RE: cam timer tuning

No - stp is a totally different feature. The root bridge in each vlan keeps
the network in a converged state - and that includes bpdu's that keep flowing
ever 2 seconds to keep blocking links blocking, etc.

The goal of unifying the timers is make sure no unknown unicasts flood your
network when the router has superior information it saved with its longer
default timers than the cam table.

Is this even an issue?

This is usually 1% or less of unknown unicast activity.

If you have lots of unknown unicasts from stale arp timers - I would suspect
you have other issues - like a port scan or virus looking for machines that
are not up friend.

From: Naufal Jamal [mailto:naufalccie_at_yahoo.in]
Sent: Friday, December 28, 2012 1:13 PM
To: Joseph L. Brunner; Marko Milivojevic
Cc: ccielab_at_groupstudy.com
Subject: Re: cam timer tuning

If we change the arp/cam timers to 600 secs across the entire L2 domain ie.
including csw's and asw's is there any STP reconvergence that could happen?
would we see any STP outage? I dont think there should be.

________________________________
From: Joseph L. Brunner
<joe_at_affirmedsystems.com<mailto:joe_at_affirmedsystems.com>>
To: Naufal Jamal <naufalccie_at_yahoo.in<mailto:naufalccie_at_yahoo.in>>; Marko
Milivojevic <markom_at_ipexpert.com<mailto:markom_at_ipexpert.com>>
Cc: "ccielab_at_groupstudy.com<mailto:ccielab_at_groupstudy.com>"
<ccielab_at_groupstudy.com<mailto:ccielab_at_groupstudy.com>>
Sent: Friday, 28 December 2012 11:35 PM
Subject: RE: cam timer tuning

You should unify all timers at 600 seconds.

That number is usually good to me.

thanks

-----Original Message-----
From: nobody_at_groupstudy.com<mailto:nobody_at_groupstudy.com>
[mailto:nobody_at_groupstudy.com<mailto:nobody_at_groupstudy.com>] On Behalf Of
Naufal Jamal
Sent: Friday, December 28, 2012 12:43 PM
To: Marko Milivojevic
Cc: ccielab_at_groupstudy.com<mailto:ccielab_at_groupstudy.com>
Subject: Re: cam timer tuning

Hi Marko,

Nexus ----------------trunk----------4948
Arp timer:1500 secs
                Arp timer: 4 hours
Cam timer:1800 secs Cam
timer: 300 secs

I know cam timer should be greater than arp timer to avoid flood. Should we
try to make the cam timer in 4948 more than 1500 secs or make the arp timer in
nexus less than 300 (aging arp in 300 secs ?? ) Any inputs?
________________________________
From: Marko Milivojevic
<markom_at_ipexpert.com<mailto:markom_at_ipexpert.com>>
To: Naufal Jamal <naufalccie_at_yahoo.in<mailto:naufalccie_at_yahoo.in>>
Cc:
"ccielab_at_groupstudy.com<mailto:ccielab_at_groupstudy.com>"
<ccielab_at_groupstudy.com<mailto:ccielab_at_groupstudy.com>>
Sent: Friday, 28 December
2012 10:29 PM
Subject: Re: cam timer tuning

When I've seen this in the past,
it was usually discrepancy between
host ARP and switch MAC aging timers. Try lowering timers on your switches to
be under/same as the ARP timers on hosts and see if there are any
differences.

--
Marko Milivojevic - CCIE #18427 (SP
R&S)
Senior CCIE Instructor - IPexpert
On Fri, Dec 28, 2012 at 1:40 AM,
Naufal Jamal <naufalccie_at_yahoo.in<mailto:naufalccie_at_yahoo.in>> wrote:
> Hello,
>
> We have a pair of nexus
7K's (without vpc) running HSRP and MSTP.
> They are connected to access layer
switches 4948's. whenever we bring up a new
> trunk link between Nexus 7K and
4948 we see unicast flooding caused due to
> TCN's. I am wondering if it has
something to do with the difference in cam
> aging timer in both the
platforms. Nexus (1800 secs) and 4948 (300 secs). can
> anyone put some light
here please? I am thinking that changing the aging timer
> on nexus to 300
secs should help.. any thoughts?
>
> Naufal
>
>
> Blogs and organic groups at
http://www.ccie.net<http://www.ccie.net/>
>
>