05-15-2017 04:30 AM - edited 03-05-2019 08:32 AM
Hello,
we have on one of our Costumer Switches (Catalyst C2960-S9 Version 12.2(58)SE2) a Problem regarding Invalid ARPs:
May 15 09:39:38.839 CEST: %SW_DAI-4-DHCP_SNOOPING_DENY: 1 Invalid ARPs (Req) on Gi1/0/12, vlan 10.
May 15 12:51:34.385 CEST: %SW_DAI-4-INVALID_ARP: 1 Invalid ARPs (Req) on Gi1/0/12, vlan 10.
We have Mutliple Entrys in the Log, and our Pings to the Client look like this:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!..............................!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!..............................!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!..............................!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
..............................!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!..........
....................!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!....................
...........!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.............................
.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!..............................!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!..............................!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!..............................!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!...............................!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!........
......................!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!..................
............!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!............................
..!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!........................
Does someone knew which Cisco Bug this is (Found something in another Thread, but they didn't sayed which Bug ID it was).
05-15-2017 01:02 PM
Hi David.Schmidt11,
These logs entries are indicating that ARP inspection droping the packet as the arp request is not matching the DHCP snooping binding table. Verify that "sh ip dhcp snooping binding" entry and ARP request must be matching.
05-15-2017 09:13 PM
someone is spoofing ARP on port 1/0/12, get the device checked for any infections connected on the port.
Thanks
Hitesh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide