Technical Tip: Explaining Sticky MAC behavior in FortiSwitches

Description

This article describes how, if a unit is learned on a port with sticky MAC enabled, the same unit MAC address will not be learned on different port unless sticky MAC entry is cleared.

Scope

FortiSwitch.

Solution

Dynamically learned MAC addresses persistent when the status of a FortiSwitch port changes (UP or DOWN).

Note: By default, MAC addresses are not persistent. Once the entry is learned dynamically by the FortiSwitch, MAC entry is treated much like a Static MAC entry.

For either Sticky or Static MACs, delete the corresponding entry before it can be re-associated with another port.

Example configuration:

• Sticky-Mac is enabled on port19 and the learning limit is set to 1.

 config switch interface
    edit "port19"
        set native-vlan 165
        set snmp-index 19
        set learning-limit 1
        set sticky-mac enable
     next
 end

Before sticky-MAC is enabled:
 

diagnose switch mac-address list | grep "e4:b9:7a:58:97:17" MAC: e4:b9:7a:58:97:17 VLAN: 165 Port: port19(port-id 19) Flags: 0x00030440 [ hit dynamic src-hit native move]

After Sticky-MAC is enabled:

diagnose switch mac-address list | grep " e4:b9:7a:58:97:17" MAC: e4:b9:7a:58:97:17 VLAN: 165 Port: port19(port-id 19) Flags: 0x00000020 [ static ]

To delete the sticky MAC entry:

If the sticky-mac save command has not been issued since the entry was learned on port19, clear the entry with the following command:

execute sticky-mac delete-unsaved interface port19

If the sticky MAC was saved:

execute sticky-mac save {all|interface<interface_name>})

View the table from the GUI under MAC Entries and delete the entry corresponding to that unit.

Once the entry has been removed, the unit can be relearned on a different port.