Procedure https://cll-ng.cisco.

com/content/xtrac/2

Discovery 1: Investigate the CAM

Task 1: Investigate the CAM
Activity
Step 1: From PC1, generate traffic to all devices in the subnet.
Log on to PC1 and issue a broadcast ping to 10.1.1.255. Configure a repeat count of 10 and a datagram size of
1500.
Pinging the broadcast address of 10.1.1.255 will ping all hosts in the 10.1.1.0/24 subnet. You are doing this
action in order for Switch1 to learn all the MAC addresses of connected hosts.
When issuing a broadcast ping, you will need to make sure that you are in privileged mode. IP broadcast
pinging is disallowed from user EXEC mode.
Note
In the IOL environment, PCs are simulated using routers.
On PC1, enter the following commands:
PC1>
PC1> enable
PC1# ping
Protocol [ip]: <Enter>
Target IP address: 10.1.1.255
Repeat count [5]: 10
Datagram size [100]: 1500
Timeout in seconds [2]: <Enter>
Extended commands [n]: <Enter>
Sweep range of sizes [n]: <Enter>
Type escape sequence to abort.
Sending 10000, 1500-byte ICMP Echos to 10.1.1.255, timeout is 2 seconds:

Reply to request 0 from 10.1.1.3, 1 ms

Reply to request 0 from 10.1.1.4, 1 ms
Reply to request 0 from 10.1.1.5, 1 ms
<... output omitted ...>
Step 2: Access Switch1 and investigate its CAM table.
Use the show mac address-table command.
Notice that you see one MAC address per port for Ethernet 0/1, 0/2, and 0/3. These interfaces are the ports that
PC1, PC2, and PC3 connect to, respectively.
On Switch1, enter the following command:
Switch1# show mac address-table
Mac Address Table
-------------------------------------------

Vlan Mac Address Type Ports

---- ----------- -------- -----
1 aabb.cc00.2000 DYNAMIC Et0/1

1 din 3 25.05.2020, 11:07

Procedure https://cll-ng.cisco.com/content/xtrac/2

1 aabb.cc00.2100 DYNAMIC Et0/2

1 aabb.cc00.2200 DYNAMIC Et0/3
1 aabb.cc00.2400 DYNAMIC Et1/1
1 aabb.cc00.2500 DYNAMIC Et1/1
Total Mac Addresses for this criterion: 5
So, if PC1 sends a packet to PC2, Switch1 will receive it on Ethernet 0/1. Switch1 will investigate the frame
and see that the destination MAC address is that of PC2. Switch1 will now perform a lookup and find the MAC
address of PC2 mapped to Ethernet 0/2. For the final step, Switch1 will forward the message.
Step 3: On Switch1, filter out MAC addresses that the switch learned through Ethernet 1/1.
Use the command show mac address-table interface Ethernet 1/1.
Switches that connect to many devices can have very long CAM tables. In those cases, you can help yourself
with filtering.
You can see that Switch1 sees two MAC addresses through port Ethernet 1/1:
On Switch1, enter the following command:
Switch1# show mac address-table interface ethernet 1/1
Mac Address Table
-------------------------------------------

Vlan Mac Address Type Ports

---- ----------- -------- -----
1 aabb.cc00.2400 DYNAMIC Et1/1
1 aabb.cc00.2500 DYNAMIC Et1/1
You can add the address keyword to specify a single MAC address. If you want to show just MAC addresses
that belong to devices in a certain VLAN, add the vlan keyword.
Step 4: How is it possible for Switch1 to see two MAC addresses through port Eth1/1?
Switch1 sees two MAC addresses through Ethernet 1/1 because this port connects to another switch.
Step 5: Issue the show cdp neighbor command on Switch1.
You can verify that Switch1 connects to another switch by investigating its Cisco Discovery Protocol
neighbors. Use the show cdp neighbor command. Cisco Discovery Protocol is used to share information about
directly connected Cisco equipment.
On Switch1, enter the following command:
Switch1# show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay

Device ID Local Intrfce Holdtme Capability Platform Port ID

Switch2 Eth 1/1 128 R S Linux Uni Eth 1/1

CAM Aging Time

CAM tables can accommodate a lot of entries for frame forwarding. However, there is not enough space for every
address in a large network. For that reason, addresses that have not been heard from for a time (stale entries) are
aged-out. That time is also called aging time.
Step 6: Investigate aging time using the show mac address-table aging-time command.
By default, the aging time is 300 seconds:
On Switch1, enter the following command:
Switch1# show mac address-table aging-time
Global Aging Time: 300
Vlan Aging Time

2 din 3 25.05.2020, 11:07

Procedure https://cll-ng.cisco.com/content/xtrac/2

---- ----------
The default aging time for ARP table entries is 4 hours. In networks where you have a host that does not generate
a lot of traffic for long periods of time, you can have your CAM table entries time out every 5 minutes. In these
rare cases, you might have to increase the CAM aging time to bring down the amount of flooding.
CAM table entries cannot be summarized the way that they are in IP routing. Having 1000 devices in the network
means 1000 addresses per CAM table per switch. When the CAM table is full, the switch acts as a hub by
forwarding all new frames, like broadcasts. The solution is to implement routing into the network to limit MAC
flooding.
Step 7: Change the CAM aging time on Switch1 to 600 seconds.
The default setting of the CAM aging time can be changed using the following command: mac address-table
aging-time seconds. Change the aging time on Switch1 to 600 seconds.
On Switch1, enter the following command:
Switch1(config)# mac address-table aging-time 600
Step 8: Now, after you have changed the aging time, verify the change using the command show mac address-
table aging-time:
On Switch1, enter the following command:
Switch1# show mac address-table aging-time
Global Aging Time: 600
Vlan Aging Time
---- ----------

© 2020 Cisco Systems, Inc.

3 din 3 25.05.2020, 11:07