ARP & mac-address table chaotic cleaning

[Bras]

ARP-table and mac-address table are very often cleaned.

soft 6.3.1 and 6.2.1

Ports do not go down, the STP, SPF is not recalculated. Have any ideas?

config

! Chassis :
system name ****
system location
system timezone
! Configuration:
! VLAN :
vlan 1 disable
vlan 3 enable name "Core"
vlan 200 enable name "Ring1-mgmt"
vlan 202 enable name "Ring2-mgmt"
vlan 203 enable name "Ring3-mgmt"
vlan 204 enable name "Ring4-mgmt"
vlan 205 enable name "Ring5-mgmt"
vlan 206 enable name "Ring6-mgmt"
vlan 207 enable name "Ring7-mgmt"
vlan 300 enable name "Ring1-Internet"
vlan 303 enable name "Ring3-Internet"
vlan 304 enable name "Ring4-Internet"
vlan 305 enable name "Ring5-Internet"
vlan 306 enable name "Ring6-Internet"
vlan 307 enable name "Ring7-Internet"
vlan 401 enable name "Ring1-VOIP"
vlan 403 enable name "Ring3-VOIP"
vlan 404 enable name "Ring4-VOIP"
vlan 405 enable name "Ring5-VOIP"
vlan 406 enable name "Ring6-VOIP"
vlan 407 enable name "Ring7-VOIP"
vlan 501 enable name "Ring1-UPS"
vlan 502 enable name "Ring2-UPS"
vlan 503 enable name "Ring3-UPS"
vlan 504 enable name "Ring4-UPS"
vlan 505 enable name "Ring5-UPS"
vlan 506 enable name "Ring6-UPS"
vlan 507 enable name "Ring7-UPS"
vlan 600 enable name "Ring2-VOIP-GW"
vlan 601 enable name "VLAN 601"
! VLAN SL:
! IP :
ip service ftp
no ip service ssh
ip service telnet
ip service udp-relay
ip service http
ip service network-time
ip service snmp
no ip service avlan-telnet
no ip service avlan-http
no ip service avlan-secure-http
no ip service secure-http
no ip service avlan-http-proxy
icmp unreachable net-unreachable disable
ip interface "Ring1-mgmt" address **** mask 255.255.255.224 vlan 200 ifindex 1
ip interface "Ring2-mgmt" address ***** mask 255.255.255.224 vlan 202 ifindex 2
ip interface "core" address ***** mask 255.255.255.240 vlan 3 ifindex 3
ip interface "Ring1-Internet" address **** mask 255.255.248.0 vlan 300 ifindex 4
ip interface "Ring3-mgmt" address ********** mask 255.255.255.224 vlan 203 ifindex 5
ip interface "Ring4-mgmt" address ************ mask 255.255.255.224 vlan 204 ifindex 6
ip interface "Ring3-Internet" address *********** mask 255.255.248.0 vlan 303 ifindex 7
ip interface "Ring4-Internet" address *********1 mask 255.255.248.0 vlan 304 ifindex 8
ip interface "Ring2-VOIP MP-124" address ******1 mask 255.255.255.248 vlan 601 ifindex 9
ip interface "Ring2-Voice" address **********mask 255.255.255.248 vlan 600 ifindex 10
ip interface "Ring1-VOIP" address ******** mask 255.255.255.224 vlan 401 ifindex 11
ip interface "Ring3-VOIP" address ********* mask 255.255.255.224 vlan 403 ifindex 12
ip interface "Ring4-VOIP" address mask 255.255.255.224 vlan 404 ifindex 13
ip interface "Ring1-UPS" address mask 255.255.255.224 vlan 501 ifindex 14
ip interface "Ring2-UPS" address mask 255.255.255.224 vlan 502 ifindex 15
ip interface "Ring3-UPS" address mask 255.255.255.224 vlan 503 ifindex 16
