networking
network_error
ai_generated
true
MAC address flapping detected: 00:1a:2b:3c:4d:5e between ports Gi0/1 and Gi0/2
ID: networking/mac-address-flapping-detected
85%Fix Rate
88%Confidence
1Evidence
2023-11-20First Seen
Version Compatibility
| Version | Status | Introduced | Deprecated | Notes |
|---|---|---|---|---|
| Cisco IOS 15.2 | active | — | — | — |
| Juniper JunOS 22.1 | active | — | — | — |
| Linux bridge 5.10 | active | — | — | — |
Root Cause
The same MAC address is being learned on two different switch ports, typically due to a network loop, a misconfigured bridge, or a rogue device (e.g., a malicious DHCP server) causing the switch to constantly update its forwarding table.
generic中文
同一个MAC地址在两个不同的交换机端口上被学习到,通常由网络环路、桥接配置错误或恶意设备(如伪造DHCP服务器)导致,使交换机不断更新其转发表。
Official Documentation
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750/software/release/12-2_55_se/configuration/guide/scg3750/swmac.htmlWorkarounds
-
90% success Enable Spanning Tree Protocol (STP) on the switch to detect and block loops: `spanning-tree vlan 1` (Cisco) or `set protocols rstp` (Juniper).
Enable Spanning Tree Protocol (STP) on the switch to detect and block loops: `spanning-tree vlan 1` (Cisco) or `set protocols rstp` (Juniper).
-
85% success Identify the rogue device by checking the MAC address OUI and physically tracing the cable; then isolate the port with `shutdown` and reconfigure the network.
Identify the rogue device by checking the MAC address OUI and physically tracing the cable; then isolate the port with `shutdown` and reconfigure the network.
-
75% success Configure a static MAC address entry on the correct port to prevent flapping: `mac address-table static 00:1a:2b:3c:4d:5e vlan 1 interface Gi0/1`
Configure a static MAC address entry on the correct port to prevent flapping: `mac address-table static 00:1a:2b:3c:4d:5e vlan 1 interface Gi0/1`
中文步骤
Enable Spanning Tree Protocol (STP) on the switch to detect and block loops: `spanning-tree vlan 1` (Cisco) or `set protocols rstp` (Juniper).
Identify the rogue device by checking the MAC address OUI and physically tracing the cable; then isolate the port with `shutdown` and reconfigure the network.
Configure a static MAC address entry on the correct port to prevent flapping: `mac address-table static 00:1a:2b:3c:4d:5e vlan 1 interface Gi0/1`
Dead Ends
Common approaches that don't work:
-
95% fail
This is a temporary fix; the flapping will recur immediately if the underlying loop or misconfiguration is not resolved.
-
80% fail
This ignores the problem; the flapping can cause network instability, packet loss, and even broadcast storms if a loop exists.
-
70% fail
This does not prevent the flapping; it only reduces the frequency of log messages, and can lead to stale entries.