The switch will only timeout the mac table entry if the host has failed to generate a single valid frame over the timeout period. The switch will then broadcast the first frame destined to the host and re-learn the host mac based on its response.
The ongoing broadcasts should only happen if the mac address in the router's cache is no longer valid and does not exist on the network. McLean -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric Spaeth Sent: Monday, July 02, 2007 1:04 PM To: [email protected] Subject: Re: [c-nsp] Unicast storms If you have HSRP enabled on layer-3 switches, make sure that the mac-address-table aging-time is set to 14400 seconds or better so that it will not age out before the ARP entry for any given host. The problem with HSRP is that both the standby and active router can forward traffic into the VLAN, but only the HSRP active receives the return traffic. There are many configurations where the only unicast traffic (which is required to populate the mac-address-table) the HSRP standby will receive from a host is the direct response to an ARP request every 4 hours. With the default mac-aging time of 300 seconds, that means that your HSRP standby switch/router would potentially only have a valid layer-2 forwarding interface defined for 5 minutes after an ARP is completed to the host. After 5 minutes, the router still maintains the ARP entry so it knows which MAC to address the traffic to, but when it gets sent to the layer-2 portion of the switch the mac-address-table interface mapping is gone so the switch is forced to flood the frame out to all interfaces on the VLAN. This flooding will continue for the next 3 hours and 55 minutes until the HSRP standby router issues another ARP request for the host. -Eric Vincent De Keyzer wrote: > The configured treshhold is quite high (10% - that's 100 Mbps on GigE > ports!...). > > > > I believe there is something wrong - where do I start troubleshooting this? > > _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