ip interface "Ring4-UPS" address mask 255.255.255.224 vlan 504 ifindex 17
ip interface "Ring5-UPS" address mask 255.255.255.224 vlan 505 ifindex 18
ip interface "Ring6-UPS" address mask 255.255.255.224 vlan 506 ifindex 19
ip interface "Ring7-UPS" address mask 255.255.255.224 vlan 507 ifindex 20
ip interface "Ring5-mgmt" address mask 255.255.255.224 vlan 205 ifindex 21
ip interface "Ring6-mgmt" address mask 255.255.255.224 vlan 206 ifindex 22
ip interface "Ring7-mgmt" address mask 255.255.255.224 vlan 207 ifindex 23
ip interface "Ring5-VOIP" address mask 255.255.255.224 vlan 405 ifindex 24
ip interface "Ring6-VOIP" address mask 255.255.255.224 vlan 406 ifindex 25
ip interface "Ring7-VOIP" address mask 255.255.255.224 vlan 407 ifindex 26
ip interface "Ring5-Internet" address mask 255.255.248.0 vlan 305 ifindex 27
ip interface "Ring6-Internet" address mask 255.255.248.0 vlan 306 ifindex 28
ip interface "Ring7-Internet" address 1 mask 255.255.248.0 vlan 307 ifindex 29
ip interface "Loopback0" address 172.2
! IPX :
! IPMS :
! AAA :
aaa authentication default "local"
aaa authentication console "local"
aaa authentication telnet "local"
aaa authentication ftp "local"
aaa authentication http "local"
! PARTM :
! AVLAN :
! 802.1x :
! QOS :
qos trust ports
qos apply
! Policy manager :
! Session manager :
session timeout cli 5
session prompt default "ag1>"
! SNMP :
snmp security no security
snmp community map "" user "t" on
snmp community map " user " on
snmp station 162 "monrolstat" v2 enable
snmp station 3 162 "snmp_user" v2 enable
! RIP :
! OSPF :
ip load ospf
ip ospf area 0.0.0.0
ip ospf interface "core"
ip ospf interface "core" area 0.0.0.0
ip ospf interface "core" status enable
ip ospf status enable
! ISIS :
! BGP :
! IP multicast :
! IPv6 :
ip router router-id ******
ip route-map local-to-ospf sequence-number 50 action permit
ip redist local into ospf route-map local-to-ospf status enable
! RIPng :
! OSPF3 :
! Health monitor :
! Interface :
interfaces 1/1 alias "RING1"
interfaces 1/2 alias "RING1"
interfaces 1/3 alias "RING3"
interfaces 1/4 alias "RING3"
interfaces 1/5 alias "RING4"
interfaces 1/6 alias "RING4"
interfaces 1/7 alias "RING5"
interfaces 1/8 alias "RING5"
interfaces 1/9 alias "RING6"
interfaces 1/10 alias "RING6"
interfaces 1/11 alias "RING7"
interfaces 1/12 alias "RING7"
interfaces 1/23 alias "RING2, MP-124 (VOIP)"
interfaces 1/24 alias "UPLINK"
interfaces 1/24 hybrid copper duplex full
interfaces 1/24 hybrid copper autoneg disable
interfaces 1/9 admin down
interfaces 1/10 admin down
interfaces 1/11 admin down
interfaces 1/12 admin down
interfaces 1/13 admin down
interfaces 1/14 admin down
interfaces 1/15 admin down
interfaces 1/16 admin down
interfaces 1/17 admin down
interfaces 1/18 admin down
interfaces 1/19 admin down
interfaces 1/20 admin down
interfaces 1/21 admin down
interfaces 1/22 admin down
