Hi,
I have set up a port on a switch to be a trunk and connected it to a packet capture. and I am seeing traffic getting flooded down this port with from a point to point conversation between two end points
44:03:a7:ae:93:00 <---> 00:1b:21:96:68:b0
on the switch I do a show mac and i see
TOR_ASH#sh mac address-table | i 68b0
310 001b.2196.68b0 DYNAMIC Po1
TOR_ASH#sh mac address-table | i 9300
1 4403.a7ae.9300 DYNAMIC Po1
10 4403.a7ae.9300 DYNAMIC Po1
18 4403.a7ae.9300 DYNAMIC Po1
101 4403.a7ae.9300 DYNAMIC Po1
310 4403.a7ae.9300 DYNAMIC Po1
500 4403.a7ae.9300 DYNAMIC Po1
520 4403.a7ae.9300 DYNAMIC Po1
666 4403.a7ae.9300 DYNAMIC Po1
1001 4403.a7ae.9300 DYNAMIC Po1
3003 4403.a7ae.9300 DYNAMIC Po1
3008 4403.a7ae.9300 DYNAMIC Po1
422 4403.a7ae.9300 DYNAMIC Po1
not unexpected and if I look down the int PO1 I know its pointing to the core switch that holds all the DFGW, and the end stations are on separate vlans.
So the question is why am i seeing the layer 2 packets flooding out of every trunk? both switches know boht source and destination mac's and it is only on a single vlan I see the issue. Not in thsi capture but I see the same issue with two devices both on vlan 310, where both end MAC's are again known to the network.
I see the flooding happing with traffic from station A to B and rom B to A and in all cases the mac addresses used are consistence.
the only thing I do know is that I am running VSS on the core switches but why would it only cause an issue on a single van? It is only flooded out of trunk ports (but every trunk on the core that does not explicitly deny vlan 310). And yes I could simply block vlan 310 on all ports and will as soon as I have worked out why it is happening.
Cheers
