Solved: Re: arp on two devices

suthomas1 · ‎06-10-2018

Hello,

We have a 2801 cisco router & 3560 switch, whose configurations are given.
These form the connectivity for our site. Router does the connections with service provider

& has routing on it.
The switch is only configured with default gateway, but there are arp's seen in both.
I think arp should only be seen on the router & not on the switch.

Can someone please help on what is wrong here & how should it be done. I want to not

have arp's on both devices.

(please note, for brevity i have only shown part of arp outputs)
Thank you.

Router>>>>>>>

interface FastEthernet0/0
description To ISP
ip address 10.8.5.24 255.255.255.252
no ip unreachables

WAN-ROUTER#sh run int fa0/1
Building configuration...

Current configuration : 212 bytes
!
interface FastEthernet0/1
description LAN Access
no ip address
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
duplex auto
speed auto
snmp trap ip verify drop-rate
end

WAN-ROUTER#sh run int fa0/1.2
Building configuration...

Current configuration : 191 bytes
!
interface FastEthernet0/1.2
encapsulation dot1Q 2
ip address 10.58.0.1 255.255.255.0
ip helper-address 10.64.0.1

WAN-ROUTER#sh ip arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.8.5.23 22 xxxx ARPA FastEthernet0/0
Internet 10.8.5.24 - xxxx ARPA FastEthernet0/0
Internet 10.58.0.1 - xxxx ARPA FastEthernet0/1.2
Internet 10.58.0.1 98 xxxx ARPA FastEthernet0/1.2
Internet 10.58.0.1 60 xxxx ARPA FastEthernet0/1.2
Internet 10.58.0.11 0 xxxx ARPA FastEthernet0/1.2

++++++++++++++++++++++++++++++++++++++++++++

Switch >>>>>

LAN-SWITCH#sh run int vlan 2
Building configuration...

Current configuration : 194 bytes
!
interface Vlan2
description Users
ip address 10.58.0.2 255.255.255.0
ip helper-address 10.64.0.1
no ip route-cache
end

LAN-SWITCH#

LAN-SWITCH#sh run int fa0/48
Building configuration...

Current configuration : 149 bytes
!
interface FastEthernet0/48
description UPLINK to ROUTER
switchport trunk encapsulation dot1q
switchport mode trunk

LAN-SWITCH#sh run | i default
ip default-gateway 10.58.0.1

LAN-SWITCH#sh ip arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.58.0.1 96 xxxxx ARPA Vlan2
Internet 10.58.0.3 98 xxxx ARPA Vlan2
Internet 10.58.0.2 - xxxx ARPA Vlan2
Internet 10.58.0.11 xxxx ARPA Vlan2

Joseph W. Doherty · ‎06-14-2018

Both network devices might be saving ARP information seen on an interface, even though not explicitly requested by the network device. If so, this would be to avoid the network device from issuing its own ARP.

View solution in original post

Reza Sharifi · ‎06-10-2018

Hi,

This is fine. This arp table is for the management vlan (vlan 2) only since you have an SVI on the switch with IP address.

Internet 10.58.0.1 96 xxxxx ARPA Vlan2
Internet 10.58.0.3 98 xxxx ARPA Vlan2
Internet 10.58.0.2 - xxxx ARPA Vlan2
Internet 10.58.0.11 xxxx ARPA Vlan2

HTH

suthomas1 · ‎06-10-2018

Thanks for the reply.

Sorry, i had truncated the output.

Even on the switch , the other arp's are seen that relates to users on vlan2.

I am fine with only management vlan entries, but the other entries related to users should be all in

router.

Internet 10.58.0.62 91 xxxx ARPA Vlan2
Internet 10.58.0.57 104 xxxx ARPA Vlan2
Internet 10.58.0.59 18 xxxx ARPA Vlan2
Internet 10.58.0.58 3 xxxx ARPA Vlan2
Internet 10.58.0.52 3 xxxx ARPA Vlan2
Internet 10.58.0.55 3 xxxx ARPA Vlan2

same entries are seen on Router as well.

Appreciate all help.

suthomas1 · ‎06-14-2018

Can someone please help?

Joseph W. Doherty · ‎06-14-2018

Both network devices might be saving ARP information seen on an interface, even though not explicitly requested by the network device. If so, this would be to avoid the network device from issuing its own ARP.