! Port Mapping :
! Link Aggregate :
! VLAN AGG:
! 802.1Q :
vlan 200 802.1q 1/1 "Ring1-mgmt via 1/1"
vlan 300 802.1q 1/1 "Ring1-Internet via 1/1"
vlan 401 802.1q 1/1 "Ring1-VOIP via 1/1"
vlan 501 802.1q 1/1 "Ring1-UPS via 1/1"
vlan 200 802.1q 1/2 "Ring1-mgmt via 1/2"
vlan 300 802.1q 1/2 "Ring1-Internet via 1/2"
vlan 401 802.1q 1/2 "Ring1-VOIP via 1/2"
vlan 501 802.1q 1/2 "Ring1-UPS via 1/2"
vlan 203 802.1q 1/3 "Ring3-mgmt via 1/3"
vlan 303 802.1q 1/3 "Ring3-Internet via 1/3"
vlan 403 802.1q 1/3 "Ring3-VOIP via 1/3"
vlan 503 802.1q 1/3 "Ring3-UPS via 1/3"
vlan 203 802.1q 1/4 "Ring3-mgmt via 1/4"
vlan 303 802.1q 1/4 "Ring3-Internet via 1/4"
vlan 403 802.1q 1/4 "Ring3-VOIP via 1/4"
vlan 503 802.1q 1/4 "Ring3-UPS via 1/4"
vlan 204 802.1q 1/5 "Ring4-mgmt via 1/5"
vlan 304 802.1q 1/5 "Ring4-Internet via 1/5"
vlan 404 802.1q 1/5 "Ring4-VOIP via 1/5"
vlan 504 802.1q 1/5 "Ring4-UPS via 1/5"
vlan 204 802.1q 1/6 "Ring4-mgmt via 1/6"
vlan 304 802.1q 1/6 "Ring4-Internet via 1/6"
vlan 404 802.1q 1/6 "Ring4-VOIP via 1/6"
vlan 504 802.1q 1/6 "Ring4-UPS via 1/6"
vlan 205 802.1q 1/7 "Ring5-mgmt via 1/7"
vlan 305 802.1q 1/7 "Ring5-Internet via 1/7"
vlan 405 802.1q 1/7 "Ring5-VOIP via 1/7"
vlan 505 802.1q 1/7 "Ring5-UPS via 1/7"
vlan 205 802.1q 1/8 "Ring5-mgmt via 1/8"
vlan 305 802.1q 1/8 "Ring5-Internet via 1/8"
vlan 405 802.1q 1/8 "Ring5-VOIP via 1/8"
vlan 505 802.1q 1/8 "Ring5-UPS via 1/8"
vlan 206 802.1q 1/9 "Ring6-mgmt via 1/9"
vlan 306 802.1q 1/9 "Ring6-Internet via 1/9"
vlan 406 802.1q 1/9 "Ring6-VOIP via 1/9"
vlan 506 802.1q 1/9 "Ring6-UPS via 1/9"
vlan 206 802.1q 1/10 "Ring6-mgmt via 1/10"
vlan 306 802.1q 1/10 "Ring6-Internet via 1/10"
vlan 406 802.1q 1/10 "Ring6-VOIP via 1/10"
vlan 506 802.1q 1/10 "Ring6-UPS via 1/10"
vlan 207 802.1q 1/11 "Ring7-mgmt via 1/11"
vlan 307 802.1q 1/11 "Ring7-Internet via 1/11"
vlan 407 802.1q 1/11 "Ring7-VOIP via 1/11"
vlan 506 802.1q 1/11 "Ring6-UPS via 1/11"
vlan 207 802.1q 1/12 "Ring7-mgmt via 1/12"
vlan 307 802.1q 1/12 "Ring7-Internet via 1/12"
vlan 407 802.1q 1/12 "Ring7-VOIP via 1/12"
vlan 507 802.1q 1/12 "Ring7-UPS via 1/12"
vlan 507 802.1q 1/13 "Ring7-UPS via 1/13"
vlan 202 802.1q 1/23 "Ring2-mgmt via 1/23"
vlan 300 802.1q 1/23 "TAG PORT 1/23 VLAN 300"
vlan 502 802.1q 1/23 "TAG PORT 1/23 VLAN 502"
vlan 600 802.1q 1/23 "Ring2-Voice via 1/23"
vlan 601 802.1q 1/23 "TAG PORT 1/23 VLAN 601"
vlan 3 802.1q 1/24 "CORE via 1/24, VLAN 3"
! Spanning tree :
bridge mode flat
bridge 1 priority 4096
! Bridging :
! Bridging :
! Port mirroring :
! UDP Relay :
ip helper address ******
ip helper address *******
ip helper forward delay 0
ip helper maximum hops 10
ip helper boot-up enable
! Server load balance :
! System service :
ip domain-name golden.ru
swlog appid STP level debug3
! SSH :
! VRRP :
! Web :
! AMAP :
! Lan Power :
! NTP :
ntp server ********* key 0 version 4 minpoll 6
ntp client enable
! RDP :
! Ethernet-OAM :
! VLAN STACKING:

