cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
10324
Views
0
Helpful
11
Replies

First ping packet always drop from lan switch

mahesh18
Level 6
Level 6

Hi all,

I have LAN switch running HSRP   and it connected to WAN router directly.

Problem is whenever i ping any internet sites it shows first ping dropped.

3550SMIA#ping 4.2.2.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 44/48/52 ms
3550SMIA#ping 4.2.2.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 48/50/52 ms
3550SMIA#ping 4.2.2.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 48/51/60 ms

From Router i can ping internet sites fine without packet drop

2691Router#ping 4.2.2.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 48/52/60 ms
2691Router#ping 4.2.2.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/48/52 ms

Any help please why this is happening?

Thanks\

11 Replies 11

nkarpysh
Cisco Employee
Cisco Employee

Hello,

Do you ping between different VLANs? If yes then on router Valid test wound be to do following ping:

ping 4.2.2.2 source Interface X    - where X would be interface in same subnet as switch VLAN you pinging from.

Please also check if you have any port-security on the way and try to timely remove it.

Nik

HTH,
Niko

Hi,

It is a very common situation. If you think the ARP table is being flushed in your case then you may have an ARP cache overflow somewhere that might give the appearance of an ARP issue.


It is also worth considerig the MAC table limits within your Etherswitches, loading up lower level switches can invite unexpected disasters if traffic density is high.

Please rate the helpfull posts.
Regards,
Naidu.

Hi ,

Here is test from Router

2691Router#ping

Protocol [ip]:

Target IP address: 4.2.2.2

Repeat count [5]: 100

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]: y

Source address or interface: fastethernet0/1  Router interface connects to 3550 Switch

Type of service [0]:

Set DF bit in IP header? [no]:

Validate reply data? [no]:

Data pattern [0xABCD]:

Loose, Strict, Record, Timestamp, Verbose[none]:

Sweep range of sizes [n]:

Type escape sequence to abort.

Sending 100, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:

Packet sent with a source address of 192.168.5.3

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Success rate is 100 percent (100/100), round-trip min/avg/max = 40/48/68 ms

2691Router#sh int fa0/1

FastEthernet0/1 is up, line protocol is up

  Hardware is Gt96k FE, address is 000d.bd3f.6d21 (bia 000d.bd3f.6d21)

  Description: Lan Connection to 3550A Switch

Thanks

MAhesh

Talha Ansari
Level 1
Level 1

Hi,

I guess on your 3550 you must be using a static route with exit interface to reach out to internet. If yes then remove the existing static route with exit interface and configure the same with the next hop ip address.

If this is not the case then statically configure ARP entry in the 3550 switch for its gateway and also the static MAC address entry for the gateway router if the gateway router is connected on the L2 port of the 3550 switch... if the gateway router is connected on the L3 port of the 3550 switch then only configure the static ARP entry. Let us know if something improves.

Regards,

Talha

Hi Talha,

Configuring static route with next hope ip instead of thats interface... This will stop the broadcast, I dont think this is the solution what mahesh is facing.

I am sure it is a ARP issue, because I faced an issue like when i trace the destination the first hope is with 90 ms (even it is in same LAN, source device connected to the same switch which getting 90 ms at first hope).

The above issue is because of due to the time needed for Sending the ARP broadcast (Since it doesn't have the MAC of default gateway at the cache) and get the MAC and forward the packet


So, I belive the adding static ARP entry helps in this case.


Please rate the helpfull posts.
Regards,
Naidu.

Hi all,

I am running OSPF between Switch and router.

Here is sh ip route from switch

Gateway of last resort is 192.168.5.3 to network 0.0.0.0

C    192.168.30.0/24 is directly connected, Vlan30

     64.0.0.0/32 is subnetted, 1 subnets

O E2    64.59.135.150 [110/200] via 192.168.5.3, 10:04:12, FastEthernet0/11

C    192.168.10.0/24 is directly connected, Vlan10

C    192.168.40.0/24 is directly connected, Vlan40

C    192.168.20.0/24 is directly connected, Vlan20

     192.168.5.0/31 is subnetted, 1 subnets

C       192.168.5.2 is directly connected, FastEthernet0/11

     192.168.6.0/31 is subnetted, 1 subnets

O       192.168.6.2 [110/2] via 192.168.5.3, 10:04:12, FastEthernet0/11

     192.168.7.0/32 is subnetted, 1 subnets

C       192.168.7.2 is directly connected, Loopback0

O*E2 0.0.0.0/0 [110/1] via 192.168.5.3, 10:04:12, FastEthernet0/11 **************************

How can i add static arp entry?

Thanks for the help

Mahesh

Is it possible that this is an ICMP redirect issue?

Hi Rachid,

How can i check if it is ICMP redirect issue or not?

Thanks

Hi Mahesh,

Can you post "sh run" from both 3550A and B?

Reza

Hi Reza,

Issue was with IOS  verision on Router --c2691-adventerprisek9-mz.124-15.T14.

I removed this and another previous one.

now all is good

3550SMIA#ping 8.8.8.8

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 36/39/44 ms

Thanks everyone for help

Mahesh

Mahesh,

This is very strange. I am glad you fixed it, but I am not sure if this is permanent fix.  Ping is very basic function of the IOS and hard to believe it can be an IOS bug.  Keep an eye on it for a week or so and test again and see if it comes back.

Reza

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: