Catalyst 3524 unicast flooding

Discussion in 'Cisco' started by Peter Boutzev, Feb 21, 2004.

  1. Hello everybody,

    I am encountering a strange problem with few Catalyst 3524XL switches. The
    problem seems related to "unknown unicast flooding". The switch seems to not
    correctly flood unknown unicast frames, therefore I get partial loss of
    connectivity. After some debugging, I figured out that the problem happens
    when the switch expires the CAM entry for a specific MAC address, while
    other systems continue to send unicast frames towards that MAC address. If
    the ARP table of the source system is flushed - the problem gets temporarly
    resolved (that is, the source system sends a broadcast ARP request, the
    destination system responds, and the switch updates its CAM table).

    The symptoms are more apparent with printers, since they don't generate a
    lot of network traffic on themselves. Therefore, the CAM entries associated
    with these printers expire on a regular basis.

    If I don't miss something, the switch is supposed to flood all unknown
    unicast frames to all parts of the VLAN. This doesn't seem to be the case.

    The problem doesn't only occur between switches - it also occurs between
    systems connected to the same switch. If a MAC address is manually erased
    from the CAM table, and unicast frame are send towards that same MAC
    address - the switch doesn't flood the frame. I am not sure if it sends it
    on the wrong port, or if it just drops it.

    I've seen a post regarding a similiar problem, however I couldn't find
    any information on fixing it. I will appreciate any recommendations.

    Thanks,

    Peter Boutzev
     
    Peter Boutzev, Feb 21, 2004
    #1
    1. Advertising

  2. I tried to modify the CAM table aging time to 3600 seconds, and it seems to
    work much better than before. This is probably because the ARP entriews on
    end-stations expire long before the CAM entries on the switch. This forces
    end-stations to broadcast ARP requests, which are correctly forwarded by the
    switch. However, this is just a quick-fix, not a solution.

    Any ideas ?

    Peter

    Peter Boutzev wrote:

    > Hello everybody,
    >
    > I am encountering a strange problem with few Catalyst 3524XL switches. The
    > problem seems related to "unknown unicast flooding". The switch seems to
    > not correctly flood unknown unicast frames, therefore I get partial loss
    > of connectivity. After some debugging, I figured out that the problem
    > happens when the switch expires the CAM entry for a specific MAC address,
    > while other systems continue to send unicast frames towards that MAC
    > address. If the ARP table of the source system is flushed - the problem
    > gets temporarly resolved (that is, the source system sends a broadcast ARP
    > request, the destination system responds, and the switch updates its CAM
    > table).
    >
    > The symptoms are more apparent with printers, since they don't generate a
    > lot of network traffic on themselves. Therefore, the CAM entries
    > associated with these printers expire on a regular basis.
    >
    > If I don't miss something, the switch is supposed to flood all unknown
    > unicast frames to all parts of the VLAN. This doesn't seem to be the case.
    >
    > The problem doesn't only occur between switches - it also occurs between
    > systems connected to the same switch. If a MAC address is manually erased
    > from the CAM table, and unicast frame are send towards that same MAC
    > address - the switch doesn't flood the frame. I am not sure if it sends it
    > on the wrong port, or if it just drops it.
    >
    > I've seen a post regarding a similiar problem, however I couldn't find
    > any information on fixing it. I will appreciate any recommendations.
    >
    > Thanks,
    >
    > Peter Boutzev


    --
    Peter Boutzev
    Security Consultant
    Ubizen - Luxembourg
     
    Peter Boutzev, Feb 23, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Brad
    Replies:
    3
    Views:
    1,499
  2. Jean-Christophe Thuret

    unicast flooding on 6509

    Jean-Christophe Thuret, Feb 17, 2005, in forum: Cisco
    Replies:
    7
    Views:
    5,113
    Jean-Christophe Thuret
    Mar 3, 2005
  3. guybrush
    Replies:
    0
    Views:
    465
    guybrush
    Oct 17, 2006
  4. davidsouth
    Replies:
    0
    Views:
    533
    davidsouth
    Jul 17, 2007
  5. Replies:
    4
    Views:
    848
Loading...

Share This Page