Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
9245
Views
0
Helpful
10
Replies

ip address conflict

elnurh
Level 1
Level 1

‎02-08-2012 11:32 AM - edited ‎03-07-2019 04:49 AM

Hy  every cisco guru.  I have some issue with network. I have switch 2960 and router that connect with one interface to that switch. the link is trunk and Router function is inter vlan routing between 4 vlan. This netwrok has only one ip address space that is 10.10.2.0/24 and work without problem. We connect  cisco switch 2960 with optic link to another switch that in stack 3750 which configured as trunk link and allowed only 3 vlan between them. In the other side netwrok which consist the switch 3750 we have different subnet ip address that switch working in layer 3 too. the problem is that when I permit vlan 210 in the switch 2960 only layer 2 between this switch and the 3750 in network that consist th ip address 10.10.2.0/24 devices, if I disconnect and then connect pc to network he says that he has ip conflict and in the log  he show mac address of router that has vlan 210 subinterface configured with 10.10.2./24 subnet. But how I gibe back vlan 210 from permited  vlan in trunk  devices start normaly working. If I again put vlan 210 to permit vlan in that trunk  devices again said that there are conflict  ip address and show mac address vlan 210 router subinterface.

Please help to resolve this issue because I can not start migration from old netwrok to new If I not solved this issue.

Everybody who will chema.jpggive here his Idea thanks before

Labels:
0 Helpful
10 Replies 10

ebarticel
Level 4
Level 4

‎02-08-2012 12:52 PM

I think Cisco recommends that you have one subnet for each vlan in your network. To solve the problem just create a subnet for each vlan and configure it.

Hope this helps

Eugen

0 Helpful

elnurh
Level 1
Level 1
In response to ebarticel

‎02-08-2012 11:35 PM

How  you think we can use one subnet in all vlan interface is not possible.  I am not write myself another vlan interface ip address sure all ip different but i need help  for resolve problem  which I cannot understand because no eerror or any logs in the switch and router but in the pc itself the log shown the ip conflict after that I add 210 vlan to allowed trunk and if i return back remove vlan from trunk every thing works again without any ip conflict

0 Helpful

flokki123
Level 3
Level 3
In response to elnurh

‎02-09-2012 12:13 AM

hi,

first i have to say i dont understand all of your description.

do you use only one /24 subnet for 4 vlans?

if so, change that. like eugen mentioned above its recommended that each vlan is a own subnet and iam actually more then surprised that this setup works. how does the router routes between 4 vlans, if all have the same subnet?

and why is the 3750 doing routing as well, if the 2811 routes already between the vlans?

let the switch or the router do the routing but not both.

create the vlans on the stack and on the 2960, give each vlan a own subnet and configure either the router or the stack to do the routing. the trunk links are good.

if the router is acutally only doing the inter-vlan routing, you dont need it, just configure the stack as the routing device.

i think your ip conflict might be related to the use of 1 subnet in multiple vlans.

florian

0 Helpful

Vivek Ganapathi
Level 4
Level 4

‎02-09-2012 12:04 AM

Hello,

If i understand your issue , below are the things (do let me know if i have an understanding gap)

1) You use a router-on-a-stick architecture (i.e inter-vlan routing on your router).

2) You have a new switch (3750) connected to your existing 2960 via trunk.

3) You have the default gateway for your network 10.10.2.0/24 on the router & not on 3750.

4) You are allowing across the specific vlan (VLAN ID 210) to your new switch (3750) & you get IP conflict error.

If my understanding is correct, you shouldn't have any issues. IP conflicts would be occuring because the IP address could have been in use somewhere else. May be on a device connected to a 2960 switch ?

Drain down to the root of the issue by checking the ARP table on the router for the IP & matching down to the MAC-address on your 2960 & 3750. Hope you are not assigning the router's sub-interface IP to the PC

if possible please post the configs of your router, trunk interface of Cisco 2960 to Cisco 3750 & PC IP address your are configuring + logs of cisco 3750 (the error message you getting basically)

Hope this helps

Vivek.

0 Helpful

elnurh
Level 1
Level 1
In response to Vivek Ganapathi

‎02-09-2012 02:19 AM

Vivek  Ganapathi  You are quet right.

