Extreme Networks

ant_uk · Thursday

Hi,

We're experiencing network disruption which may be due to 'Port mismatch' warnings on our core switch.

An example of the warnings are:

03/13/2025 13:30:22.35 <Warn:FDB.ArpWarn> Port mismatch between (NEIGH 5e1410ac port 0:6) and (FDB ae:9a:e7:aa:aa:aa port 0:5) entries

03/13/2025 13:30:08.10 <Warn:FDB.ArpWarn> Port mismatch between (NEIGH a80710ac port 0:6) and (FDB 96:85:a6:aa:aa:aa port 0:17) entries

What I don't understand is that the ports mentioned don't exist on the stack - what are these "0:x" ports?

The mac addresses in the logs relate to our wireless users. Running 'show iparp' and 'show fdb' show these mac addresses on the same port:

* Slot-1 Core Stack.15 # sh iparp ae:9a:e7:aa:aa:aa

VR Destination Mac Age Static VLAN VID Port

VR-Default 172.16.x.x ae:9a:e7:aa:aa:aa 0 NO wireless 172 1:28

Dynamic Entries : 6247 Static Entries : 0

Pending Entries : 122

ARP address check: Enabled ARP refresh : Enabled

Timeout : 20 minutes ARP Sender-Mac Learning : Disabled

Locktime : 1000 milliseconds

Retransmit Time : 1000 milliseconds

Reachable Time : 900000 milliseconds (Auto)

Fast Convergence : Off

ARP Global Settings

Max Entries : 12288

Max Pending Entries : 256

Max Proxy Entries : 256

* Slot-1 Core Stack.16 # sh fdb ae:9a:e7:aa:aa:aa

MAC VLAN Name( Tag) Age Flags Port / Virtual Port List

------------------------------------------------------------------------------------------------------

ae:9a:e7:aa:aa:aa wireless(0172) 0000 d mi 1:28

Flags : d - Dynamic, s - Static, p - Permanent, n - NetLogin, m - MAC, i - IP,

x - IPX, l - lockdown MAC, L - lockdown-timeout MAC, M- Mirror, B - Egress Blackhole,

b - Ingress Blackhole, v - MAC-Based VLAN, P - Private VLAN, T - VLAN translation,

D - drop packet, h - Hardware Aging (Age=0), o - IEEE 802.1ah Backbone MAC,

S - Software Controlled Deletion, r - MSRP,

X - VXLAN, E - EVPN

Total: 6518 Static: 0 Perm: 0 Dyn: 6518 Dropped: 0 Locked: 0 Locked with Timeout: 0

FDB Aging time: 300

Regards,

Anthony

Gabriel_G · Thursday

Hi Anthony,

Long story short, you may be hitting a bug with the way port numbers are displayed, I'd contact GTAC to investigate.

In general, those logs indicate that an ARP entry was learned on one port, then it moved to another. This can happen normally for roaming wifi clients.

The IP of the client is the NEIGH value converted from hex to binary, it may also be backwards. That may just be a quirk of the log message and considered 'normal'.

However, the 0:X port notation is _potentially_ a reference to an internal port or an internal LAG interface. That said, the logs shouldn't display this way, they should show the real port number, and I would consider that a bug in my opinion.

I would speculate that this is not a 'real' issue with client connectivity, but an issue with the log message display regardless.

View solution in original post

rmu · Friday

Hi

could be a loop sitution.

nr

rmu

Gabriel_G · Thursday

Hi Anthony,

Long story short, you may be hitting a bug with the way port numbers are displayed, I'd contact GTAC to investigate.

In general, those logs indicate that an ARP entry was learned on one port, then it moved to another. This can happen normally for roaming wifi clients.

The IP of the client is the NEIGH value converted from hex to binary, it may also be backwards. That may just be a quirk of the log message and considered 'normal'.

However, the 0:X port notation is _potentially_ a reference to an internal port or an internal LAG interface. That said, the logs shouldn't display this way, they should show the real port number, and I would consider that a bug in my opinion.

I would speculate that this is not a 'real' issue with client connectivity, but an issue with the log message display regardless.

Extreme Networks

Port mismatch warnings

Port mismatch warnings