Buy or Renew
Buy or Renew
Cisco + Splunk: Itā€™s a new day for your data. Learn more.
Ā 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
350
Views
0
Helpful
0
Replies

Dual wired and wireless connection with DAI

dmcgrath.ca
Level 1
Level 1

ā€Ž02-10-2021 09:32 AM

Hi,

I have a set of wired and wireless (WLC) networks in the same VLAN and noticed that some traffic is tripping up the %SW_DAI-4-DHCP_SNOOPING_DENY.

I did some digging, and it appears that clients that are connected to both wired and wireless networks, upon having their wired interface bounce, start to ARP out to an IP with their Wired MAC but their Wireless IP, which trips up the DAI:

%SW_DAI-4-DHCP_SNOOPING_DENY: 1 Invalid ARPs (Req) on Gi1/0/1, vlan 100.([aaaa.aaaa.aaaa/10.123.45.67/0000.0000.0000/10.123.45.68/00:00:00 UTC Wed Feb 1 2021])

Where aaaa.aaaa.aaaa is the clients wired MAC but the IP they are using was from the WiFi. There appear to also be times where the client uses their WiFi MAC and IP out their wired interface, iirc.

Some tests with the WiFi interface disabled shows no more DAI logs, but I was curious if there is a way (without arp trusting the entire network) to deal with or allow this type of scenario without having to reconfigure the clients to only use one interface?

Any tips would be much appreciated! Thanks!

Labels:
0 Helpful
0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card