Using the 'show cam' and 'clear cam' commands

Discussion in 'Cisco' started by Chris, May 1, 2006.

  1. Chris

    Chris Guest

    I just inherited a pair of Catalyst 4000s, with roughly 80 hosts
    connected to each one. The trouble is, I have virtually no idea which
    ports are connected to where.

    I can use the 'show cam dynamic' command which gives me a list of MAC
    addresses connected to the ports, but for many of the ports it shows
    many addresses -- I guess that it caches them? I.e. I connect a host to
    port 1, then a few days later, connect a different host; and it updates
    the MAC address of the port but remembers what it used to be.

    > show cam dynamic

    (output snipped)
    1 00-0c-f1-b9-16-28 3/14 [ALL]
    1 00-0c-f1-f3-80-68 3/14 [ALL]
    1 00-0c-f1-f3-80-74 3/14 [ALL]

    I notice that there's a 'clear cam dynamic' command. If I go ahead and
    run 'clear cam dynamic', what are the implications for the network? I'm
    not using STP or anything like that, just 'regular' IP services. We
    have a large number of AppleTalk machines, if it matters (I believe STP
    has problems with AppleTalk).

    Will the switch quickly regenerate the CAM list for each port, or is it
    a time-consuming (and thus will bring my network down) process?

    Thanks!


    Chris
     
    Chris, May 1, 2006
    #1
    1. Advertising

  2. Chris

    Merv Guest

    It will recreate the table very quickly

    clear the cam table off hours if you are concerned

    You will see several MAC addresses on a port if that port is connected
    to another switch or if there is a hub connected to the switch.

    CAM entries timeout so if the devuice is removed it will not remain in
    the CAM table
     
    Merv, May 1, 2006
    #2
    1. Advertising

  3. Chris

    Chris Guest

    Merv wrote:
    > It will recreate the table very quickly
    >
    > clear the cam table off hours if you are concerned
    >
    > You will see several MAC addresses on a port if that port is connected
    > to another switch or if there is a hub connected to the switch.
    >
    > CAM entries timeout so if the devuice is removed it will not remain in
    > the CAM table


    That's not a bad idea, I'll clear them after-hours. Don't know why I
    didn't think of that... :)

    There is a 4-port EtherChannel between the two switches, and obviously
    a whole bunch of ports are listed on those ports; but there were more
    regular ports with multiple devices than I expected. Then, of course,
    there's the challenge of going from MAC address to hostname...
     
    Chris, May 2, 2006
    #3
  4. Chris

    Roman Guest

    This should not be happening. The actual physical port on the switch
    should go into a down state when a host is disconnected and the CAM
    table should then flush all entries. When a new host is connected the
    CAM table for the port repopulates with the new MAC address. Either
    you have a hub or switch connected to the port or their is an anomoly
    with your OS. Try updating to the latest revision of your train
    (verify a valid version through your SE) and see if the problem goes
    away.
     
    Roman, May 2, 2006
    #4
  5. Chris

    Merv Guest

    If after clearing the CAM table, you find you have multiple address on
    a port where you know for sure that there is only one device, then that
    would need furhter investigation.
     
    Merv, May 2, 2006
    #5
  6. Chris

    Chris Guest

    Roman wrote:
    > This should not be happening. The actual physical port on the switch
    > should go into a down state when a host is disconnected and the CAM
    > table should then flush all entries. When a new host is connected the
    > CAM table for the port repopulates with the new MAC address. Either
    > you have a hub or switch connected to the port or their is an anomoly
    > with your OS. Try updating to the latest revision of your train
    > (verify a valid version through your SE) and see if the problem goes
    > away.


    Thanks Roman. I'll have to verify what ports have switches connected
    (there should be very few), then 'eyeball' those ports and see what is
    really connected. I do know that the version of CatOS I'm running is
    very old -- it's 6.1(4) on a Cat 4006 with 64MB of DRAM.
     
    Chris, May 2, 2006
    #6
  7. Chris

    Guest

    > but for many of the ports it shows
    > many addresses -- I guess that it caches them? I


    Much good advice already.

    Dynamic cam entries are created from the source address
    of incoming packets. By default the cam age time is 300 secs.

    Unless a packet has been received on a particular port
    with the matching source address the entry is removed after 300 secs.

    STP operations can reduce this to 15 secs.

    So:- you don't get stale entries.

    It is quite unusual but you should check that none of the entries
    are static.

    I forget now how to display the aging time in catos
    but I am sure that a search of Cisco will turn it up.
     
    , May 3, 2006
    #7
  8. Chris

    Chris Guest

    wrote:
    > Much good advice already.
    >
    > Dynamic cam entries are created from the source address
    > of incoming packets. By default the cam age time is 300 secs.
    >
    > Unless a packet has been received on a particular port
    > with the matching source address the entry is removed after 300 secs.
    >
    > STP operations can reduce this to 15 secs.
    >
    > So:- you don't get stale entries.
    >
    > It is quite unusual but you should check that none of the entries
    > are static.
    >
    > I forget now how to display the aging time in catos
    > but I am sure that a search of Cisco will turn it up.


    I'll search Cisco, thanks. I went from the 4x100Mbit EtherChannels this
    morning to a 2x1000Mbit, so hopefully it should be a little easier to
    find the devices I'm looking for.


    Chris
     
    Chris, May 3, 2006
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. fedexarg

    PIX clear ipsec missing commands

    fedexarg, Feb 25, 2004, in forum: Cisco
    Replies:
    2
    Views:
    6,344
    Diesel
    Feb 25, 2004
  2. Bob

    1760 ADSL show commands

    Bob, Apr 6, 2004, in forum: Cisco
    Replies:
    0
    Views:
    509
  3. John

    WIC-1ADSL & Show Commands

    John, Sep 23, 2004, in forum: Cisco
    Replies:
    1
    Views:
    540
    Ronald de Leeuw
    Sep 23, 2004
  4. ccunning001
    Replies:
    0
    Views:
    424
    ccunning001
    Oct 25, 2006
  5. Mohammed Alani
    Replies:
    6
    Views:
    655
    Mohammed Alani
    May 2, 2007
Loading...

Share This Page