Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2361
Views
5
Helpful
2
Replies

ARP table not updated using a Cisco SG300

Go to solution
oliver ab
Level 1
Level 1

‎04-19-2017 03:33 PM - edited ‎03-08-2019 10:15 AM

Hi,

I recently got a managed switch Cisco SG300. I want to list IP and MAC addresses of every devices connected to the switch.

So i enabled SNMP / ssh / telnet. These are the only configuration i changed from the factory reset.

For now, i just have my PC, a test  device and the company network connected to the switch ( for DHCP).

PC and test device have a DHCP client. 

I can ping the test device from my PC and ping my PC from the test device. The test device currently has a monitor / keyboard, so i can get the IP address, but the purpose is to remove them.

What i can see is the ARP table is not updated correctly : i don t see the test device info either from SNMP ( ipNetToMediaNetAddress or  dot1dTpPortTable) nor using "show arp" command.

I found that if i ping the test device directly from the switch (via CLI or web interface), then the ARP table is correctly updated and i can read my test device info.

Any idea why the ping between connected devices does not update the ARP table ?

Also i d like to avoid pinging all IP in the subnet. I thought that as the test device is sending a DHCP request, the ARP table should contain it , at least 300 seconds after its boot up.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
devils_advocate
Level 7
Level 7

‎04-20-2017 01:29 AM

Ok so I could be wrong here but I think its because you are sending out an ARP from your PC directly to another host on the network.

The ARP cache on the switch is needed when the switch itself needs to reach a host but as you are trying to contact hosts on your own local subnet, you will find that the ARP cache on your PC contains the MAC to IP info.

Assuming you are using a windows pc, use a command prompt and try 'arp -a' 

If your SG300 was setup in Layer 3 mode and you were doing a ping from one Subnet to another, you would see entries in the ARP cache on the switch as it needs to know how to reach connected hosts. When you ping from one subnet to another, you obviously don't ARP for the destination as its not on your subnet so instead you ARP for your default gateway.

The L3 router or switch will then ARP for the destination (assuming it is connected directly to that subnet) and store the IP to MAC details to prevent it needing to ARP each time.

Essentially the reason the switch does not have the ARP info in its cache is because it doesn't need it, you are sending packets at Layer 2 from host to host so the L2 switch has no need to ARP at all because your PC sends out the ARP and builds its own Layer 2 cache.

Thanks

View solution in original post

2 Replies 2

Go to solution
devils_advocate
Level 7
Level 7

‎04-20-2017 01:29 AM

Ok so I could be wrong here but I think its because you are sending out an ARP from your PC directly to another host on the network.

The ARP cache on the switch is needed when the switch itself needs to reach a host but as you are trying to contact hosts on your own local subnet, you will find that the ARP cache on your PC contains the MAC to IP info.

Assuming you are using a windows pc, use a command prompt and try 'arp -a' 

If your SG300 was setup in Layer 3 mode and you were doing a ping from one Subnet to another, you would see entries in the ARP cache on the switch as it needs to know how to reach connected hosts. When you ping from one subnet to another, you obviously don't ARP for the destination as its not on your subnet so instead you ARP for your default gateway.

The L3 router or switch will then ARP for the destination (assuming it is connected directly to that subnet) and store the IP to MAC details to prevent it needing to ARP each time.

Essentially the reason the switch does not have the ARP info in its cache is because it doesn't need it, you are sending packets at Layer 2 from host to host so the L2 switch has no need to ARP at all because your PC sends out the ARP and builds its own Layer 2 cache.

Thanks

Go to solution
oliver ab
Level 1
Level 1
In response to devils_advocate

‎04-20-2017 12:10 PM

Hi,

Thanks for your answer.

I thought the switch had to update its ARP table even if the network endpoints were on the same subnet. So my assumption to use ARP table to get devices IP/MAC was wrong.

I found another way to do it : DHCP snooping.

0 Helpful
Customers Also Viewed These Support Documents