Technical Tip: Legend listing in Cisco CLI causes issues reading data
Description
L2 poll completes but no MAC addresses are read. This was observed with a Cisco 6500 running IOS 15.5. The problem was due to the "show mac address-table" command returning a Legend that included the # character.
Example.
CAD502AiL3#show mac address-table
Legend: * - primary entry
age - seconds since last seen
n/a - not available
S - secure entry
R - router's gateway mac address entry
D - Duplicate mac address entry
# - Fabric mac address entry. Clear mac cli doesn't clear this entry
Scope
Version: 8.x
Solution
- This change affects all switches managed using this particular file. If there are some Dell switches not using the directory for enable level access, this change could break their CLI access.
- Changes must be made after each appliance upgrade
- Changes must be performed in both Primary and Secondary Control Servers in High Availability configurations
- Changes must be performed on all PODs managing these switches
Workaround:
1. Login to the appliance CLI and identify which Cisco telnetMIB file is used for the affected switch. This can be identified in the output.master log with TelnetServer debug enabled. The entry appears just before establishing the SSH connection to the device.
Alternatively, it can be obtained by running the command
getmibfile -ip <device IP>
2. Add the following entry to the Cisco MIB file in the /bsc/campusMgr/master_loader/telnetMibs directory to ignore the “# -“ string
TELNET_IGNORE_STRINGS=
{
IGNORE=# -
}
3. Re-run L2 poll and verify the data updates. In CLI type
ReadForwardingTbl -ip <device ip>
4. Create or modify current README file in /bsc/campusMgrUpdates to indicate these settings will need to be re-done after an upgrade.
Example:
---------------------------------------------------------------------------
Ticket <FortiCare ticket number> <Date> <support eng initials>
Add the following entry to the Cisco MIB file
TELNET_IGNORE_STRINGS=
{
IGNORE=# -
}