One S9300 uplinks with a cisco firewall via two vlanifs. The firewall works in L2 trunk mode and all interfaces belong to the default vlan. Ping another device links with the firewall from S9300, we find the reply is interrupted at intervals.
Replace S9300 with S3500 and PC, repeat the process of ping, the phenomena doesn’t appear.It indicate only S9300 can result mac flapping. Capture the packets,we find that the packet flow in the firewall but not flow out.It means the firewall blocks the packets.Because the firewall work in the layer 2 , the trouble lies in the mac address self-learning method of the firewall.S3500 has different mac address in different vlanifs, so the firewall can learn different mac address in different interface ,thus,the mac flapping doesn’t happen:However,S9300 has only one mac address in all vlanifs,so the mac flapping happens and the packets are blocked at the firewall. According to the analysis referred above, we modify the firewall configuration, assigning different vlan in different interface ,then the trouble is cleared.
The networking indicates that the S9300 uplinks with the cisco firewall via two vlanifs which are set with different vlan to separate them. However, all interfaces of the firewall belong to the same vlan.Considering S9300 has only one mac address in all vlanifs, in the default vlan, the firewall will get the same mac address in two interfaces which links with S9300 .It inevitably results in mac flapping and the packets loss.
Suggestion: Some precaution should be adopted for the device which links with S9300 to avoid mac flapping.If the device links with S9300 in more than one interface and the interfaces are assigned in the same vlan,it will result in mac flapping.