Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Anthony_Kahwati
Contributor

MAC Address Troubleshooting

Hi all

I'm after a bit of help regarding mac addresses on  an appliance running R80.20.

I have 2 devices in a VSX cluster and they are LACP connected to 2 CIsco 9K's running VPC. The patching is full mesh. There is a single VPC towards one of the Checkpoint appliances and another VPC towards the other.

On the Cisco switches I am seeing the following mac address coming from our ISP on both switches:

0035.1a9c.7bc1

This is fine and makes sense 🙂

On the Cisco switches, I am also seeing the following mac address coming from the Checkpoint appliances and it seems to flap between each one but is never seen via both at the same time.

0235.1a9c.7bc1

I have gone onto both Checkpoints, and in every VS issued the following command:

netstat -an | grep 02

I see nothing remotely close to the above mac addresses in the output on either of the appliances.

I have also trawled the configuration and there is no static reference and I have looked at all interfaces on the appliances and none have even a similar address.

Can anyone point me to some commands that might help, or, even offer up what may be going on here. It seems a little too coincidental to not be related to the ISP mac address, but on the same hand, I can't find any reference.

Many thanks

Anthony

 

0 Kudos
Reply
2 Replies
Eduardo_Eiros
Contributor

Hello Anthony

I can give you some references, so maybe you can clarify the issue with TAC. It is related with Cluster Correction Layer I have seen this in a normal clusterlXL HA:

From TAC "02:xx:xx mac is being used for simple correction. There are some types of connections that need to go to CCL layer for correction such as Encrypted connections, Ike, RDP, Dynamic Routing connections, and some types of Standby's local connections. In simple correction the source mac is kept intact except for the locally administered bit. This mac is being used because the standby member believes this traffic is meant to be handled by the active. This is the mac we would expect to see if the active member was meant to handle the traffic. "

Regards

 

Anthony_Kahwati
Contributor

Hi

Thanks or the reply. We've opened a case aswell and am mentioning the steer towards CCL. The issue is that the constant flapping of the MAC between the two switches connected to the cluster is that it shuts down MAC address learning for that VLAN for 2 minutes.

I'll post back when we have an answer and resolution.

Thanks

 

0 Kudos
Reply