Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1184
Views
0
Helpful
5
Replies

Can only ping device from local router

Steve Berglund
Level 1
Level 1

‎12-19-2013 05:15 AM - edited ‎03-07-2019 05:10 PM

Morning.

Pretty weird problem I'm working on. I did as much troubleshooting as I could think of on this, and it really doesn't make much sense.

There is a device at a remote location with an IP of 10.17.10.245, and another at the same location with an IP of 10.17.10.241.

The .241 is pingable from everywhere, including from my location over an MPLS.

The .245 is only pingable from that locations local router. None of the switches can ping this device.

The .245 device only shows up in the arp table on the router I can ping it from.

The .241 shows up on the router and the mac table on its switch.

The .245 device shows itself on the router arp table as a mac address with two different IP addresses, .245 and .242, off the same router sub-interface.

I'm at a loss on this one... Any ideas?

Thanks

Labels:
0 Helpful
5 Replies 5

daniel.dib
Level 7
Level 7

‎12-19-2013 05:55 AM

What OS is the host running? Do you see the two IPs on it? Any firewall on the host?

You don't see a MAC on the port in the switch? Please post config and output from the switch and router, relevant interfaces.

Daniel Dib
CCIE #37149

Daniel Dib
CCIE #37149
CCDE #20160011

Please rate helpful posts.
0 Helpful

Steve Berglund
Level 1
Level 1
In response to daniel.dib

‎12-19-2013 06:06 AM

It's running some flavor of Linux.

Only the .245 IP is configured on the system with a correct default gateway.

No firewall on the host that I'm aware of.

I looked through every switch MAC table at that location and could not find the MAC of the system.

From router:

interface GigabitEthernet0/1.10

encapsulation dot1Q 10

ip address 10.17.10.254 255.255.255.0

ip helper-address 10.17.240.3

From the switch it was verified plugged into:

interface FastEthernet0/8

switchport access vlan 2

switchport mode access

srr-queue bandwidth share 10 10 60 20

priority-queue out

mls qos trust device cisco-phone

mls qos trust cos

auto qos voip cisco-phone

spanning-tree portfast

service-policy input AutoQoS-Police-CiscoPhone

Router#ping 10.17.10.245

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.17.10.245, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

Router#ping 10.17.10.241

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.17.10.241, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

Router#ping 10.17.10.242

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.17.10.242, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

Switch#ping 10.17.10.241

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.17.10.241, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

Switch#ping 10.17.10.245

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.17.10.245, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

Switch#ping 10.17.10.242

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.17.10.242, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

Sh arp from router:

Internet  10.17.10.241           99   00e0.f41c.fce8  ARPA   GigabitEthernet0/1.10

Internet  10.17.10.242          177   00e0.f41d.4628  ARPA   GigabitEthernet0/1.10

Internet  10.17.10.245            2   00e0.f41d.4628  ARPA   GigabitEthernet0/1.10

0 Helpful

Steve Berglund
Level 1
Level 1
In response to Steve Berglund

‎12-19-2013 06:42 AM

Sorry, i read my email wrong.

The correct switchport that the system is plugged into is below. Different VLANs configured for this port.

interface FastEthernet0/15

switchport access vlan 10

switchport mode access

srr-queue bandwidth share 10 10 60 20

priority-queue out

mls qos trust device cisco-phone

mls qos trust cos

auto qos voip cisco-phone

spanning-tree portfast

service-policy input AutoQoS-Police-CiscoPhone

0 Helpful

Steve Berglund
Level 1
Level 1
In response to Steve Berglund

‎12-19-2013 12:10 PM

Since the MAC of the system isn't showing up on the switch MAC table, i put in a static MAC and that didn't work either.

0 Helpful

daniel.dib
Level 7
Level 7
In response to Steve Berglund

‎12-19-2013 09:28 PM

The router is connected to the switch? Can you provide a diagram? It's strange that the router would get a reply if it is going through the switch. If there is no MAC entry learned for the host that must mean that the traffic is flooded.

Show mac-address-table vlan 10

show span vlan 10

show span int f0/15 det

Can you provide the output from those.

Also try to debug arp on the switch and then do a ping to .245.

Daniel Dib
CCIE #37149

Daniel Dib
CCIE #37149
CCDE #20160011

Please rate helpful posts.
0 Helpful
Customers Also Viewed These Support Documents