Check for MAC movements by enabling MAC tracking:
conf fdb mac-tracking ports all
show log counters FDB.MACTracking
If the counters show high MAC movement.
Briefly add the FDB.MACTracking.MACMove event to the logs.
configure log filter "DefaultFilter" add events "FDB.MACTracking.MACMove"
This command needs to be removed afterwards, otherwise your log will filled with only MAC move messages.
If there are still MAC moves, the above will show the actual MAC and ports that are involved.<Noti:FDB.MACTracking.MACMove> MSM-A: The MAC address <MAC ADDRESS> on VLAN "<VLAN NAME>" has moved from port 5:24 to port 2:24
<Noti:FDB.MACTracking.MACMove> MSM-A: The MAC address <MAC ADDRESS> on VLAN "<VLAN NAME>" has moved from port 5:24 to port 2:5
Find the reason for this mac-movement from the connected client and correct this.
Possible causes for this are:
- Device with a similar MAC address on different ports. (i.e port sharing on the device but not on the switch)
- Different devices with duplicate MAC addresses. As you can configure MAC addresses manually on virtual hosts it is also possible that we have such a situation.