Re: spanning-tree mac flapping with native vlan changed - Page 2

gerrit.neyrinck1 · ‎09-03-2018

Hello all,

I'm currently running into some issues and the result is that we have mac-flapping between a port-channel and a normal uplink.

There's one AP connected to the switch using an Etherchannel, and the config is like this:

Switch#show run int P11

Building configuration...

Current configuration : 263 bytes

!

interface Port-channel11

switchport trunk native vlan 55

switchport mode trunk

logging event trunk-status

logging event bundle-status

logging event spanning-tree

logging event status

logging event subif-link-status

spanning-tree portfast edge trunk

end

The members of the port-channel are 2 ports (G1/0/13 - G1/0/14:

Switch#show run int G1/0/13

Building configuration...

Current configuration : 322 bytes

!

interface GigabitEthernet1/0/25

switchport trunk native vlan 55

switchport mode trunk

logging event trunk-status

logging event bundle-status

logging event spanning-tree

logging event status

spanning-tree portfast edge trunk

spanning-tree bpduguard enable

channel-protocol lacp

channel-group 1 mode active

end

Switch#show run int G1/0/26

Building configuration...

Current configuration : 322 bytes

!

interface GigabitEthernet1/0/14

switchport trunk native vlan 55

switchport mode trunk

logging event trunk-status

logging event bundle-status

logging event spanning-tree

logging event status

spanning-tree portfast edge trunk

spanning-tree bpduguard enable

channel-protocol lacp

channel-group 1 mode active

end

The issue starts when you connect the 2nd LAN interface of an Access point to this G1/0/14 interface.

After a couple of minutes, assuming broadcast traffic, things get started and network is deteriorating.

The logs show that there's mac flapping between the port-channel & the uplink to the core switch:

testswitch#show int G1/0/25 etherchannel ~~~~~~~~~
Aug 29 15:12:23.385: %SW_MATM-4-MACFLAP_NOTIF: Host a44c.c891.ea2f in vlan 1 is flapping between port Po11 and port Gi1/0/48
Aug 29 15:12:23.627: %SW_MATM-4-MACFLAP_NOTIF: Host 0050.5683.255d in vlan 1 is flapping between port Po11 and port Gi1/0/48
Aug 29 15:12:23.668: %SW_MATM-4-MACFLAP_NOTIF: Host 0017.9a54.f1b9 in vlan 1 is flapping between port Po11 and port Gi1/0/48
Aug 29 15:12:23.668: %SW_MATM-4-MACFLAP_NOTIF: Host 0050.56aa.7656 in vlan 1 is flapping between port Po11 and port Gi1/0/48

It only happens when we change the native vlan of the Access point to be VLAN 55 instead of VLAN1

We need to do this, because otherwise we have other issues with a SSID.

I have configured STP and the root is configured with Prio 0.

I've read that this could be due to misconfiguration with spanning-tree, but I don't see what we've could have configured wrong?

If we try the same setup, use the same etherchannel, between 2 switches, we don't see this issue.

When we don't use the Access Point I mean, the issues don't show.

This would rule out the fact that we might have misconfigured something.

I'm struggling with this for some time now and I'm wondering if this could be a bug or not?

Since you can find somewhat same issues:

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCut87285/?rfs=iqvred

And we have changed the firmware already a couple of times:

Cisco IOS Software, C2960X Software (C2960X-UNIVERSALK9-M), Version 15.2(2)E5, RELEASE SOFTWARE (fc2)

System image file is "flash:/c2960x-universalk9-mz.152-2.E5/c2960x-universalk9-mz.152-2.E5.bin"

Cisco IOS Software, C2960X Software (C2960X-UNIVERSALK9-M), Version 15.2(2)E6, RELEASE SOFTWARE (fc2)

System image file is "flash:/c2960x-universalk9-mz.152-2.E6/c2960x-universalk9-mz.152-2.E6.bin"

Cisco IOS Software, C2960X Software (C2960X-UNIVERSALK9-M), Version 15.2(2)E7, RELEASE SOFTWARE (fc2)

System image file is "flash:/c2960x-universalk9-mz.152-2.E7/c2960x-universalk9-mz.152-2.E7.bin"

Kind regards,

Gerrit

gerrit.neyrinck1 · ‎09-04-2018

Hi,

I don't understand what you mean. I'm only aware of the fact that you can configure L2 & L3 etherchannels?
How could you configure this than? And for what reason would this help us in this scenario?

Regards,
Gerrit

ITexpert · ‎09-04-2018

trunking works on L2 and need L2etherchannel.

I believe when you configure interface for etherchannell it act as a L3 and then you need interface on both sides. Usually port etherchannel interfaces are always configured of edge swicthes with Firewalls etc.

gerrit.neyrinck1 · ‎09-04-2018

the way to configure an etherchannel in L3 is using the no switchport command.

If I check the config on the switch it's showing me it's in L2:

Switch#show etherchannel 1 summary
Flags: D - down P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use N - not in use, no aggregation
f - failed to allocate aggregator

M - not in use, minimum links not met
m - not in use, port not aggregated due to minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
d - default port

A - formed by Auto LAG

Number of channel-groups in use: 1
Number of aggregators: 1

Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
1 Po1(SU) LACP Gi1/0/13(P) Gi1/0/14(P)

ITexpert · ‎09-04-2018

sorry, your etherchannel is already L2 as its switchport mode trunk. You need to configure same interface on AP as well and then set same native vlan.

Not sure but try configuring same native vlan on all other switch to switch uplinks