View Sidebar
Fun with MAC Addresses and Crossbeam X80s

Fun with MAC Addresses and Crossbeam X80s

8/22/2013 10:50 am0 comments

We had a fun little gotcha a few weeks ago while upgrading a Crossbeam X80 CPM from XOS 9.5.X to 9.6.6. As part of security controls we have in place in the perimeter, we implement MAC address filtering on the border switches. We implement very basic ACLs for the MAC addresses.

mac access-list extended mac_gi26
 permit host 0003.d2e0.0101 any
interface GigabitEthernet0/26
 switchport access vlan 901
 switchport mode access
 mac access-group mac_gi26 in
 spanning-tree portfast

So,  post upgrade to XOS 9.6.6 we lost access to many of our zones that previously worked.  After some digging around, we noted that the MAC addresses on the Crossbeam NPMs changed post upgrade.  This change was not noted in the Release Notes (at least I couldn’t find it).

The good news is that Crossbeam allows for the manual changing of MAC addresses on the X-Series Platform.  A simple change of the MAC address cleaned everything up.

[no] mac-addr <MAC_address>

Leave a reply

You must be logged in to post a comment.