New SWITCH Topology, MAC Table aging-timer, and behaviors of moving cables between ports


This is the new Topology, nothing fancy or colorful yet, but we shall get there!

So after configuring R1 and R2, I figured with a flat network without VLAN’s or anything I’d just be able to ping from R2, but it timed out. It took me a moment, and fortunately just a moment to realize I had no routes anywhere so I set a default gateway on each:

R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#ip route fa0/1
%Default route without gateway, if not a point-to-point interface, may impact performance
*Aug 7 23:25:28.507: %SYS-5-CONFIG_I: Configured from console by console
Building configuration…

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to, timeout is 2 seconds:
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/4 ms

Kapow, so the lab is complete for right now with absolutely no redundancy / stacking / fiber ports, but that is definitely on the way!

Speaking of getting the fun stuff on the way, I’ll go over MAC table aging

  • The default time a MAC address will remain mapped to a port # in the table is 300 seconds by default from the last time a frame came in from that MAC

I wanted to underline that last part, because every time a frame hits the port from an existing mapping, that 300 seconds starts over of aging out. Speaking of timers for aging out, how do we change them you ask? Like this:

SW1(config)#mac address-table aging-time ?
<0-0> Enter 0 to disable aging
<10-1000000> Aging time in seconds

SW1(config)#mac address-table aging-time 300

  • Note that entering 0 at this command disables aging out – Not recommended
  • Also note that the measurement of the timer is in seconds, but always check

Two important notes to keep in mind, though using ? to check the measurement of time is always a good idea. To see the actual MAC address table you will enter the following:

SW1#sh mac address-table
Mac Address Table

Vlan Mac Address Type Ports
—- ———– ——– —–
All 0100.0ccc.cccc STATIC CPU
All 0100.0ccc.cccd STATIC CPU
All 0180.c200.0000 STATIC CPU
All 0180.c200.0001 STATIC CPU
All 0180.c200.0002 STATIC CPU
All 0180.c200.0003 STATIC CPU
All 0180.c200.0004 STATIC CPU
All 0180.c200.0005 STATIC CPU
All 0180.c200.0006 STATIC CPU
All 0180.c200.0007 STATIC CPU
All 0180.c200.0008 STATIC CPU
All 0180.c200.0009 STATIC CPU
All 0180.c200.000a STATIC CPU
All 0180.c200.000b STATIC CPU
All 0180.c200.000c STATIC CPU
All 0180.c200.000d STATIC CPU
All 0180.c200.000e STATIC CPU
All 0180.c200.000f STATIC CPU
All 0180.c200.0010 STATIC CPU
All ffff.ffff.ffff STATIC CPU
1 0017.5aa8.a609 DYNAMIC Fa1/0/7
1 001b.5336.f2cd DYNAMIC Fa1/0/7
1 001e.f797.f14b DYNAMIC Fa1/0/9
1 5897.1eab.c803 DYNAMIC Fa1/0/1
Total Mac Addresses for this criterion: 24

Wooooooah! So imagine if we had those 20 CPU addresses on top of all the MAC’s learned from an enterprise network, it could get overwhelming quickly, however there is a shortcut to finding the port #.

I work remotely a lot and cannot see the devices, so if it is a Cisco network environment running CDP, its not difficult to make a Topology (or at least get an idea of what attaches to what) using CDP and the MAC table.

So first I’d use CDP:

SW1#sh cdp nei
Capability Codes: R – Router, T – Trans Bridge, B – Source Route Bridge
S – Switch, H – Host, I – IGMP, r – Repeater, P – Phone,
D – Remote, C – CVTA, M – Two-port Mac Relay

Device ID Local Intrfce Holdtme Capability Platform Port ID
SW2 Fas 1/0/1 158 S I WS-C3750V Fas 1/0/1

SW3 Fas 1/0/7 131 S I WS-C3560- Fas 0/7

R1 Fas 1/0/9 149 R S I 1841 Fas 0/1


Great information, you have the Switch names, the remote port #’s, models, capabilities, I wish every network device ran this protocol securely. However they don’t, but when you are in a pinch, remember to give “sh cdp nei” a try (and “sh cdp nei det” for all info) when you need to remotely create the Topology.

That being said, I’d like to know the MAC address of R1 for whatever reason, so instead of finding it in the entire table I can just issue the following command like with ROUTE studies:

SW1#sh mac address-table | i 1/0/9
1 001e.f797.f14b DYNAMIC Fa1/0/9

There it be, also to skip the CPU MAC table entries you can issue this command as well:

SW1#sh mac address-table dynamic
Mac Address Table

Vlan Mac Address Type Ports
—- ———– ——– —–
1 0017.5aa8.a609 DYNAMIC Fa1/0/7
1 001b.5336.f2cd DYNAMIC Fa1/0/7
1 001e.f797.f14b DYNAMIC Fa1/0/9
1 5897.1eab.c803 DYNAMIC Fa1/0/1
Total Mac Addresses for this criterion: 4

Much better for our little lab, but wanted to demonstrate that there WILL be some MAC’s that are embedded in that table for better or worse for the CPU.

I also wanted to note, on Routers and ASA’s to see MAC addresses I use “sh arp”, I’m not sure if there is a CCNP official command but that is what I’ve found works – That is your real world snippet of the day.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s