Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
9298
Views
10
Helpful
4
Replies

ARP inspection

Amr Ibrahim Ali Henedi
Level 1
Level 1

‎10-13-2013 06:34 AM - edited ‎03-07-2019 04:00 PM

I need some help , i have ARP inspection applied on our switches, we applied the default limit rate 15 on all switches we have (Edge switches and server switch).

Some Edge port blocking and I did antivirus scan but I didn`t find any viruses.

Some servers ,routers and edges ports it’s always blocking.

when I tried to increase  the limit rate to 50 the also is blocking (on routers and servers), I increased again to 100 it’s not blocking

The question is how I can control and find any problem and what is the recommended limit rate for the servers PC`s and routers

and if there is a tool to check this

And kindly find the below simples log

%SW_DAI-4-PACKET_RATE_EXCEEDED: 20 packets received in 0 milliseconds on Fa1/0/3.
053421: Sep 29 20:52:11 EGY: %PM-4-ERR_DISABLE: arp-inspection error detected on Fa1/0/3, putting Fa1/0/3 in err-disable state
053422: Sep 29 20:52:12 EGY: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0/3, changed state to down

034155: Oct 12 15:16:37 EGY: %SW_DAI-4-PACKET_RATE_EXCEEDED: 49 packets received in 50 milliseconds on Fa0/30.

034156: Oct 12 15:16:37 EGY: %PM-4-ERR_DISABLE: arp-inspection error detected on Fa0/30, putting Fa0/30 in err-disable state

000124: Oct  5 23:33:17 EGY: %SW_DAI-4-PACKET_RATE_EXCEEDED: 53 packets received in 922 milliseconds on Gi0/37.

000125: Oct  5 23:33:17 EGY: %PM-4-ERR_DISABLE: arp-inspection error detected on Gi0/37, putting Gi0/37 in err-disable state

3 people had this problem
Labels:
0 Helpful
4 Replies 4

Iker Santamaria Molla
Level 1
Level 1

‎10-13-2013 11:00 AM

Hello,
I hope this post will be useful to resolve your problem:

https://learningnetwork.cisco.com/thread/26465

Best regards.

Sent from Cisco Technical Support iPad App

0 Helpful

Amr Ibrahim Ali Henedi
Level 1
Level 1
In response to Iker Santamaria Molla

‎10-20-2013 02:29 AM

thanks santamaria for you replay but this case not like my case

my case is the routers and servers is blocking randamly by it self

0 Helpful

Wilson Bonilla
Level 3
Level 3

‎10-13-2013 11:15 AM

Hello.

I have seen similar problem caused due to windows, windows has a feature called link-layer topology discover mapper/responder.

For some reason windows tries to poll information from the network, causing arp inspection to put the interface into-errdisable status.

One test I suggest is to take a sniffer capture in one of the interfaces having the problem, filter by "arp" and study the behavior, it will give a better look of what is going on.

Regards.

Wilson B.

Amr Ibrahim Ali Henedi
Level 1
Level 1
In response to Wilson Bonilla

‎10-20-2013 02:36 AM

Thanks wilson for you r replay

i`m checking now this service but the problem is happening randomly on the cisco routers and servers

is there is any tool explain this blocking

or there is recommended rate to avoid this blocking

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card