Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1337
Views
0
Helpful
1
Replies

Wrong ARP entry

l.meyer
Level 1
Level 1

‎04-29-2005 09:48 AM - edited ‎03-02-2019 10:37 PM

Hi lads,

I had a strange failure scenario in one of my customer networks. I'm wondering if someone couldn't answer my questions.

Given the following network layout:

- Router A1 & A2

- runnning HSRP (vlan100 - 192.168.100.1 / vlan 66 - 192.168.66.1) A1 activ

- connected to vlan 100(gig0/1 - 192.168.100.0/24) + vlan 66(gig0/2 - 192.168.66.0/24)

- static default route over vlan100 - 192.168.100.254

- Router B1 & B2

- runnning HSRP (vlan100 - 192.168.100.254 / vlan200 - 192.168.200.254) B1 activ

- connected to vlan 100(gig0/1 - 192.168.100.0/24) + vlan 200(gig0/2 - 192.168.200.0/24)

- static route to vlan99(gig0/2 - 192.168.99.0/24) with the gateway 192.168.200.1

- Router C1 & C2

- runnning HSRP (vlan200 - 192.168.200.1 / vlan 99 - 192.168.99.1) C1 activ

- connected to vlan 200(gig0/1 - 192.168.200.0/24) + vlan 99(gig0/2 - 192.168.99.0/24)

- static default route over vlan200 - 192.168.200.254

Now the following failure occurs:

- a static route was added to router B1 & B2 - ip route 192.168.66.0 255.255.255.0 gig 0/1 192.168.200.1

As the result of this command all the traffic with the destination

of vlan99 - 192.168.99.0/24 was sent by B1 to router A1, because of a wrong ARP entry in router B1. This ARP entry was "192.168.200.1 <virtual HSRP MAC address of A1> gig 0/1".

I think the following scenario happens:

1. Because of the new route Router B1 send an ARP request out of int gig 0/1

2. Router A1 respond with his virtual HSRP MAC address

3. Router B1 updated his ARP table and routed all the traffic for the network 192.168.99.0/24 to Router A1

What I know for sure is that we had the wrong ARP entry on Router B1 (sh ip arp) and that Router B1 send all the traffic destined for network 192.168.99.0/24 to the MAC address of A1 (Ethereal). My describted scenario is only way how I can explain the wrong ARP entry. However I think the scenario is very strange and I don't understand why:

1. Router B1 sent a ARP request out of gig0/1 even if he knows that he's directly connected to a network including this ip address over int gig 0/2 ?!?!

2. Router A1 replied to this ARP request with his own MAC address (ip proxy-arp was DISABLED) ?!?!

3. Router B1 accept the ARP reply even if he knows that he's directly connected to a network including this ip address over int gig 0/2 ?!?!

Thx

Labels:
0 Helpful
1 Reply 1

mchin345
Level 6
Level 6

‎05-05-2005 07:53 AM

This is because in the static route you have mentioned a multiaccess interface as the gateway. Instead of giving the multiaccess interface try giving the IP of the gigabit interface. It will work. This happens when you have CEF enabled.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card