No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Because of mac-limit makes S2700 cannot learn MAC address

Publication Date:  2013-07-15 Views:  207 Downloads:  0
Issue Description
Customer has one S2700, which one server connects to. They found that there is no MAC address under that interface. Configuration under that interface is below:
interface Ethernet0/0/22
port hybrid tagged vlan 1999
mac-limit maximum 1 alarm disable
stp disable
undo ntdp enable
undo ndp enable
dhcp snooping check dhcp-request enable 
dhcp snooping check dhcp-chaddr enable  
multicast-suppression 1 
broadcast-suppression 1
Alarm Information
None
Handling Process
Check the configuration.  We confirmed that it's a normal behavior for S2700 switch not to populate the CAM table when the packet was dropped by switch at layer 3 due to mismatch with DHCP-Snooping static user-bind, and the mac-limit maximum 1 alarm disable is configured at switch port.
The mac-limit maximum 1 alarm disable command makes a difference. Once it's used at a port, in combination with ip source check user-bind enable and DHCP-Snooping static user-bind, the matched source packet will be sent to CPU for MAC address learning, MAC learning can goes normally, and for those mismatched source packets, they will be dropped before they can be sent to CPU for MAC learning, thusly, no CAM table will be populated.
If the mac-limit maximum 1 alarm disable command is removed from port configuration, then MAC learning will be done by ASIC chips rather than the CPU, and even for those mismatched source packets, the MAC learning will be done by ASIC chips before they were dropped, thusly, MAC table will still be populated.
Root Cause
1.Configuration Problem.
2.Software Problem.
Suggestions
None

END