cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1172
Views
0
Helpful
6
Replies

ARP issue?

damige1985
Beginner
Beginner

Hello Gentlemen,

Our company is experiancing difficulties connecting a (Stretched Layer2) Dot1q trunk between DC and DR sites.

Our current setup (which works without problems) is a basic Dot1q trunk (on both sides) running a vlan allowed list and filtering BPDU.

Our future setup is running 2 links between both sites. The setup on both sides of link1 is as follows:

switchport trunk encapsulation dot1q

switchport mode trunk

bandwidth 400000

spanning-tree mst 0-3 cost 1000

spanning-tree mst 4 cost 1000000

Link 2:

switchport trunk encapsulation dot1q

switchport mode trunk

bandwidth 400000

spanning-tree mst 0-3 cost 1000000

spanning-tree mst 4 cost 1000

I can see spanning-tree MST work without issues, discarding ports where expected and forwarding on others. I have also checked the logging and there is currently no spanning-tree loop with this setup.

This is where the problem starts. A (what seems) random amount of hosts will be able to connect intra-vlan(so e.g vlan 5 to vlan 5) across this link but others are not able to communicate. When diagnosing this issue i see that when site2 sends out an arp, site 1 receives this and responds.(checked this by wiresharking the link on site 1) But somehow the address does not show up in the arp table on any device in site 2.

  • We have tried rebooting the site 2 switch (made no difference whatsever)
  • We have also tried "shut no shut" on the interface in site1. The effect of this was strange since; somehow the site 2 arp table got a different set of addresses running this time. And stopped responding to arps that had been working before the "shut no shut".
  • We have also tried filtering BPDU's ( so it becomes seperate MST domains )
  • Running it as a single link.
  • Moving the link to a different switch

All the same problems...

This problem even shows on a simpel L2 vlan, with no gateway. Site2 simply does not seem to be able to fill its arp tables regardless of the type of host used (switches, windows servers)

As soon as we switch back to the old link. everything works just fine.  All arps come trough without exceptions.

This to me sounds alot like a bug. Or maybe a provider issue ?

Switches are all 3750 stacked running 12.2(55)SE1, VTP pruning disabled, MST areas match on all switches.

Please let me know what you think

Best regards,

Paul

2 Accepted Solutions

Accepted Solutions

Hello Paul,

you should not use BDPU filtering even if using manually  configured trunks as MST BPDU are actually sent once with MST sections  inside IST instance 0 BPDUs.

Are the two  switch endpoints able to exchange MST BPDUs on the links?

I see the answer is positive. This is good news.

The STP BPDUs are an example of traffic with multicast  destination, if the issues is on the service provider side I would  expect issues also for STP BPDUs exchange.

I would ask the SP support for this issue, as it looks like intermittent connectivity over the service.

Hope to help

Giuseppe

View solution in original post

Hello Paul,

>>We have contacted the ISP and they informed us that they limit the links to 200mac-addresses.

This explains the intermittent behaviour.

The most viable option would be to ask them for an increase to 1,000 Mac addresses for an additonal (but reasonable) fee.

As an alternative you should deploy routers with L2TPv3 capability between the links, but be aware that performance would be limited by router's performances.

see

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gtl2tpv3.html

This would be a form of point to point L2 tunneling over an IP tunnel and would allow to overcome the MAC address limits.

L2TPv3 would require Vlan based sub interfaces and can be selective.

For full GE speeds a pair of ASR 1000 would be needed so it may be expensive.

Hope to help

Giuseppe

View solution in original post

6 Replies 6