Configuring MAC Address Tables

Similar documents
Configuring MAC Address Tables

Configuring MAC Address Tables

Configuring MAC Address Tables

Configuring the MAC Address Table

Configuring Layer 2 Switching

Configuring Layer 2 Switching

Configuring IGMP Snooping

Configuring Traffic Storm Control

Configuring Private VLANs Using NX-OS

vpc Layer 3 Backup Routing with F1 and Peer Gateway

Configuring Traffic Storm Control

Contents. Introduction. Prerequisites. Requirements. Components Used

Configuring DHCP Snooping

Configuring sflow. Information About sflow. sflow Agent. This chapter contains the following sections:

On the Cisco Nexus 5548 Switch, Fibre Channel ports and VSAN ports cannot be configured as ingress source ports in a SPAN session.

Configuring Port-Based Traffic Control

Configuration Examples for DHCP, on page 37 Configuration Examples for DHCP Client, on page 38 Additional References for DHCP, on page 38

Configuring VXLAN EVPN Multi-Site

Configuring SPAN. Configuring SPAN. SPAN Sources. This chapter includes the following sections: Configuring SPAN, page 1

Finding Feature Information, page 2 Information About DHCP Snooping, page 2 Information About the DHCPv6 Relay Agent, page 8

The document assumes a working knowledge of the Nexus 7000 architecture

Configuring DHCP. About DHCP Snooping, page 2 About the DHCPv6 Relay Agent, page 8

Configuring Q-in-Q VLAN Tunnels

Nexus 7000: Configuring OTV VLAN Mapping using VLAN Translation on a Trunk Port

Configuring Rate Limits

Configuring Q-in-Q VLAN Tunnels

Verified Scalability Limits

vpc Configuration Synchronization

Managing the Unicast RIB and FIB

Configuring VXLAN EVPN Multi-Site

Configuring DHCP. Finding Feature Information

Configuring EtherChannels

Configuring Virtual Port Channels

Configuring VXLAN EVPN Multi-Site

Configuring Virtual Port Channels

Configuring PIM. Information About PIM. Send document comments to CHAPTER

Configuring Virtual Port Channels

Configuring EtherChannels

Configuring IPv4. Finding Feature Information. This chapter contains the following sections:

Configuring Access and Trunk Interfaces

Configuring Layer 3 Interfaces

Catalyst Switches for Microsoft Network Load Balancing Configuration Example

Configuring Port Channels

Connecting to the Network

VXLAN Deployment Use Cases and Best Practices

Configuring Port Channels

Configuring Port Security

Configuring Layer 3 Interfaces

Configuring Port-Based Traffic Control

Configuring TAP Aggregation and MPLS Stripping

Configuring SPAN. Finding Feature Information. About SPAN. SPAN Sources

Configuring PTP. Information About PTP. This chapter contains the following sections:

Configuring Unicast RPF

Configuring Policy-Based Routing

Configuring SPAN. About SPAN. SPAN Sources

Configuring Local SPAN and ERSPAN

Microsoft Network Load Balancing on UCS B Series Servers Deployment Configuration Example

Configuring Port-Based Traffic Control

Configuring TAP Aggregation and MPLS Stripping

Configuring Q-in-Q VLAN Tunnels

Managing the Unicast RIB and FIB, on page 5

Configuring EtherChannels

With 802.1X port-based authentication, the devices in the network have specific roles.

Managing the Unicast RIB and FIB, page 5

Configuring Port Channels

VXLAN Overview: Cisco Nexus 9000 Series Switches

Configuring Virtual Port Channels

Configuring Enhanced Virtual Port Channels

Configuring Policy-Based Routing

This chapter describes how to configure the NetFlow feature on Cisco NX-OS devices.

With 802.1X port-based authentication, the devices in the network have specific roles.

Configuring Basic Interface Parameters

Configuring MPLS Label Imposition

Implementing VXLAN in DataCenter

Configuring Online Diagnostics

Configuring Layer 3 Virtualization

Configuring Rapid PVST+ Using NX-OS

Configuring 802.1X. Finding Feature Information. Information About 802.1X

Overview. Overview. OTV Fundamentals. OTV Terms. This chapter provides an overview for Overlay Transport Virtualization (OTV) on Cisco NX-OS devices.

