ARP broadcasts not reaching all VLAN ports on 3550

wes-nanoboy · ‎05-18-2013

Hello,

I have a weird problem and need your advice.

Cisco 3550, interface Vlan9

ip address 1.1.1.1 255.255.255.240 secondary

ip address 3.3.3.3 255.255.255.240

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

9 VLAN0009 active Fa0/1, Fa0/3, Fa0/5, Fa0/9

When I ping a (not set up) IP e.g. 1.1.1.100

I can see ARP requests coming to servers connected to 2 of the 4 ports

but no arp is coming to the other 2 machines (same hardware, same OS).

All 4 interfaces are configured identical way.

'debug arp' shows ARP is sent to vlan9:

switch 99: May 17 10:45:22.163 UTC: IP ARP: sent req src 1.1.1.1 0012.d95c.0532,

switch 100: dst 1.1.1.100 0000.0000.0000 Vlan9

I was expecting ARP broadcast to reach all ports of a VLAN - right?

What can be the cause?

Thank you in advance

antonio.guirado · ‎05-18-2013

Hello,

a VLAN is a broadcast domain. All ports in a vlan in forwarding state must forward the broadcast. Are you sure

that all ports are in STP forwarding state?.

Could send us the "show interfaces switchports" command output and "show spanning-tree vlan 9"

command?.

Regards

wes-nanoboy · ‎05-18-2013

Thank you for reply.

In the meantime I upgraded IOS to 12.2(44)SE6 and changed the vlan from 9 to 5. But the behaior did not change. Output for the vlan 5 ports:

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

5 VLAN0005 active Fa0,1, Fa0/3, Fa0/5, Fa0/9, Fa0/11

* I can see arp packets coming to devices connected to ports Fa0/3 and Fa0/11

* no ARP requests comes to Fa0/5, Fa0/9

* Device connected to Fa0/1 is offline

#show spanning-tree vlan 5

VLAN0005

Spanning tree enabled protocol ieee

Root ID Priority 32773

Address 0012.d96b.0680

This bridge is the root

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32773 (priority 32768 sys-id-ext 5)

Address 0012.d96b.0680

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 300

Interface Role Sts Cost Prio.Nbr Type

------------------- ---- --- --------- -------- --------------------------------

Fa0/1 Desg FWD 100 128.1 P2p Edge

Fa0/3 Desg FWD 19 128.3 P2p Edge

Fa0/5 Desg FWD 19 128.5 P2p Edge

Fa0/9 Desg FWD 19 128.9 P2p Edge

Fa0/11 Desg FWD 19 128.11 P2p Edge

#show interfaces switchport

Name: Fa0/3

Switchport: Enabled

Administrative Mode: static access

Operational Mode: static access

Administrative Trunking Encapsulation: negotiate

Operational Trunking Encapsulation: native

Negotiation of Trunking: Off

Access Mode VLAN: 5 (VLAN0005)

Trunking Native Mode VLAN: 1 (default)

Administrative Native VLAN tagging: enabled

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk Native VLAN tagging: enabled

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk associations: none

Administrative private-vlan trunk mappings: none

Operational private-vlan: none

Trunking VLANs Enabled: ALL

Pruning VLANs Enabled: 2-1001

Capture Mode Disabled

Capture VLANs Allowed: ALL

Protected: false

Unknown unicast blocked: disabled

Unknown multicast blocked: disabled

Appliance trust: none

Name: Fa0/5

Switchport: Enabled

Administrative Mode: static access

Operational Mode: static access

Administrative Trunking Encapsulation: negotiate

Operational Trunking Encapsulation: native

Negotiation of Trunking: Off

Access Mode VLAN: 5 (VLAN0005)

Trunking Native Mode VLAN: 1 (default)

Administrative Native VLAN tagging: enabled

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk Native VLAN tagging: enabled

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk associations: none

Administrative private-vlan trunk mappings: none

Operational private-vlan: none

Trunking VLANs Enabled: ALL

Pruning VLANs Enabled: 2-1001

Capture Mode Disabled

Capture VLANs Allowed: ALL

Protected: false

Unknown unicast blocked: disabled

Unknown multicast blocked: disabled

Appliance trust: none

Name: Fa0/9

Switchport: Enabled

Administrative Mode: static access

Operational Mode: static access

Administrative Trunking Encapsulation: negotiate

Operational Trunking Encapsulation: native

Negotiation of Trunking: Off

Access Mode VLAN: 5 (VLAN0005)

Trunking Native Mode VLAN: 1 (default)

Administrative Native VLAN tagging: enabled

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk Native VLAN tagging: enabled

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk associations: none

Administrative private-vlan trunk mappings: none

Operational private-vlan: none

Trunking VLANs Enabled: ALL

Pruning VLANs Enabled: 2-1001

Capture Mode Disabled

Capture VLANs Allowed: ALL

Protected: false

Unknown unicast blocked: disabled

Unknown multicast blocked: disabled

Appliance trust: none

Name: Fa0/11

Switchport: Enabled

Administrative Mode: static access

Operational Mode: static access

Administrative Trunking Encapsulation: negotiate

Operational Trunking Encapsulation: native

Negotiation of Trunking: Off

Access Mode VLAN: 5 (VLAN0005)

Trunking Native Mode VLAN: 1 (default)

Administrative Native VLAN tagging: enabled

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk Native VLAN tagging: enabled

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk associations: none

Administrative private-vlan trunk mappings: none

Operational private-vlan: none

Trunking VLANs Enabled: ALL

Pruning VLANs Enabled: 2-1001

Capture Mode Disabled

Capture VLANs Allowed: ALL

Protected: false

Unknown unicast blocked: disabled

Unknown multicast blocked: disabled

Appliance trust: none

antonio.guirado · ‎05-18-2013

Hello again,

all seems right. Can you ping from/to hosts that are in ports where arp are supposed not to be forwarded?.

Is it only that you do not see the broadcast in this ports? or is there a real connectivity problem?.

Regards.

paul driver · ‎05-18-2013

hello

ping the broadcast address of the vlan -tjen those that are active.will reply

ping x.x.x.255

res
paul

Sent from Cisco Technical Support Android App

Sent from Cisco Technical Support Android App

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

wes-nanoboy · ‎05-18-2013

Uff, I found it. It was related to IPMI. IPMI interface was set to 'Dedicated'.
When I switched it to 'Failover' (default setting) ARP requests reapperaed.
So looks like IPMI was taking over ARP requests and thus tshark/kernel not getting its payload.

A bit weird because the properly working hosts still have 'dedicated' set as IPMI NIC.

Maybe it will help someone.
Thank you all who tried to help