[benny]

Hi,

Please let us know which kind of devices you have in the ring. Do you have the OS6850 as core and OS6200 in the ring?

Generate the following output on the OS6850

Switch-> dshell
dshell->stpni_printStats

In case that the devices in the ring are OS6200, did you configure the ports as "fast forward" aka "port fast"?

[Bras]

OS6200 in the ring ==== yes
I don`t use port fast (in the STP-configuration) on 6224 and 6850


In the soft 6.1.5 this problem is actual

Working: [Kernel]->stpni_printStats

------------------------------------------------------------------------------------
RX | TX | AGGR BPDU
PORT Bpdu RBpdu Flg80 Flg01 TCN | Bpdu RBpdu Flg80 Flg01 TCN | Rx Tx
------------------------------------------------------------------------------------
x17: 0 0 0 0 0 0 190 0 0 0 0 0
x16: 0 5 0 5 0 0 211 0 44 0 0 0
x07: 0 2 0 2 0 0 204 0 46 0 0 0
x06: 0 10 0 9 0 0 202 0 40 0 0 0
x04: 0 3 0 3 0 0 205 0 46 0 0 0
x02: 0 32 0 32 0 0 189 0 16 0 0 0
x01: 0 2 0 2 0 0 204 0 46 0 0 0
x00: 0 3 0 3 0 0 205 0 46 0 0 0
------------------------------------------------------------------------------------
value = 1 = 0x1
Working: [Kernel]->stpni_printStats

------------------------------------------------------------------------------------
RX | TX | AGGR BPDU
PORT Bpdu RBpdu Flg80 Flg01 TCN | Bpdu RBpdu Flg80 Flg01 TCN | Rx Tx
------------------------------------------------------------------------------------
x17: 0 0 0 0 0 0 198 0 0 0 0 0
x16: 0 5 0 5 0 0 223 0 52 0 0 0
x07: 0 2 0 2 0 0 216 0 54 0 0 0
x06: 0 10 0 9 0 0 214 0 48 0 0 0
x04: 0 3 0 3 0 0 217 0 54 0 0 0
x02: 0 40 0 40 0 0 197 0 16 0 0 0
x01: 0 2 0 2 0 0 216 0 54 0 0 0
x00: 0 3 0 3 0 0 217 0 54 0 0 0
------------------------------------------------------------------------------------
value = 1 = 0x1
Working: [Kernel]->

[Bras]

soft 6.2.1

Certified: [Kernel]->stpni_printStats

-----------------------------------------------------------------
RX | TX | AGGR BPDU
PORT Bpdu RBpdu Flg80 Flg01 TCN | Bpdu RBpdu Flg80 Flg01 TCN| Rx Tx
-----------------------------------------------------------------
x17: 0 0 0 0 0 0 67 0 0 0 0 0
x16: 0 3 0 3 0 0 90 0 50 0 0 0
x07: 0 6 0 6 0 0 86 0 44 0 0 0
x06: 0 3 0 3 0 0 87 0 48 0 0 0
x04: 0 5 0 5 0 0 86 0 46 0 0 0
x02: 0 39 0 39 0 0 69 0 12 0 0 0
x01: 0 3 0 3 0 0 88 0 48 0 0 0
x00: 0 2 0 2 0 0 88 0 48 0 0 0
-----------------------------------------------------------------
value = 1 = 0x1
Certified: [Kernel]->stpni_printStats

-----------------------------------------------------------------
RX | TX | AGGR BPDU
PORT Bpdu RBpdu Flg80 Flg01 TCN | Bpdu RBpdu Flg80 Flg01 TCN| Rx Tx
-----------------------------------------------------------------
x17: 0 0 0 0 0 0 83 0 0 0 0 0
x16: 0 3 0 3 0 0 106 0 50 0 0 0
x07: 0 6 0 6 0 0 102 0 44 0 0 0
x06: 0 3 0 3 0 0 103 0 48 0 0 0
x04: 0 5 0 5 0 0 102 0 46 0 0 0
x02: 0 39 0 39 0 0 85 0 12 0 0 0
x01: 0 3 0 3 0 0 104 0 48 0 0 0
x00: 0 2 0 2 0 0 104 0 48 0 0 0
-----------------------------------------------------------------
value = 1 = 0x1
Certified: [Kernel]->

[benny]

Ok,

Issue is clear. You receive a lot of TCN (Topology Change Notification) and TC (Topology Change) BPDUs from the devices on the ring.

The 6200 sends this for every user-port which is going up/down if the "port fast" is not activated.

Action plan:
- Activate "port fast" for all 6200 "user" switch ports
- Upgrade your OS6850 to the latest 6.3.1.R01 build -> 6.3.1.958.R01

Don't use 6.1.5.R01 and 6.2.1.R01! (This is not regarding the issue, just a recommendation from my side)

Let me know ...

[Bras]

OK


THANKS!!!