04-14-2005 06:32 AM - edited 03-02-2019 10:28 PM
I've searched but can't find anything helpful...
We're rolling out some new network equipment at a number of locations. We've been having some ARP problems. The main router is a 1711, segmenting PC's and an NT print server. When the router is powered off, erasing the ARP table, everything comes up fine. Except the PC's can't print. The printers do not show up in the ARP cache, and the server can't ping them. We have to manually go into the router and ping the printers. Then they show up in ARP, and the print server can see them. We shouldn't have to do this. The people on the install side think it might be the IOS. Anyone have any ideas? TIA
show version
IOS (tm) C1700 Software (C1700-K9O3SY7-M), Version 12.2(15)ZL1, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
Synched to technology version 12.3(0.1)
ROM: System Bootstrap, Version 12.2(7r)XM4, RELEASE SOFTWARE (fc1)
ROM: C1700 Software (C1700-K9O3SY7-M), Version 12.2(15)ZL1, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
System image file is "flash:c1700-k9o3sy7-mz.122-15.ZL1.bin"
04-14-2005 06:34 AM
Oh yeah, ARP debugging only shows that no ARP request is generated when the server tries to ping the printers across the router (before pinging them from the router).
And we also saw the same thing happen with some PC's on the same subnet as the printers, but not using the 1711 as the default gateway. Pinging from the router, and/or changing the default gateway works.
04-14-2005 06:44 AM
There are a number of possible issues here, and I think I would need to see the configuration to know what is going on. Meanwhile, here are a few things to check.
1. Are the printers in the correct same subnet as their router interface?
2. Do you have any overlapping subnets configured?
3. Do you have any static routes that could be messing things up?
4. Is the gateway address set up correctly in each PC and/or printer?
5. Are you using proxy ARP anywhere?
It would be great if you could post the show run of the router, and perhaps also a show ip route.
Kevin Dorrell
Luxembourg
04-14-2005 07:02 AM
1. Yes
2. No
3. Not sure what you mean, but I don't think so.
4. Yes
5. No
04-14-2005 07:14 AM
Well, clearly something is not working, so rather than me just guessing blind, it would be useful to see the configs.
KJD
04-14-2005 07:13 AM
Stripped for security and size:
Current configuration : 4371 bytes
!
version 12.2
service nagle
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
no service dhcp
!
boot system flash:c1700-k9o3sy7-mz.122-15.ZL1.bin
logging queue-limit 100
logging buffered 4096 debugging
!
aaa new-model
!
!
aaa session-id common
ip subnet-zero
no ip source-route
!
!
!
no ip bootp server
ip cef
ip audit notify log
ip audit po max-events 100
no ftp-server write-enable
!
!
no crypto isakmp enable
!
!
interface FastEthernet0
ip address 206.x.x.190 255.255.255.128
ip security extended-ignored
ip wccp web-cache redirect out
ip wccp 53 redirect out
ip wccp 60 redirect out
ip wccp 70 redirect out
ip wccp 80 redirect out
ip wccp 81 redirect out
ip wccp 82 redirect out
no ip mroute-cache
speed 100
full-duplex
no cdp enable
!
interface FastEthernet1
no ip address
duplex half
speed 10
no cdp enable
!
interface FastEthernet2
no ip address
duplex half
speed 10
no cdp enable
!
interface FastEthernet3
no ip address
shutdown
duplex half
speed 10
no cdp enable
!
interface FastEthernet4
no ip address
shutdown
no cdp enable
!
interface Async1
no ip address
shutdown
!
interface Vlan1
ip address 204.x.x.161 255.255.255.248
ip tcp adjust-mss 1452
no ip mroute-cache
!
ip classless
no ip forward-protocol udp bootps
no ip forward-protocol udp tftp
no ip forward-protocol udp domain
no ip forward-protocol udp time
no ip forward-protocol udp netbios-dgm
no ip forward-protocol udp tacacs
ip route 0.0.0.0 0.0.0.0 206.x.x.173
ip route 170.34.0.0 255.255.0.0 204.x.x.166
ip route 198.246.8.0 255.255.248.0 204.x.x.166
no ip http server
ip http authentication local
no ip http secure-server
!
!
access-list 20 permit 192.110.x.0 0.0.0.255
access-list 20 permit 206.x.x.128 0.0.0.127
access-list 20 permit 204.x.x.160 0.0.0.7
access-list 20 deny any log
access-list 50 permit 192.110.x.x
access-list 50 permit 192.110.x.x
access-list 50 deny any log
snmp-server enable traps tty
no cdp run
!
radius-server authorization permit missing Service-Type
04-14-2005 07:34 AM
Let's see if I have correctly understood something of your configuration.
The main Fa interface, Fa0, is on 206.x.x.190/28. Is this where the PCs are, or is it the printers or the server on this side?
I guess you have a WIC-4ESW, and you have defined VLAN1 to correspond to Fa1 and Fa2 The subnet there is 204.x.x.160/29. On one of those ports you have another router, 204.x.x.166, that is handling the 170.34.0.0/16 and 198.246.8.0/21 networks. On the other port you have a printer, or maybe the print server? The other two ports are unused.
Which side are the printers, which side are the PCs, and which side is the print server?
BTW, the other stuff on the 204.x.x.160/29 subnet - it it configured to use .166 as a gateway or .161?
Kevin Dorrell
Luxembourg
04-14-2005 08:29 AM
Yeah, the printers and PC's are on the 206-side (Fa0). The 204-side is where the server is (out VLAN1). Fa0/1 goes to the server, which uses the rotuer as it's DG. Fa0/2 goes to a satellite PES which handles the remote 170 and 198 networks.
The server cannot reach the printers until we ping them from the router.
04-21-2005 05:56 AM
To help anyone who might run into this in the future...turning off CEF has fixed the problem. Not sure if it's a bug or a config issue.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide