06-18-2003 09:04 PM - edited 03-02-2019 08:15 AM
I've got a weird situation that I can't figure out. I have a 2611 with 2 ethernet interfaces. e0/0 is facing my access network via an RFC1483 bridged DSL service. e1/1 is facing my LAN. When I look at the arp table on the 2611, I see thousands of arp entries in the table and through further investigation, the router is putting every destination into the arp table with the MAC address of the far end of this DSL connection (a 7206VXR acting as the DSL concentrator).
I have no idea what's causing this or how to fix it. I updated the code on the 2611 to 12.2.11T8 and the problem persisted.
Anyone have any ideas?
Solved! Go to Solution.
06-19-2003 05:22 AM
Have not seen this before but does your default route point to e0/0 or the next hop address? If its the interface the router may be arping for anyone that can get to the destination.
06-18-2003 10:54 PM
Is the subnet mask on your e0/0 interface correctly set (or correctly received via dhcp or ppp)?
06-19-2003 04:08 AM
Yeah, that netmask on e0/0 is .252. The network on that interface is statically assigned. The other end is .252 as well.
06-19-2003 05:22 AM
Have not seen this before but does your default route point to e0/0 or the next hop address? If its the interface the router may be arping for anyone that can get to the destination.
06-19-2003 05:27 AM
Very interesting hypothesis. It was infact configured for e0/0. I reconfigured it to be the next-hop and I will see if this helps.
Question: Why does it matter? Are there notes on this anywhere? I'd like to understand why it makes a difference between one and the other.
Thanks again!
06-19-2003 05:29 AM
Welp, this was exactly the problem. Thanks alot!! I'd still like to know what causes this behavior though :)
06-19-2003 05:47 AM
I'm confused by it myself but tried it in my lab and it does work that way. Normally it would not arp for something not on the attached network but since the default was pointed to a broadcast interface there isnt much else it can do.
06-19-2003 05:51 AM
This happens because for every packet out the interface, the router sends an ARP request when the routing table directs the packet to the interface instead of the next hop. Of course, the DSL device on the LAN responds with its own MAC address. This is the nature of sending a packet out an ethernet interface - basically ARP for everything. Without a specific next-hop, the router doesn't know to do anything else.
When the routing table directs the packets to a specific gateway on the connected network, the router will only ARP for that device (and this should happen very seldom since there is likely to be continuous traffic sent to that network, so the ARP entry will not age out very often) and send ethernet frames, carrying the IP packet, directly to that gateway.
I hope this clears things up.
Mark
06-19-2003 06:36 AM
Yes, makes perfect sense. Thanks Mark, and thanks to everyone else who had feedback on this problem.
06-19-2003 06:10 AM
Weird indeed. First thoughts:
- sniff the e0/0 interface to see what happens (who is sending arp requests, who is replying)
- debug arp on the local router and/or the 7206 (whatch out for impact on router load)
- check if perhaps "ip proxy-arp" is configured on the 7206 interface to you
Please keep us posted, it's an interesting problem :)
cheers
Herbert
PS: I see the problem has already been solved. never mind :)
06-19-2003 09:47 AM
Well it an interesting problem, but it goes via the way ip routing works.
Case 1. Device tries to reach another device it believes is directly connected.
In this case the device does an arp broadcast to get the device mac address. The IP packet destined to the device is then sent with the ip address and the mac address of the destined device
Case 2. Device tries to reach another device it believes is not directly connected.
The router in this case does an arp broadcast for the gateway or next hop device. It then creates the ip packet with the MAc address of the next hop device with the ip address of the destined device.
In your scenario, when a route is set on a router to point to an interface, it believes that the network is directly connected. It therefore does an arp broadcast for every host the route applies to. The default behaviour of cisco router is to do proxy arp for known routes. Hence, the 7206 replies with its MAC address, and the 2611 truly believes that its the mac address of the device. If arp proxy is disabled on the 7206, your routing will not work anymore. The behaviour is the reason why next hop address is often preferred to interface addresses.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide