Mạng đang bị spanning tree loop:

Error Message C4K_EBM-4-HOSTFLAPPING:Host [mac-addr] in vlan [dec] is flapping between port [char] and port [char]

Explanation The specified host is detected as a source address on multiple ports. Normally, a host is supposed to be learned on only one port. The most common cause of this condition is spanning tree loops. All traffic from the specified host is temporarily dropped. After 15 seconds, forwarding is reenabled.

Recommended Action If the problem persists, the traffic from the problem host will continue to be dropped indefinitely.

Giải pháp là bật spanning tree lên trên các switch.

Thanks Robedan for your explaination!
I have thought about STP issue, but the problem is that the flapping port is on Nokia Firewall. So I 'm unsure about the turning-on-STP feature on Nokia FW ???????


TuanNV

I am assuming that your topology looks like this:

FW---->C4507SW------->Another SW------->To the happy land
********|**************|
********|<------------------| (Ignore the "*". Those are space holders so things would align correctly)

The loop occurs because FW sends packets to port 3/23. C4507 sends these packets to the other Catalyst out of port 3/22. The other Catalyst will send these packets back to C4507 on port 1/1 and C4507 will resend these packets to the other Catalyst switch and on and on, therefore creating a loop. By enabling STP on all the switch, you break the loop. See the new topology after enabling Spanning Tree:

FW---->C4507SW-------->Another SW-------> To the happy land
********|************* |
********|<---(Blocked)<--| (Ignore the "*". Those are space holders so things would align correctly)

So essentially, it looks more like this after the port which causes the loop is blocked:

FW---->C4507SW-------->Another SW-------> To the happy land


Of course this only works if all switches support STP and configured correctly. Another the thing you can quickly try to test the STP loop theory is physically disconnect one of the two cables between C4705 and the other Catalyst switch to break the loop and see if CPU utilization would drop. No configuration needs to be changed on the FW unless it's really really misbehaving.

If your topology doesn't look nothing like what I drew then all bets are off.

I hope this help.

cac anh oi cho em biet lam the nao lam giam nang luc cua CPU voi

giảm năng lực nghĩa là sao? Có phải em muốn cho router của em chạy chậm đi?

khong ??? y em muon giam cac su ly cua CPU de cho mang chay nhanh hon chu???EM muon biet nguyen nhan cua su tang dot bien CPU la packet loss?

nguyên nhân của packet loss có thể là do định tuyến routing sai. Em xem lại phần routing của routers nhé.

Post nay nam 2005 lau qua roi, nhung tui chi muon chia se kinh nghiem ma thui vi tui cung bi no "vat" cho toi boi trong gan 10 phut khi lan dau tien gap no (khong the telnet vao thiet bi ma chi doan mo tu bang ve cua campus roi keu IT onsite console vao de doc nhung du lieu). Neu chiu kho xem ky chi tiet cua "sh proc cpu" thi minh co the doan duoc phan nao viec gi da xay ra. Nhu trong truong hop tren, process lay nhieu cpu nhat (vi du 90%) se duoc tagged la STP (Cisco 6500, khong biet may cai khac co tagged nhu vay khong). Va neu muon chac an thi noi vao cac neighbor switches thi se biet lien neu ca hai dua tui no deu bi tinh trang giong nhau. Ngoai ra "sh int sum" cung cho minh biet cong nao nhan va chuyen du lieu nhieu nhat roi tu do tim cach khong che no.
========Anh vui lòng dùng tiếng việt có dấu =======================Thanks