Yep, true. I figured because this is his FW that it was likely getting
traffic to and from. I am not sure which command Mark is trying to use ...
was he using the show mac address command on a L3 port?
On Mon, Sep 14, 2009 at 2:37 PM, Joe Astorino <jastorino_at_ipexpert.com>wrote:
> I have seen this. In my experience, sometimes what you will have is the
> mac-address-table entry for that particular port will time out because there
> is no traffic on it. When you then ping the device the mac is re-added to
> the mac table
>
>
> On Mon, Sep 14, 2009 at 10:07 AM, ALL From_NJ <all.from.nj_at_gmail.com>wrote:
>
>> Hope this is not a production network ... ;-)
>>
>> Mark, is this a L3 port? My guess is that it is ... If possible, ping the
>> fw from the switch and then check the arp table via the show ip arp
>> command.
>>
>> If your switch does not have a way to ping the FW, and IF IT IS a
>> production
>> network, then don't change a thing on the switch. ;-) ... lol
>>
>> Ping the FW interface from another device and you will be able to see the
>> MAC add. HTH,
>>
>> Andrew
>>
>>
>>
>> On Mon, Sep 14, 2009 at 9:02 AM, Iwan Hoogendoorn <iwan_at_ipexpert.com>
>> wrote:
>>
>> > Hi,
>> >
>> > What will happen if you plug a laptop in the same switchport you have
>> > the firewall on and you do a show mac-address-table on the switch?
>> >
>> >
>> > --
>> > Regards,
>> >
>> > Iwan Hoogendoorn
>> > CCIE #13084 (R&S / Security / SP)
>> > Sr. Support Engineer IPexpert, Inc.
>> > URL: http://www.IPexpert.com
>> >
>> >
>> > On Mon, Sep 14, 2009 at 11:15 AM, Mark Stephanus Chandra
>> > <mark.chandra_at_gmail.com> wrote:
>> > > Dear GS,
>> > >
>> > >
>> > >
>> > >
>> > >
>> > > Have you guys ever experienced that you found traffic in one of your
>> > > switchport but there is no mac-address destinate on it.
>> > >
>> > >
>> > >
>> > > It happens on my switch , one of the switchport facing to a standby
>> > firewall
>> > > keep generate traffic, but actually there is no mac-address learn via
>> > that
>> > > port.
>> > >
>> > >
>> > >
>> > > The firewall is netscreen, have any idea what is the possible
>> explanation
>> > of
>> > > this problem ?
>> > >
>> > >
>> > >
>> > >
>> > >
>> > > Regards
>> > >
>> > > Mark Stephanus Chandra - CCIE#23887
>> > > IT Consultant
>> > >
>> > >
>> > > Blogs and organic groups at http://www.ccie.net
>> > >
>> > >
>> _______________________________________________________________________
>> > > Subscription information may be found at:
>> > > http://www.groupstudy.com/list/CCIELab.html
>> >
>> >
>> > Blogs and organic groups at http://www.ccie.net
>> >
>> > _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>>
>>
>> --
>> Andrew Lee Lissitz
>> all.from.nj_at_gmail.com
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> Regards,
>
> Joe Astorino - CCIE #24347 R&S
> Technical Instructor - IPexpert, Inc.
> Cell: +1.586.212.6107
> Fax: +1.810.454.0130
> Mailto: jastorino_at_ipexpert.com
>
-- Andrew Lee Lissitz all.from.nj_at_gmail.com Blogs and organic groups at http://www.ccie.netReceived on Mon Sep 14 2009 - 15:20:22 ART
This archive was generated by hypermail 2.2.0 : Sun Oct 04 2009 - 07:42:03 ART