something like LLDP or EDP running, 
> you should at least see the other switch their FDB entries.
>

I use EDP (that works fine), EAPS, ELSM. That's all.

> What are you trying to do with the devices and what is the config ?
>

Just L2 switching, mirroring, EAPS, ELSM, EDP, IGMP Snooping...

> And are you doing something specific in regards that you have disabled 
> MAC learning for instance ? or enabled port security (1 mac per port 
> limitation security feature) ?
>

There were 2 entries in config :
configure ip-security dhcp-snooping information circuit-id 
vlan-information 101 vlan test1
configure ip-security dhcp-snooping information circuit-id 
vlan-information 121 vlan test2

but I have them removed and it didn't cause hardware table to learn 
anything...

I have ~100Mbit/s of unknow unicast traffic at ~4.5G of internet 
traffic... that's a lot.

Regards,
Marcin



> Regards,
>
> Erik Bais
>
> *From:*extreme-nsp [mailto:extreme-nsp-bounces at puck.nether.net] *On 
> Behalf Of *Marcin Kuczera
> *Sent:* dinsdag 16 april 2013 11:11
> *To:* extreme-nsp at puck.nether.net
> *Subject:* [e-nsp] x650 - hardware FDB table empty
>
> hello,
>
> At the moment I have 3 sites with x650 switch.
> All of them running 15.3.1.4 v1531b4-patch1-3
>
> In main site, the problem is that hardware fdb table is not used !?
> Hardware-learned entries:
> MAC               VlanId    Flags Port  HIT    VPLS
> ===================================================
> Hardware-learned In-use count: 0
> Num of msgs from FDB :              2258820
>
> on the other sites, this table contains entries equal to what's on 
> show fdb stats.
> I was trying to compare configs, there were some dhcp-snooping entries 
> for 2 vlans, but removing them didn't help out (or maybe it requires 
> reload ?)
>
> My main problem is that at the level of ~16k mac addresses I have a 
> lot of unknow-unicast traffic that shouldn't be there.
>
> oh - the only function that is in central site is - mirroring.
>
> Anyone knows how to turn on hardware fdb table ?
>
> Regards,
> Marcin
>
>
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/extreme-nsp/attachments/20130416/53c1cb65/attachment-0001.html>

More information about the extreme-nsp mailing list