Duplicate IP-Adress fromm source sup-eth1?

dvag-nsafe · ‎04-06-2016

Hello!

I recently found that HSRP is switching back and forth between our two core Nexus 7k Siwtches. We just upgraded to NX-OS 6.2(14).

When checking the log messages, i saw

%ARP-3-DUP_VADDR_SRC_IP: arp [5368] Source address of packet received from 0000.0c07.ac01 on VlanXXX(port-channelXXX) is duplicate of local virtual ip, 10.X.X.X

and after that, the HSRP Change for the same VLAN. It happens to almost all VLAN's.

The source of the MAC Address is the Interface sup-eth1:

G XXX 0000.0c07.ac01 static - F F sup-eth1(R)

Which interface is that? Is it one of the Ethernetports on the SUP? Does it come from the same switch but different SUP, or from the other switch of the core?

The HSRP confirguration looks simple and is the same as on all our other Switches.

Thanks for any help!

Christian

Carlos Villagran · ‎04-06-2016

Hi!

The MAC address 0000.0c07.ac01 is a virtual address , it belongs to the HSRP active router. Normally, this log message appears when there are two virtual routers (HSRP peers) in the same subnet and with the same virtual IP address BUT in a different HSRP group.

You should see your configured HSRP Nexus as both in active state in the show standby brief.

Can you check if this is correct?

Hope this helps, best regards!

JC

dvag-nsafe · ‎04-07-2016

Hi JC,

no, this is not the case here. All HSRP-groups have one active and one standby Member.

I see HSRP switchovers happening on all VLAN-Interfaces btw. And it's going on all the time. How can there be a duplicate IP on the other Switch? The virtual IP is configured on both of them, sure, but none of the groups have two active members...

Paul Chapman · ‎04-07-2016

Hi -

I've seen this error before when the interface address = VIP address.

interface vlan1
 ip address 10.0.0.1/24
 hsrp
  ip 10.0.0.1

PSC

dvag-nsafe · ‎04-12-2016

Nope, that ain't the case either... just checked the config.

pwwiddicombe · ‎04-12-2016

Are the HSRP members all on directly connected peers (i.e. no intermediate switches) or is there any possibility there has been a momentary link loss between the members? If something happens and they don't see each other, they will each become active; then report duplicate when they can see each other again.

Paul Chapman · ‎04-12-2016

Hi -

Are you running HSRP version 1 on one side and version 2 on the other? This would cause this type of conflict, since both the HSRP MAC and multicast group change between versions.

PSC

LukesWANadventure · ‎12-12-2018

Just to clarify, this config was checked on both switches?

Agreed with reply I have seen when config mirrrors the example given.

Nuno Marques · ‎04-21-2016

.

alainbileg · ‎12-11-2018

I had the same issue and it was cause by a loop

I configured mac address-table notification mac-move and I enable the logging as follow:

logging level spanning-tree 6

logging level fwm 6 (may not work on all platforms)

logging monitor 6

and from the log:

Dec 11 19:37:11 <IP hidden> : 2018 Dec 11 19:37:29 EST: %L2FM-3-L2FM_MAC_FLAP_DISABLE_LEARN: Disabling learning in vlan 60 for 120s due to too many mac moves
Dec 11 19:37:11 <IP hidden> : 2018 Dec 11 19:37:29 EST: %L2FM-4-L2FM_MAC_MOVE2: Mac <hidden> in vlan 60 has moved between Po22 to Po23

But note that troubleshooting HSRP bounce took me too much time while it was a loop created by an user who bridge the network with a type of hub - those Cisco messages are not intuitive...