Cisco 2901 Duplicate Address Doesn't Exist

dburns865 · ‎12-12-2018

I have been having some issues with our Cisco 2901 including this log I keep getting that says "%IP-4-DUPADDR: Duplicate address x.x.x.x on GigabitEthernet0/0.xxx, sourced by <firewall-mac-address>". This should be as simple as tracking down the interface on the firewall with the duplicate address, but it does not exist. I have done a 'show interfaces all' command and there is no duplicate address on the firewall. There has been a few other issues with the router lately that I am having a hard time figuring out, including a bunch of overflow errors despite there not being a lot of traffic and high CPU usage. Any idea what would cause this duplicate ip error when there isn't a duplicate IP?

Seb Rupik · ‎12-12-2018

HI there,

You may have a Layer 2 loop on the network segment hanging off that sub-interface. A broadcast packet originating from the router is being sent round this loop and forwarded back to the router.

Check your downstream switch topology.

cheers,

Seb.

Simon Darlington · ‎12-12-2018

Hi there

As the device in question is a firewall I wonder if the mac-address in question is a virtual mac-address, which is why you can't correlate this to a mac-address on a physical interface? This virtual mac-address can be shared between redundant firewalls, which may explain the log entry. In which case this would not strictly be a problem.

I would check how virtual mac-addresses are handled by your particular make and model as a first step.

Hope this helps. Please rate if it does.

Thanks