On Monday, January 13, 2014 11:03:22 PM Gert Doering wrote: > Well, I had the assumption that it could be flooded > packets due to missing MAC table entries, but since I've > seen the same IP address logged both as source and > destination, I'm fairly sure there is no flooding going > on...
I have seen this issue before, where an ME3600X acting as a pure Layer 2 switch had VLAN ACL's to protect the control plane, but traffic (specifically 10/8 traffic which was MPLS-switched by adjacent routers) was being dropped by the switch when the ACL had 10/8 included. Removing the 10/8 ACE or removing the ACL entirely fixed the issue. Traffic between the switch and adjacent router was Layer 2, so it came as a surprise when the switch was acting on the payload in the Ethernet frames, using an ACL that was attached to an SVI used for management. I recall opening a case with Cisco, but I left that company and never did quite follow-up. Mark.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