Configuring Private VLANs

Chapter 5: Ethernet. Introduction to Networks - R&S 6.0. Cisco Networking Academy. Mind Wide Open

PracticeTorrent. Latest study torrent with verified answers will facilitate your actual test

Configuring Static and Dynamic NAT Translation

OTV Technology Introduction and Deployment Considerations

Configuring Session Manager

Configuring MLD Snooping

Exam Questions

Configuring DHCP Snooping

Configuring Port-Based Traffic Control

Verified Scalability Limits

Configuring Port Channels

Storm Control over EVC

Configuring Static and Dynamic NAT Translation

Configuring WCCPv2. Information About WCCPv2. Send document comments to CHAPTER

Configuring VM-FEX. Information About VM-FEX. VM-FEX Overview. VM-FEX Components. This chapter contains the following sections:

Configuring Tap Aggregation and MPLS Stripping

Configuring IPv6 First-Hop Security

Configuring NetFlow. About NetFlow. This chapter describes how to configure the NetFlow feature on Cisco NX-OS devices.

Verified Scalability Limits

Configuring Virtual Ethernet Interfaces

Transcription:

This chapter contains the following sections: Information About MAC Addresses, page 1 Guidelines for Configuring the MAC Address Tables, page 2 MAC Address Movement, page 2 Configuring MAC Addresses, page 2 Verifying the MAC Address Configuration, page 6 Triggering the Layer 2 Consistency Checker, page 7 Information About MAC Addresses To switch frames between LAN ports, the switch maintains an address table. When the switch receives a frame, it associates the media access control (MAC) address of the sending network device with the LAN port on which it was received. The switch dynamically builds the address table by using the MAC source address of the frames received. When the switch receives a frame for a MAC destination address not listed in its address table, it floods the frame to all LAN ports of the same VLAN except the port that received the frame. When the destination station replies, the switch adds its relevant MAC source address and port ID to the address table. The switch then forwards subsequent frames to a single LAN port without flooding all LAN ports. You can also enter a MAC address, which is termed a static MAC address, into the table. These static MAC entries are retained across a reboot of the switch. In addition, you can enter a non-ip multicast address as a statically configured MAC address. A non-ip multicast address can accept more than one interface as its destination. The address table can store a number of unicast and non-ip multicast address entries without flooding any frames. The switch uses an aging mechanism, defined by a configurable aging timer, so if an address remains inactive for a specified number of seconds, it is removed from the address table. 1

Guidelines for Configuring the MAC Address Tables Guidelines for Configuring the MAC Address Tables See the following guidelines and limitations for configuring the MAC address tables: MAC Address Movement Beginning with Cisco NX-OS Release 7.0(3)I7(2), Cisco Nexus 3500 Series switches support configuring MAC move loop detection. Starting with Release 7.0(3)I2(1), the aging of the mac-address is not incrementing in the output of the show mac address-table CLI command. Therefore, the proper age of the mac-address cannot be determined. Starting with Release 7.0(3)I2(1), the show mac address-table CLI command does not display the multicast MAC entries. Use the show mac address-table multicast CLI command to check the Layer 2 entries. Beginning with Cisco NX-OS Release 7.0(3)I7(3), Cisco Nexus 3232C, Cisco Nexus 3264Q, and Cisco Nexus 3164Q Series switch support disabling and re-enabling MAC address learning on Layer 2 interfaces. You can detect and limit the number of times that a MAC address moves from one port to another. This movement of MAC addresses between ports can cause loops. Until Cisco NX-OS Release 6.0(2)U3(1), when a loop was detected between two ports, MAC learning was disabled for 180 seconds. You can now configure the action of bringing down the port with the lower interface index when such a loop is detected by using the mac address-table loop-detect port-down command. To revert to the default action of disabling MAC learning, use the no form of this command. Configuring MAC Addresses Configuring Static MAC Addresses You can configure static MAC addresses for the switch. These addresses can be configured in interface configuration mode or in VLAN configuration mode. Enters global configuration mode. Step 2 switch(config) # mac-address-table static mac_address vlan vlan-id {drop interface {type slot/port} port-channel number} [auto-learn] Specifies a static address to add to the MAC address table. If you enable the auto-learn option, the switch will update the entry if the same MAC address is seen on a different port. 2

