Network Management

Does anyone know what the following means and how do I resolve this?

(CORE-OFC-SW01) #show log system 10

Jun 13 08:58:15 :340004: <WARN> |l2m| Flushing mac-addresses on GE2/0/10 vlan-id 14 due to STP topology change
Jun 13 08:58:15 :340004: <WARN> |l2m| Flushing mac-addresses on GE2/0/10 vlan-id 25 due to STP topology change
Jun 13 08:58:15 :340004: <WARN> |l2m| Flushing mac-addresses on GE2/0/26 vlan-id 11 due to STP topology change
Jun 13 08:58:15 :340004: <WARN> |l2m| Flushing mac-addresses on GE2/0/27 vlan-id 11 due to STP topology change
Jun 13 08:58:15 :340004: <WARN> |l2m| Flushing mac-addresses on GE2/0/28 vlan-id 11 due to STP topology change
Jun 13 08:58:15 :340004: <WARN> |l2m| Flushing mac-addresses on GE2/0/29 vlan-id 11 due to STP topology change
Jun 13 08:58:15 :340004: <WARN> |l2m| Flushing mac-addresses on GE2/0/40 vlan-id 11 due to STP topology change
Jun 13 08:58:15 :340004: <WARN> |l2m| Flushing mac-addresses on GE2/0/40 vlan-id 14 due to STP topology change

I'm running three Aruba S2500-48P stacked and lately I've been having issues populating the MAC-Addresses in the Webfig and I've been sending email to Aruba back and forth and have come to no resolution so far. I am not sure if this is affecting it. I am able to see the MAC-addresses from the putty via CLI but now on the browser. I've tried different computers/browsers and still no luck.

Model: ArubaS2500-48P (Linecard)
ArubaS2500-48P (Primary)
ArubaS2500-48P (Secondary)

Version:7.4.1.6

Anyone with any information on how I can resolve this would be much appreciated.

Thank you.

The messages that you see mention that due to a spanning tree topology change the switch forgets all learned mac addresses on the affected ports and starts learning which MAC is behind what port again.

Spanning Tree Protocol (STP; https://en.wikipedia.org/wiki/Spanning_Tree_Protocol) is an old method of preventing loops in your network. If you have connected your switches and you create a loop in the network (for redundancy, or unintentionally), the STP stops the loop while still having all switches connected.

In a stable network, there should be no topology changes, so as you see them please go and find where those originate from (use spanning-tree show and debug commands).

If you have just a stack (Arubastack), make sure that all stacking links are indeed stacking links (not regular network connections, with ports that show up in show interface brief).

If you are sure that there are no loops in your network, you may try disabling spanning-tree on the switch; but be warned, if someone creates a loop, your network may go down by broadcast storms.

The messages should be harmless, though if they appear frequently the unstable spanning tree may be harmful.

Not sure why you don't see mac addresses in the WebUI; what worked for me once was reloading the web-page when it was showing 'Please wait..'; after that reload is was quick.

Hi Herman, thanks for your reply. Just to check, does this flushing cause the network to be unstable? I am running a few Bloomberg TV live stream and every now and then a page error occurs. I didn't play attention to it prior to the reboot where the MAC Address had no issues. But thereafter it seems like network issues there and there. Some of my clients are able to load certain sites while the rest have no issues. I'm not sure if my Aruba stack is causing the issue or my Fortigate 100D.

My setup is a little bit complicated. At the top we have 3 ISPs coming in, they passthrough Mikrotik and then over to the Fortigate (few VLANs) then onto the Aruba with VLANs. I am not sure as to why we are using the Mikrotik. Based on my CEO, pre-routing occurs there and Bridging occurs on Fortigate.

Aruba is just doing LAN to all the users. I'm not sure what is causing the topology change. Could it be from the Fortigate? The Fortigate does firewall mainly, policy and VLANs.

So, the flushing of the mac addresses should not cause the interruption, as packets for unknown mac-addresses are flooded to all the ports in a vlan. However with a STP topology change, typically ports in your network go from forwarding to blocking (or learning) and will cause interruption because traffic is dropped.

If you have redundant fortigates, running in layer 2 (bridging), there might be a loop there: Switch - FG1 - Microtik - FG2 - Switch.

Spanning tree issues can be hard to solve, especially combined with the complexity of redundant firewalls. In most cases it is good to keep your spanning-tree domain as small as possible, and not to extend that to firewalls; setup your firewalls in routing/L3 instead to avoid this layer 2 loops.

It is hardly possible from here to advise you on how to setup this properly in your situation. The STP topology changes seem to be the result of a suboptimal design or external errors in your network. If you cannot troubleshoot your spanning-tree yourself, please try to find a network engineer that can help you with analysis and proper design afterward. My estimation is that your firewall and router may be part of the networking interruptions that you experience, and switching off STP will not solve the issue.

Hi Herman, thanks again for your reply. I will write in to Aruba directly on this issue as well since they are working to resolve the MAC-Address issue. The work around with the setup is beyond my knowledege. But from the info you have given, I could bring it up to them. Thanks once again.