Troubleshooting Switching Tables
If you see strange behavior in a Catalyst switch, it might be useful to examine the contents of the various switching tables. In any event, you might, at times, need to find out on which switch port a specific MAC address has been learned.
CAM Table Operation
To view the contents of the CAM table, you can use the following EXEC command:
Switch# show mac address-table dynamic [address mac-address | interface type mod/num | vlan vlan-id]
The entries that have been dynamically learned will be shown. You can add the address keyword to specify a single MAC address, or the interface or vlan keywords to see addresses that have been learned on a specific interface or VLAN.
For example, assume you need to find the learned location of the host with MAC address 0050.8b11.54da. The show mac address-table dynamic address 0050.8b11.54da command might produce the output in Example 3-1.
Example 3-1 Determining Host Location by MAC Address
Switch# show mac address-table dynamic address 0050.8b11.54da Mac Address Table ------------------------------------------ Vlan Mac Address Type Ports ---- ----------- ---- ----- 54 0050.8b11.54da DYNAMIC Fa0/1 Total Mac Addresses for this criterion: 1 Switch#
From this, you can see that the host is somehow connected to interface FastEthernet 0/1, on VLAN 54.
Suppose this same command produced no output for the interface and VLAN. What might that mean? Either the host has not sent a frame that the switch can use for learning its location, or something odd is going on. Perhaps, the host is using two network interface cards (NICs) to load balance trafficone NIC is only receiving traffic while the other is only sending. Therefore, the switch never hears and learns the receiving-only NIC address.
To see the CAM table's size, use the show mac address-table count command. MAC address totals are shown for each active VLAN on the switch. This can give you a good idea about the size of the CAM table and how many hosts are using the network. Be aware that many MAC addresses can be learned on a switch's uplink ports.
CAM table entries can be manually cleared, if needed, by using the following EXEC command:
Switch# clear mac address-table dynamic [address mac-address | interface type mod/num | vlan vlan-id]
Frequently, you will need to know where a user with a certain MAC address is connected. In a large network, discerning at which switch and switch port a MAC address can be found might be difficult. Start out at the network's center, or core, and display the CAM table entry for the MAC address. Look at the switch port shown in the entry and move to the neighboring switch connected to that port. Then, repeat the CAM table process. Keep moving from switch to switch until you reach the edge of the network where the MAC address connects.
The TCAM in a switch is more or less self-sufficient. Access lists are automatically compiled or merged into the TCAM, so there is nothing to configure. The only concept you need to be aware of is how the TCAM resources are being used.
TCAMs have a limited number of usable mask, value pattern, and LOU entries. If access lists grow to be large, or many Layer 4 operations are needed, the TCAM tables and registers can overflow. To see the current TCAM resource usage, use the show tcam counts EXEC command. To see the current TCAM partitioning, you can use the show sdm prefer EXEC command. You can repartition the TCAM with some configuration commands, but that is beyond the scope of this book.