Configuring the Aging Time for the MAC Table Step 3 switch(config)# no mac address-table static mac_address vlan vlan-id (Optional) Deletes the static entry from the MAC address table. Use the mac address-table static command to assign a static MAC address to a virtual interface. This example shows how to put a static entry in the MAC address table: switch(config) # mac address-table static 12ab.47dd.ff89 vlan 3 interface ethernet 1/4 switch(config) # Configuring the Aging Time for the MAC Table You can configure the amount of time that an entry (the packet source MAC address and port that packet ingresses) remains in the MAC table. MAC aging time can be configured in either interface configuration mode or in VLAN configuration mode. Note If the Cisco Nexus device is used as a Layer 2 or Layer 3 termination switch, Cisco recommends that you set the mac-address-table aging-time to 1800 (higher than the default ARP aging time of 1500 seconds) on all VLANs. The Cisco Nexus 3000 series switches do not support per-vlan CAM aging timers. Enters global configuration mode. Step 2 switch(config)# mac-address-table aging-time seconds Specifies the time before an entry ages out and is discarded from the MAC address table. Note Starting with Release 7.0(3)I2(1), the aging of the mac-address is not incrementing in the output of the show mac address-table CLI command. Therefore, the proper age of the mac-address cannot be determined. The seconds range is from 0 to 1000000. The default is 300 seconds for Cisco NX-OS 5500 and 1800 for Cisco NX-OS 5600 and 6000 series. Entering the value 0 disables the MAC aging. This example shows how to set the aging time for entries in the MAC address table to 300 seconds: switch(config) # mac-address-table aging-time 300 switch(config) # show mac address-table Legend: * - primary entry, G - Gateway MAC, (R) - Routed MAC, O - Overlay MAC 3

Configuring MAC Move Loop Detection age - seconds since last seen,+ - primary entry using vpc Peer-Link, (T) - True, (F) - False VLAN MAC Address Type age Secure NTFY Ports ---------+-----------------+--------+---------+------+----+------------------ * 1 c08c.60a7.4667 dynamic 0 F F Eth1/9 * 300 c08c.60a7.4667 dynamic 0 F F nve1(3.3.3.3) G - 7cad.74c8.d747 static - F F sup-eth1(r) switch(config)# Configuring MAC Move Loop Detection When the number of MAC address moves between two ports exceeds a threshold, it forms a loop. Until Cisco NX-OS Release 6.0(2)U3(1), when a loop was detected between two ports, MAC learning was disabled for 180 seconds. You can now configure the action of bringing down the port with the lower interface index when such a loop is detected by using the mac address-table loop-detect port-down command. To revert to the default action of disabling MAC learning, use the no form of this command. Enters global configuration mode. Step 2 switch(config)#[no] mac address-table loop-detect port-down Specifies the port-down action for MAC move loop detection. The no form of this command reverts to the default action of disabling MAC learning for 180 seconds. Step 3 switch(config)# mac address-table loop-detect port-down edge-port Enables the err-disabled detection for the edge-port on the MAC move loop detection. This example shows how to configure port-down as the action for MAC move loop detection: switch(config)# mac address-table loop-detect port-down This example shows how to enable the err-disabled detection for the edge-port on the MAC move loop detection. switch(config)# mac address-table loop-detect port-down edge-port Disabling MAC Address Learning on Layer 2 Interfaces You can now disable and re-enable MAC address learning on Layer 2 interfaces. Enters global configuration mode. 4

