Pinging across core router works but IP Arp times out?

markchristy · ‎05-04-2022

Here is the test topology:

Host--->SW1--->vlanX--->CORE-Router--->SW2--->vlanY--->Host

From switch 1 host, I can ping IP address 1.2.3.4 (example). I can ping it continuously from vlanX to vlanY - never fails

On core router, the "show ip arp 1.2.3.4", initially after clearing the arp entry, starts at 0, then increments even though it is an active ping. When looking at other IP ARPs for other hosts, it is always 0 unless it goes idle, and starts counting up.

I have never seen this happen (maybe I wasn't watching). However it seems very odd!! Any thoughts?

Example: From Cisco 6509 running IOS 12.2...

CATA#ping 1.2.3.4

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.2.3.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
CATA#show ip arp 1.2.3.4
Protocol Address Age (min) Hardware Addr Type Interface
Internet 1.2.3.46 b422.003e.4bd2 ARPA VlanY
CATA#

markchristy · ‎05-04-2022

Sorry - My "LABEL" isn't really relevant. It is a Cisco 6509 routing vlans from this core system. The tags are.

Georg Pauwen · ‎05-04-2022

Hello,

I checked for bugs but could not find any. Can you post the output of 'debug arp' when the ping is active ?

Richard Burts · ‎05-04-2022

There are things that we do not know about this and they might change our responses. But based on what I think we know so far I see some host connected to a switch in vlan X. The vlan connects to a core router. The core router connects to a switch in vlan Y and that switch connects to some host in that vlan. We do not have any information about the addressing of vlan X. It would seem that the addressing for vlan Y is 1.2.3.x.

The question seems to focus on the arp table of the core router. The ping originates from CATA, which I assumed was SW1. But then the show arp is also done from CATA, which suggests that perhaps CATA is the core router rather than SW1. Perhaps we can get some clarification.

And I am a bit puzzled about this output

CATA#show ip arp 1.2.3.4
Protocol Address Age (min) Hardware Addr Type Interface
Internet 1.2.3.46 b422.003e.4bd2 ARPA VlanY

The request was for 1.2.3.4 but the output was for 1.2.3.46

But the essential part of the question was this:"after clearing the arp entry, starts at 0, then increments even though it is an active ping" This suggests that there would be an arp, which resets the counter, for every ping packet. That is not how it works. You send an arp when you are attempting to send a packet and you do not know the mac address of the next hop. Once you have sent a packet which generated an arp then all other packets of that ping do not need an arp. And it is appropriate for the timer to increment.

HTH

Rick

MHM Cisco World · ‎05-04-2022

disable arp proxy in router,
and config Default GW in each PC point to sub interface IP of Router.

markchristy · ‎05-04-2022

Hosts are configured correctly with the correct gateway and subnet mask. If that were off, you couldn't ping across vlanx to vlany. Not this.

MHM Cisco World · ‎05-04-2022

disable proxy ARP.

markchristy · ‎05-04-2022

I'm a little nervous to turn on debug arp, very busy production core for 111 switches. But, in researching similar problems I found that "mac-address-table synchronize" is not enabled. I don't know why, the previous network admin is long gone, I inherited this. What I see on another 6506 same IOS - is without synchronize on, the dual supervisors show different aging, where the active is 0, the standy is not. Hmmm... why would that be off, and could this cause that?