Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1116
Views
0
Helpful
2
Replies

Continuous gratuitous arps sent between 2 HSRP routers

blakem
Level 1
Level 1

‎11-23-2005 04:29 AM - edited ‎03-03-2019 12:54 AM

Hello

I have a dual 2851 HSRP configuration, with hosts being statically natted by the routers. I'm using ARP alias to ensure that the IP addresses have the virtual HSRP MAC address, and no the router's own MAC addresses.

This config works fine, but each router is sending continuous gratuitous ARPs to the other for one of the NATted addresses (I'm NATting 3 addresses, but only have this problem with the one host at the moment).

There is no traffic coming from the host through the routers.

This is the output of 'debug arp'

Router A

*Nov 23 12:00:48.836: IP ARP: sent rep src 10.10.10.5 0012.d9d7.71f1,

dst 10.10.10.5 0000.0c9f.f001 GigabitEthernet0/1

*Nov 23 12:00:48.836: IP ARP: rcvd rep src 10.10.10.5 0014.699d.43b9, dst 10.10.10.5 GigabitEthernet0/1

*Nov 23 12:00:48.836: IP ARP: Gratuitous ARP throttled.

*Nov 23 12:00:48.836: IP ARP: 10.10.10.5 added to arp_defense_Q

*Nov 23 12:00:49.836: IP ARP: 10.10.10.5 removed from arp_defense_Q

*Nov 23 12:00:49.836: IP ARP: sent rep src 10.10.10.5 0012.d9d7.71f1,

dst 10.10.10.5 0000.0c9f.f001 GigabitEthernet0/1

*Nov 23 12:00:50.560: IP ARP: rcvd rep src 10.10.10.5 0014.699d.43b9, dst 10.10.10.5 GigabitEthernet0/1

*Nov 23 12:00:50.560: IP ARP: sent rep src 10.10.10.5 0012.d9d7.71f1,

dst 10.10.10.5 0000.0c9f.f001 GigabitEthernet0/1

*Nov 23 12:00:51.560: IP ARP: rcvd rep src 10.10.10.5 0014.699d.43b9, dst 10.10.10.5 GigabitEthernet0/1

*Nov 23 12:00:51.560: IP ARP: Gratuitous ARP throttled.

*Nov 23 12:00:51.560: IP ARP: 10.10.10.5 added to arp_defense_Q

*Nov 23 12:00:51.836: IP ARP: 10.10.10.5 removed from arp_defense_Q

Router B

*Nov 23 12:01:04.817: IP ARP: sent rep src 10.10.10.5 0014.699d.43b9,

dst 10.10.10.5 0000.0c9f.f001 GigabitEthernet0/1

*Nov 23 12:01:05.093: IP ARP: rcvd rep src 10.10.10.5 0012.d9d7.71f1, dst 10.10.10.5 GigabitEthernet0/1

*Nov 23 12:01:05.093: IP ARP: sent rep src 10.10.10.5 0014.699d.43b9,

dst 10.10.10.5 0000.0c9f.f001 GigabitEthernet0/1

*Nov 23 12:01:06.093: IP ARP: rcvd rep src 10.10.10.5 0012.d9d7.71f1, dst 10.10.10.5 GigabitEthernet0/1

*Nov 23 12:01:06.093: IP ARP: Gratuitous ARP throttled.

*Nov 23 12:01:06.093: IP ARP: 10.10.10.5 added to arp_defense_Q

*Nov 23 12:01:06.817: IP ARP: 10.10.10.5 removed from arp_defense_Q

*Nov 23 12:01:06.817: IP ARP: sent rep src 10.10.10.5 0014.699d.43b9,

dst 10.10.10.5 0000.0c9f.f001 GigabitEthernet0/1

*Nov 23 12:01:06.817: IP ARP: rcvd rep src 10.10.10.5 0012.d9d7.71f1, dst 10.10.10.5 GigabitEthernet0/1

*Nov 23 12:01:06.817: IP ARP: Gratuitous ARP throttled.

*Nov 23 12:01:06.817: IP ARP: 10.10.10.5 added to arp_defense_Q

*Nov 23 12:01:07.817: IP ARP: 10.10.10.5 removed from arp_defense_Q

If someone could give me a brief heads-up, I'd be most grateful.

Cheers,

Michael

Labels:
0 Helpful
2 Replies 2

Richard Burts
Hall of Fame
Hall of Fame

‎11-23-2005 10:40 AM

Michael

I am not clear about what you are trying to accomplish. Your post mentions some things about HSRP and about translating addresses. I am not clear if there is supposed to be a relationship between HSRP and the translation. Perhaps you could clarify.

Having said that, one thing is clear: both routers think that they have address 10.10.10.5 and each router has a different MAC to associate with it. You mention that you have several translated addresses. Is this the only address to appear on both routers but with different MAC addresses or does this situation happen with the other addresses?

HTH

Rick

HTH

Rick
0 Helpful

blakem
Level 1
Level 1
In response to Richard Burts

‎11-24-2005 02:02 AM

Hi Rick

The problem has sorted itself out - I made sure the 2 HSRP routers had exactly the same config, except for the parts that obviously need to be different, and after reloading the problem didn't appear...

Here's the clarification of what I was trying to do:

Each router is part of a HSRP group.

Each router has the same static NAT entries:

ip nat inside source static network 172.16.201.1 10.10.10.4 /32

ip nat inside source static network 172.16.201.2 10.10.10.5 /32

ip nat inside source static network 172.16.201.3 10.10.10.6 /32

Each router has the same arp aliases for those NAT addresses. The arp alias is the virtual HSRP MAC address:

arp 10.10.10.6 0000.0c9f.f001 ARPA alias

arp 10.10.10.4 0000.0c9f.f001 ARPA alias

arp 10.10.10.5 0000.0c9f.f001 ARPA alias

I guess the arp aliases weren't working, and needed a reload? The routers still had the IP address associated with their burned-in MAC (even though their arp tables showed the alias MAC address).

Can you tell me whether the output I listed is common when you have 'duplicate IP address detected'? What I mean is when an IP address appears to have 2 different MAC addresses, will you get the continuous 'arp sent reply' and 'arp received reply' cycle, between the 2 hosts (or routers) advertising the IP/MAC?

Many thanks,

Michael

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card