Clearing Dynamic Addresses from the MAC Table Step 2 switch(config)# interface type slot/port Enters the interface configuration mode for the specified interface. Step 3 switch(config-if)# [no] switchport mac-learn disable Disables MAC address learning on Layer 2 interfaces. The no form of this command re-enables MAC address learning on Layer 2 interfaces. Step 4 switch(config-if)# clear mac address-table dynamic interface type slot/port Clears the MAC address table for the specified interface. Important After disabling MAC address learning on an interface, ensure that you clear the MAC address table. This example shows how to disable MAC address learning on Layer 2 interfaces: switch(config)# interface ethernet 1/4 switch(config-if)# switchport mac-learn disable switch(config-if)# clear mac address-table dynamic interface ethernet 1/4 This example shows how to re-enable MAC address learning on Layer 2 interfaces: switch(config)# interface ethernet 1/4 switch(config-if)# no switchport mac-learn disable Clearing Dynamic Addresses from the MAC Table You can clear all dynamic entries in the MAC address table. Command switch(config)# clear mac-address-table dynamic {address mac-addr} {interface [type slot/port port-channel number} {vlan vlan-id} Clears the dynamic address entries from the MAC address table. This example shows how to clear the dynamic entries in the MAC address table: switch# clear mac-address-table dynamic 5

Verifying the MAC Address Configuration Verifying the MAC Address Configuration Note On Cisco Nexus 3000 and Cisco Nexus 3548 Series platforms, the self router MAC or HSRP VMAC are dynamically learned by the switch under the following condition: When there is a transient loop in the network due to which the switch receives its own packets. This behavior is different from other Cisco Nexus platforms. However, there is no operational impact due to these self MAC entries that are present in the MAC table. Any packet that is destined to the router MAC or HSRP MAC is routed. There is no Layer 2 lookup on these packets. Use one of the following commands to verify the configuration: Table 1: MAC Address Configuration Verification Commands Command show mac-address-table aging-time show mac-address-table show mac address-table loop-detect Displays the MAC address aging time for all VLANs defined in the switch. Displays the contents of the MAC address table. Note IGMP snooping learned MAC addresses are not displayed. Displays the currently configured action. This example shows how to display the MAC address table: switch# show mac-address-table VLAN MAC Address Type Age Port ---------+-----------------+-------+---------+------------------------------ 1 0018.b967.3cd0 dynamic 10 Eth1/3 1 001c.b05a.5380 dynamic 200 Eth1/3 Total MAC Addresses: 2 This example shows how to display the current aging time: switch# show mac-address-table aging-time Vlan Aging Time ----- ---------- 1 300 13 300 42 300 This example shows how to display the currently configured action: switch(config)# show mac address-table loop-detect Port Down Action Mac Loop Detect : enabled switch(config)# no mac address-table loop-detect port-down switch(config)# show mac address-table loop-detect Port Down Action Mac Loop Detect : disabled 6

Triggering the Layer 2 Consistency Checker Triggering the Layer 2 Consistency Checker You can manually trigger the Layer 2 consistency checker to compare the hardware and software configuration of MAC addresses and display the results. It displays MAC addresses that are configured in the software, but not configured in the hardware, as well as MAC addresses that are configured in the hardware, but not in the software. To manually trigger the Layer 2 consistency checker and display the results, use the following command in any mode: switch# show consistency-checker l2 Starts a Layer 2 consistency check on MAC addresses and displays the results. This example shows how to trigger a Layer 2 consistency check and display the results: switch# show consistency-checker l2 Consistency Check: FAILED Legend: * - primary entry, G - Gateway MAC, (R) - Routed MAC age - seconds since last seen Missing entries in the MAC Table VLAN MAC Address Type age Secure NTFY Ports ---------+-----------------+--------+---------+------+----+------------------ 1 0100.0100.0106 dynamic - F F 0 1 0200.0100.0125 static - F F 0 Extra and Discrepant entries in the MAC Table VLAN MAC Address Type age Secure NTFY Ports ---------+-----------------+--------+---------+------+----+------------------ * 1 0000.0100.0109 dynamic 370 F F Eth1/41 7

Triggering the Layer 2 Consistency Checker 8

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback