06-19-2017 03:56 AM - last edited on 03-25-2019 04:44 PM by ciscomoderator
Hello!
I have a topology, in which Catalyst 2960L (IOS 15.2(5)E1) is connected to the Catalyst 4500-E (SupV-10GE IOS 15.0(2)SG11, WS-X4506-GB-T) using SFP ports and LACP configured on that link.
There're following cases:
- only DHCP Snooping is configured on the 2960L - network is operating ok;
- DHCP Snooping and DAI are configured on the 2960L - this makes neighboring SupV-10GE to have 100% CPU, caused by the process:
%CPU %CPU RunTimeMax Priority Average %CPU Total
Target Actual Target Actual Fg Bg 5Sec Min Hour CPU
K2L2 Address Table R 2.00 77.44 12 5 100 500 104 96 8 785:38
Does anyone have an idea what's going on?
06-22-2017 09:42 AM
Hello!
After doing some investigations with SPAN, I've figured out following: upon activating ARP Inspection, 2960L takes all the ARP Requests it received from the uplink port and replicates them back to that port for an unknown reason. Seems, that's done because this port is configured as "arp inspection trust" one.
Does anyone have an idea why the switch does this? I'm going to rise a TAC case on that.
03-09-2020 09:12 PM
you found the reason about that behaviour
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide