Using the 'show cam' and 'clear cam' commands

Discussion in 'Cisco' started by Chris, May 1, 2006.

  1. Chris

    Chris Guest

    I just inherited a pair of Catalyst 4000s, with roughly 80 hosts
    connected to each one. The trouble is, I have virtually no idea which
    ports are connected to where.

    I can use the 'show cam dynamic' command which gives me a list of MAC
    addresses connected to the ports, but for many of the ports it shows
    many addresses -- I guess that it caches them? I.e. I connect a host to
    port 1, then a few days later, connect a different host; and it updates
    the MAC address of the port but remembers what it used to be.

    > show cam dynamic

    (output snipped)
    1 00-0c-f1-b9-16-28 3/14 [ALL]
    1 00-0c-f1-f3-80-68 3/14 [ALL]
    1 00-0c-f1-f3-80-74 3/14 [ALL]

    I notice that there's a 'clear cam dynamic' command. If I go ahead and
    run 'clear cam dynamic', what are the implications for the network? I'm
    not using STP or anything like that, just 'regular' IP services. We
    have a large number of AppleTalk machines, if it matters (I believe STP
    has problems with AppleTalk).

    Will the switch quickly regenerate the CAM list for each port, or is it
    a time-consuming (and thus will bring my network down) process?

    Thanks!


    Chris
     
    Chris, May 1, 2006
    #1
    1. Advertisements

  2. Chris

    Merv Guest

    It will recreate the table very quickly

    clear the cam table off hours if you are concerned

    You will see several MAC addresses on a port if that port is connected
    to another switch or if there is a hub connected to the switch.

    CAM entries timeout so if the devuice is removed it will not remain in
    the CAM table
     
    Merv, May 1, 2006
    #2
    1. Advertisements

  3. Chris

    Chris Guest

    Merv wrote:
    > It will recreate the table very quickly
    >
    > clear the cam table off hours if you are concerned
    >
    > You will see several MAC addresses on a port if that port is connected
    > to another switch or if there is a hub connected to the switch.
    >
    > CAM entries timeout so if the devuice is removed it will not remain in
    > the CAM table


    That's not a bad idea, I'll clear them after-hours. Don't know why I
    didn't think of that... :)

    There is a 4-port EtherChannel between the two switches, and obviously
    a whole bunch of ports are listed on those ports; but there were more
    regular ports with multiple devices than I expected. Then, of course,
    there's the challenge of going from MAC address to hostname...
     
    Chris, May 2, 2006
    #3
  4. Chris

    Roman Guest

    This should not be happening. The actual physical port on the switch
    should go into a down state when a host is disconnected and the CAM
    table should then flush all entries. When a new host is connected the
    CAM table for the port repopulates with the new MAC address. Either
    you have a hub or switch connected to the port or their is an anomoly
    with your OS. Try updating to the latest revision of your train
    (verify a valid version through your SE) and see if the problem goes
    away.
     
    Roman, May 2, 2006
    #4
  5. Chris

    Merv Guest

    If after clearing the CAM table, you find you have multiple address on
    a port where you know for sure that there is only one device, then that
    would need furhter investigation.
     
    Merv, May 2, 2006
    #5
  6. Chris

    Chris Guest

    Roman wrote:
    > This should not be happening. The actual physical port on the switch
    > should go into a down state when a host is disconnected and the CAM
    > table should then flush all entries. When a new host is connected the
    > CAM table for the port repopulates with the new MAC address. Either
    > you have a hub or switch connected to the port or their is an anomoly
    > with your OS. Try updating to the latest revision of your train
    > (verify a valid version through your SE) and see if the problem goes
    > away.


    Thanks Roman. I'll have to verify what ports have switches connected
    (there should be very few), then 'eyeball' those ports and see what is
    really connected. I do know that the version of CatOS I'm running is
    very old -- it's 6.1(4) on a Cat 4006 with 64MB of DRAM.
     
    Chris, May 2, 2006
    #6
  7. Chris

    Guest

    > but for many of the ports it shows
    > many addresses -- I guess that it caches them? I


    Much good advice already.

    Dynamic cam entries are created from the source address
    of incoming packets. By default the cam age time is 300 secs.

    Unless a packet has been received on a particular port
    with the matching source address the entry is removed after 300 secs.

    STP operations can reduce this to 15 secs.

    So:- you don't get stale entries.

    It is quite unusual but you should check that none of the entries
    are static.

    I forget now how to display the aging time in catos
    but I am sure that a search of Cisco will turn it up.
     
    , May 3, 2006
    #7
  8. Chris

    Chris Guest

    wrote:
    > Much good advice already.
    >
    > Dynamic cam entries are created from the source address
    > of incoming packets. By default the cam age time is 300 secs.
    >
    > Unless a packet has been received on a particular port
    > with the matching source address the entry is removed after 300 secs.
    >
    > STP operations can reduce this to 15 secs.
    >
    > So:- you don't get stale entries.
    >
    > It is quite unusual but you should check that none of the entries
    > are static.
    >
    > I forget now how to display the aging time in catos
    > but I am sure that a search of Cisco will turn it up.


    I'll search Cisco, thanks. I went from the 4x100Mbit EtherChannels this
    morning to a 2x1000Mbit, so hopefully it should be a little easier to
    find the devices I'm looking for.


    Chris
     
    Chris, May 3, 2006
    #8
    1. Advertisements

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Similar Threads
  1. fedexarg

    PIX clear ipsec missing commands

    fedexarg, Feb 25, 2004, in forum: Cisco
    Replies:
    2
    Views:
    6,765
    Diesel
    Feb 25, 2004
  2. Bob

    1760 ADSL show commands

    Bob, Apr 6, 2004, in forum: Cisco
    Replies:
    0
    Views:
    661
  3. Frank Kou
    Replies:
    0
    Views:
    1,395
    Frank Kou
    Apr 12, 2004
  4. John

    WIC-1ADSL & Show Commands

    John, Sep 23, 2004, in forum: Cisco
    Replies:
    1
    Views:
    688
    Ronald de Leeuw
    Sep 23, 2004
  5. ccunning001
    Replies:
    0
    Views:
    569
    ccunning001
    Oct 25, 2006
  6. Mohammed Alani
    Replies:
    6
    Views:
    896
    Mohammed Alani
    May 2, 2007
  7. James

    Show commands

    James, Jun 20, 2007, in forum: Cisco
    Replies:
    3
    Views:
    768
    James
    Jun 23, 2007
  8. ttripp
    Replies:
    2
    Views:
    2,641
    Khalil Shatta
    Oct 19, 2010
Loading...