I'm working on a rather small Layer 2 network segment that contains a physical loop. (I have included a picture of the topology below). The core switches are stacked 3850s. The other switches are SG300 series small business switches.
The links between all switches are trunks that allow vlans 1,503,508,590
Spanning-tree seems to be functioning as expected and the interface on SW3 that connects to SW4 is put into a blocking state.
The problem I have is that the core switch periodically logs a MAC Flap event between the links to SW1 and SW2.
%SW_MATM-4-MACFLAP_NOTIF: Host 00eb.d5f2.0b9a in vlan 1 is flapping between port Po1 and port Po2
The offending MAC address seems to be a Cisco MAC (Possible one assigned to a port group?) however I am unable to physically locate the switch to which it belongs. When I remove the loop, The Core says the MAC is available through Po2 (The link to SW2), however SW2 says the MAC is available through Po1 (The uplink to the Core).
My questions are:
How can I determine which switch this MAC address actually belongs too?
What might be causing this periodic flap between ports?
Here is the current configuration for all switch-to-switch links as well as a the full mac address table for each switch.
Core Switch interface configurations:
interface GigabitEthernet1/1/1
description Po1 Member1
switchport trunk allowed vlan 1,503,508,590
switchport mode trunk
switchport nonegotiate
channel-group 1 mode active
end
!
interface GigabitEthernet1/1/2
description Po2 Member1
switchport trunk allowed vlan 1,503,508,590
switchport mode trunk
switchport nonegotiate
channel-group 2 mode active
end
!
interface GigabitEthernet2/1/1
description Po1 Member2
switchport trunk allowed vlan 1,503,508,590
switchport mode trunk
switchport nonegotiate
channel-group 1 mode active
end
!
interface GigabitEthernet2/1/2
description Po2 Member2
switchport trunk allowed vlan 1,503,508,590
switchport mode trunk
switchport nonegotiate
channel-group 2 mode active
end
!
interface Port-channel1
description SW1 Uplink
switchport trunk allowed vlan 1,503,508,590
switchport mode trunk
switchport nonegotiate
end
!
interface Port-channel2
description SW2 Uplink
switchport trunk allowed vlan 1,503,508,590
switchport mode trunk
switchport nonegotiate
end
SW1 interface configurations:
interface gigabitethernet51
channel-group 1 mode auto
!
interface gigabitethernet52
channel-group 1 mode auto
!
interface Port-channel1
description "Core Uplink"
switchport trunk allowed vlan add 503,508,590
!
interface gigabitethernet50
description "Uplink to SW3"
switchport trunk allowed vlan add 503,508,590
!
SW2 interface configurations:
interface gigabitethernet51
channel-group 1 mode auto
!
interface gigabitethernet52
channel-group 1 mode auto
!
interface Port-channel1
description "Core Uplink"
switchport trunk allowed vlan add 503,508,590
!
interface gigabitethernet50
description "Uplink to SW4"
switchport trunk allowed vlan add 503,508,590
!
SW3 interface configurations:
interface gigabitethernet49
description "UPLNK to SW4"
switchport trunk allowed vlan add 503,508,590
!
interface gigabitethernet50
description "UPLINK TO SW1"
switchport trunk allowed vlan add 503,508,590
!
SW4 interface configurations:
interface gigabitethernet49
description "UPLNK to SW3"
switchport trunk allowed vlan add 503,508,590
!
interface gigabitethernet50
description "UPLINK TO SW2"
switchport trunk allowed vlan add 503,508,590
!
Core Switch MAC Table for 00eb.d5f2.0b9a
:
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 00eb.d5f2.0b9a DYNAMIC Po1
SW1 MAC Table for 00:eb:d5:f2:0b:9a
:
Vlan Mac Address Port Type
------------ --------------------- ---------- ----------
1 00:eb:d5:f2:0b:9a gi50 dynamic
SW2 MAC Table for 00:eb:d5:f2:0b:9a
:
Vlan Mac Address Port Type
------------ --------------------- ---------- ----------
1 00:eb:d5:f2:0b:9a Po1 dynamic
503 00:eb:d5:f2:0b:9a Po1 dynamic
508 00:eb:d5:f2:0b:9a Po1 dynamic
590 00:eb:d5:f2:0b:9a Po1 dynamic
SW3 MAC Table for 00:eb:d5:f2:0b:9a
:
Vlan Mac Address Port Type
------------ --------------------- ---------- ----------
SW4 MAC Table for 00:eb:d5:f2:0b:9a
:
Vlan Mac Address Port Type
------------ --------------------- ---------- ----------
1 00:eb:d5:f2:0b:9a gi50 dynamic
503 00:eb:d5:f2:0b:9a gi50 dynamic
508 00:eb:d5:f2:0b:9a gi50 dynamic
590 00:eb:d5:f2:0b:9a gi50 dynamic
show cdp nei for 'core switch':
Device ID Local Intrfce Holdtme Capability Platform Port ID
SW2
Gig 2/1/2 146 S I SG300-52 gi52
SW2
Gig 1/1/2 146 S I SG300-52 gi51
SW1
Gig 2/1/1 123 S I SG300-52 gi52
SW1
Gig 1/1/1 123 S I SG300-52 gi51
With much assistance from Ron Maupin in the comments I was able to resolve this by following one of his initial suggestions; Completely disabling DTP.
The SG300 switches do not support DTP and all trunks are run with
Switchport mode trunk
by default. After adding the lineswitchport nonegotiate
to the port groups from the Core down to SW1 & SW2 then the flapping stopped occurring.I tested this by enabling DTP again (By removing the
switchport nonegotiate
) command, and the flapping returned.I do not fully understand why DTP on the core switches was causing this. Perhaps DTP frames were being forwarded by the access switches rather than being dropped? If anyone can shed any light why this fix worked then that would be much appreciated.