Solved: ARP incomplete during L3 migration to new L3 switch

meisemann7 · ‎04-08-2021

I am in the middle of a staged migrated, haven posted questions on this before, and basically stuck at the step where the old L3 core switch is doing the routing and all ports/services have moved to the new Core L3 switch but the new one is logically just running as an L2 switch. Once I try and move the final routing piece, static routing, I get everything working except most of the access switches, L2 switches, that hang off the new L3 core switch are giving 'incomplete ARP' responses, except 1 is working for some reason and the configuration looks the same. My question is, could there be some settings that might be overlooked that could cause an 'incomplete ARP' response. I have tried the typical 'clear arp-cache' and related commands. When I log into one of the access switches, it can't reach the default-gateway, which is the IP on the new Core switch and was the same IP on the old Core switch so not sure what the issue is. Could STP be messing things up, like a root guard or something? Thanks.

Also, I get this weird error

%HMANRP-6-EMP_NO_ELECTION_INFO: Could not elect active EMP switch, not sure what that means.

The new L3 switch is a Cisco Cat 3650-48PS-L switch, if that helps. I also get this

%ACL_ERRMSG-6-PACL_INFO: Switch 1 R0/0: fed: Logging is not supported for PACL. could that ACL be stopping the ARP if it doesn't like the 'log' part? Thanks.

Thanks,
Matt

Giuseppe Larosa · ‎04-08-2021

Hello ,

>> %ACL_ERRMSG-6-PACL_INFO: Switch 1 R0/0: fed: Logging is not supported for PACL. could that ACL be stopping the ARP if it doesn't like the 'log' part?

No, because ARP is not part of IP protocol it has a different ethertype then IPv4.

ARP incomplete should mean that there is not a complete L2 end to end path between the affected swich and the new core switch on the VLAN where you have enabled the SVI with the same IP address as in the old core.

You had a thread about this.

So I agree you need to investigate STP for the VLAN in question.

Hope to help

Giuseppe

View solution in original post

Seb Rupik · ‎04-08-2021

Hi there,

Taking just one connection from the new L3 core to an access switch that is not working. From both ends of the link what is the sh int status for the switchports at both ends? Also what does the sh spanning interface gix/x/x looking like?

cheers,

Seb.

paul driver · ‎04-08-2021

Hello
I assume ths is related to the other post you have running? - Here

If you are still experiencing issues on the L3 cutover part your lan migration if so there must be something you have not shared with us that’s continuously denying the connections and access-lists could well be a possiblity.

Can you share the old/new core configuration along with arp readouts and possibly a topology diagram

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

meisemann7 · ‎04-08-2021

Paul,

Yeah I created a new post, partly because someone else started that post. I will look more closely at my ACLs on the ports. Unfortunately, since this is a production network, I'm not authorized to provide specifics or show configs.