When upgrading to 12.2(33)SCC3 code we started seeing customers who have ASA and sonicwall firewalls having arp issues with static IP's sitting behind the firewall on there DMZ's When looking into this we noticed it is only on our MC20x20 card that it appears to be happening on. Is this an issue with these firealls and proxy arp or could it be the arp filtering that is automatically configured when migrating ot the SCC3 code.
The MC2020 and the MC520 cards should not play a role in the way the ARP requests and replied are handled, that process is left to the CMTS route processor. It is possible there are some configuration settings which may be causing issues with the ARP behavior.
Can you tell me more about the issue? Is it happening consistently with those static CPE IPs? Does it work for 60 minutes then stop working? Is it always the same issue?
If you can post the interface bundle configuration I can take a look.
Couple possible points to look into:
1. Cable arp filters (defaults to 3 every 2 seconds for request and replies)
2. "Cable source-verify [dhcp]" and "no cable arp" - changes the behavior of how CPE ip addresses make it into the CMTS ARP table
3. "Cable trust" - Affects the way the CPE IP makes it into the ARP table.
Lastly, if you have a valid service contract I strongly suggest you open a TAC Service Request as they can commit a Cisco engineer to working with you.
XR-vm - CLI's
look for any process crash, review time stamp[if it is too old, then no immediate action needed]
verify if standby state is Ready and NSR-Ready
show proc cpu | exclude " 0%"
It's been a long standing ask for XR to support conditional route advertisements in BGP.
The expected option of using the
option in RPL currently can only be used at the default-inf...
On IOS-XR, Quality of Service has an extension to WRED (Weighted Random Early Detection) called Explicit Congestion Notification (ECN). ECN will mark packets instead of dropping them when the average queue length exceeds a specific threshold value. When c...
Technical Guide to Pre-Defined NAT.
In traditional NAT, due to the government regulations logging the CGN translations is mandatory and this is a huge cost incurrence. In Pre-defined NAT, the translations are known upfront, hence there is no nee...