Core Issue

For packets to be forwarded across a network from one device to another, they have to be encapsulated in a Layer 2 (L2) frame containing the L2 source and destination addresses. When IP operates over a LAN like the Ethernet, it uses Address Resolution Protocol (ARP) to find the L2 MAC address corresponding to the Layer 3 (L3) IP address of a device. This mapping is stored in a table called the ARP table.

In certain situations, a Cisco device contains incomplete entries in the ARP table which will have the IP address, but the MAC address is marked as incomplete. This situation is due to no ARP reply being received by the device for the ARP request that was sent out. This results in encapsulation failure at L2 and the packets are not being forwarded. The incomplete entry is purged from the ARP table after a pre-determined amount of time. When such a problem exists, issuing the debug arp command displays the message starting with the text: IP ARP: creating incomplete entry for IP address.

These are the most common reasons for this issue:

• Physical or data link layer issues associated with cabling, Network Interface Cards (NICs), hubs and switch ports result in dropped or erroneous frames. This prevents ARP request and response messages from reaching the intended recipient.
• If the devices are connected through a switch, misconfigured VLANs result. If the switch ports connected to the source and destination devices are part of different VLANs, then the frames including ARP reply and request will not be forwarded between them.
• L2 loops in a switched network with redundant links cause frequent changes to the MAC address table on the switches used for forwarding frames. This results in the devices appearing to be connected through different ports at different times and forwarding frames out of the incorrect port.
• When Policy Based Routing (PBR) is configured by issuing the set interface command, an ARP response might be received through an interface. This interface is different than the one pointed to by the normal IP routing table.

Resolution

To resolve this issue, perform these steps:

1. Ensure that the physical cabling complies to the parameters recommended by the standards. Make sure that the NIC cards, hubs and switch ports are not faulty. If auto-negotiation of speed or duplex is used on the NIC and switch, and is suspected to be causing any problems, hardcode the speed and duplex settings on the NIC and switch.
2. If the devices are connected through a switch, verify that the switch ports connecting the source and destination belong to the same VLAN.
3. Identify any L2 loops in a switched network with redundant links by resolving the spanning tree configuration.
4. If PBR is configured with the set interface command, issue the set ip next-hop command instead.

For more information, refer to these documents:

• Troubleshooting Switch Port and Interface Problems
• Troubleshooting Cisco Catalyst Switches to NIC Compatibility Issues
• Configuring and Troubleshooting Ethernet 10/100/1000Mb Half/Full Duplex Auto-Negotiation
• Spanning Tree Protocol Problems and Related Design Considerations
• The Address Resolution Protocol (ARP) Issue section of Understanding the Ping and Traceroute Commands
• Understanding Policy Routing

How PBR is Configured to Forward Packets

Setting the outgoing interface

Other Errors, Warnings, and Log Messages

ARP - IP ARP: creating incomplete entry for IP address