Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5451
Views
0
Helpful
5
Replies

Static ARP on Nexus 9000

PrakashMatuwani
Level 1
Level 1

‎03-10-2018 12:04 AM - edited ‎03-01-2019 08:44 AM

Hi Friends,

I am trying to configure static ARP on Nexus 9000 under Vlan Interface /SVI and getting following error message

 

"Invalid MAC address. Multicast MAC address cannot be used"

 

I am trying to add following static ARP i.e. Unicast IP with Multicast MAC

ip arp 172.28.1.236 0100.xxxx.xxx

 

Multicast MAC is of Checkpoint Firewall in Active/Active mode. We have pair of Checkpoint in Active/Active mode connected to Nexus 9000

 

I read few other blogs that we cannot bind unicast IP with Multicast MAC on Nexus.

Can someone please let me know if there is any solution to overcome above mentioned problem?

 

 

 

Regards,

Prakash Matuwani

Labels:
0 Helpful
5 Replies 5

davidsudjiman
Level 1
Level 1

‎03-10-2018 11:44 AM

What's your NX-OS version you're using?

 

This link (https://www.cisco.com/c/en/us/support/docs/ip/multicast/116150-configure-Nexus7000-00.html#anc8) mentioned 

 

The Nexus 7000 needs to be able to run Release 5.2(x) or later in order to perform these configurations:

  • In NX-OS Release 4.2 and later, you can map a static Address Resolution Protocol (ARP) multicast MAC address to a unicast IP address, but the traffic to that IP address floods the VLAN.
  • In NX-OS Release 5.2 and later, you can configure the system to constrain these packets to only those interfaces that require them. You can use several methods to configure the system, each with pros and cons.
0 Helpful

PrakashMatuwani
Level 1
Level 1
In response to davidsudjiman

‎03-10-2018 04:54 PM

Hi,

Thanks for your response.

We are facing static ARP problem on Nexus 9000 and not 7000. 

Firmware version on Nexus 9000 is 7.0.3.I6.1

 

 

0 Helpful

Rick1776
Level 5
Level 5
In response to PrakashMatuwani

‎03-10-2018 09:36 PM

You have to clear the ARP address first tans they configure the static ARP

When MAC addresses are cleared on a VLAN with the clear mac address-table dynamic command, the dynamic ARP (Address Resolution Protocol) entries on that VLAN are refreshed.
If a static ARP entry exists on the VLAN and no MAC address to port mapping is present, the supervisor may generate an ARP request to learn the MAC address. Upon learning the MAC address, the adjacency entry points to the correct physical port.

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/interfaces/configuration/guide/b_Cisco_Nexus_9000_Series_NX-OS_Interfaces_Configuration_Guide_7x/b_Cisco_Nexus_9000_Series_NX-OS_Interfaces_Configuration_Guide_7x_chapter_0100...

0 Helpful

PrakashMatuwani
Level 1
Level 1
In response to Rick1776

‎03-10-2018 11:29 PM

Thanks for your reply
Actually the problem i am facing is that Multicast MAC cannot be associated to Unicast IP through static ARP. I am able to create static ARP for unicast Ip to Unicast MAC
I read cisco release notes for the latest software version for Nexus 9000 and found that this is not yet supported and so i started this discussion to know if anyone has a workaround for this problem.
0 Helpful

sbhadrav@cisco.com
Level 5
Level 5

‎03-13-2018 12:29 PM

For example - In catalyst switch if I type below command I will get mac-address of the IP

Switch#sh arp | in 195.168.10.50
you can use same command in nexus also . Below are few example.
show ip arp ----> you can see all the arp in switch

sh ip arp x.x.x.x ----> for  particular ip address.

sh ip arp x.x.x.x vrf <name> ---- if you have multiple vrf then you can use this command.
#show ip arp <IP ADDRESS>
#show ip arp <IP ADDRESS>

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents