Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
300
Views
0
Helpful
2
Replies

debugging a link local issue

Mark Graham
Level 1
Level 1

‎12-30-2013 05:25 AM - edited ‎03-11-2019 08:23 PM

i'm getting a ton of link local reverse path errors on my inside interface on my ASA

1          Dec 30 2013          08:01:33                    169.254.223.30                    169.254.255.255                    Deny UDP reverse path check from 169.254.223.30 to 169.254.255.255 on interface inside

where should i start to hunt down this address?  i know its facticious local address, however, is there a way i can track it down?  can i snag the MAC address where its coming from somewhere if i do more debugging?   perhaps running a wireshark is where i should start?

Labels:
0 Helpful
2 Replies 2

Jouni Forss
VIP Alumni
VIP Alumni

‎12-30-2013 05:35 AM

Hi,

You could configure a capture on the ASA

For example

access-list CAPTURE permit ip 169.254.0.0 255.255.0.0 any

capture CAPTURE type raw-data access-list CAPTURE interface inside buffer 10000000 circular-buffer

Change the buffer size if you need to.

You can then view if the capture has captured any traffic with the command

show capture

You can view the actual capture contents with the command

show capture CAPTURE

But you should probably copy the capture to some host with TFTP and view it with Wireshark. You should be able to check the MAC address of the hosts from the capture file. Seems to me like you have hosts that are unable to get an IP address with DHCP if they are using the above type of IP addresses.

You can copy the capture contents with the command

copy /pcap capture:CAPTURE tftp://x.x.x.x/CAPTURE.pcap

You can remove the capture (and its data) with the command

no capture CAPTURE

You will have to remove the ACL separately

Hope this helps

- Jouni

0 Helpful

Mark Graham
Level 1
Level 1
In response to Jouni Forss

‎12-30-2013 05:56 AM

sweet, didnt know i could do a pcap capture on the asa! thanks. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card