Router config

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

!

hostname TR

ip cef

!

interface Loopback10

ip address 2.2.2.2 255.255.255.255

!

interface FastEthernet0/0

no ip address

duplex auto

speed auto

!

interface FastEthernet0/0.30

encapsulation dot1Q 30

ip address 10.255.20.1 255.255.255.0

!

interface FastEthernet0/0.210

encapsulation dot1Q 210

ip address 10.10.2.1 255.255.255.0

ip helper-address 10.255.20.91

ip helper-address 10.255.20.6

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat inside

ip virtual-reassembly

!

interface FastEthernet0/0.200

  encapsulation dot1Q 200

ip address 172.18.42.254 255.255.255.0

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat outside

ip virtual-reassembly

!

interface FastEthernet0/0.50

description Temp LiNk From OlD nEtWoRk To NeW NeTwOrk

encapsulation dot1Q 50

ip address 172.19.91.253 255.255.255.252

ip nat inside

ip virtual-reassembly max-reassemblies 512

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

router eigrp 50

passive-interface default

no passive-interface FastEthernet0/0.50

network 10.10.2.0 0.0.0.255

network 10.255.20.0 0.0.0.255

network 172.19.91.252 0.0.0.3

auto-summary

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 10.10.2.2

ip route 10.1.3.0 255.255.255.0 10.10.2.7

ip route 10.1.28.0 255.255.255.0 10.10.2.7

ip route 10.1.31.0 255.255.255.0 10.10.2.7

ip route 10.1.33.0 255.255.255.0 10.10.2.7

ip route 10.10.3.0 255.255.255.0 10.10.2.7

ip route 10.10.6.0 255.255.255.0 10.10.2.7

ip route 10.10.10.0 255.255.255.0 10.10.2.7

ip route 10.10.16.0 255.255.255.0 10.10.2.7

ip route 10.10.19.0 255.255.255.0 10.10.2.19

ip route 10.10.22.0 255.255.255.0 10.255.20.100

ip route 10.11.4.0 255.255.255.0 10.10.2.7

ip route 169.254.244.0 255.255.255.0 10.10.2.4

ip route 172.16.16.0 255.255.255.0 10.10.2.7

ip route 172.16.77.0 255.255.255.0 10.10.2.7

ip route 172.16.77.17 255.255.255.255 10.10.2.7

ip route 172.18.254.0 255.255.255.0 172.18.42.1

ip route 192.168.0.0 255.255.0.0 10.10.2.7

ip route 192.168.0.220 255.255.255.255 10.10.2.7

!

ip nat inside source list asb_lan_nat_mb interface FastEthernet0/0.200 overload

!

ip access-list extended asb_lan_nat_mb

permit ip 10.10.2.0 0.0.0.255 172.18.254.0 0.0.0.255

permit ip 10.125.1.0 0.0.0.255 172.18.254.0 0.0.0.255

!

end

switch 2960 config

interface GigabitEthernet0/1

description Link to  3750 switch

switchport trunk allowed vlan 30,50,200

switchport mode trunk

ip address of  pc it's any PC  in this  range 10.10.2.0/24 Who put off and put on network cable to his pc after that he received message that hi has ip conflict  and I show that it's router vlan 210 interface mac address.

I removed vlan 210 from trunk allowed vlan because if add him there i see ip conflict again

0 Helpful

Vivek Ganapathi
Level 4
Level 4
In response to elnurh

‎02-09-2012 03:10 AM

Pure subnetting Issue. Based on the routing, i can assure you have messed up the setup.

If you had only one /24 allocated to you. Then you should have subnetted that /24 into two number of /25 which gives you 126 hosts per subnet or a /26 would have helped you.

10.10.2.0/25 = 10.10.2.1 to 10.10.2.126 (host range) --> Use this as the IP address for your subinterface of VLAN 210.

10.10.2.128/25 = 10.10.2.129 to 10.10.2.254 (host range) --> Use this whereever else you want.

OR

10.10.2.0/26 = 10.10.2.1 to 10.10.2.62

10.10.2.64/26 = 10.10.2.65 to 10.10.2.126

10.10.2.128/26 = 10.10.2.129 to 10.10.2.190

10.10.2.192/26 = 10.10.2.193 to 10.10.2.254

You need to replan your IP addressing / subnetting. You cannot use a /24 pool assigned to you at multiple places. You have to subnet it

Thanks

Vivek

0 Helpful

ebarticel
Level 4
Level 4
In response to elnurh

‎02-09-2012 03:55 AM

I also want to add to Vivek suggestion that you should check the DHCP server first. On your Fa0/0.210 you have configured 2 ip helper-addresses which I guess points to different DHCP servers. Why do you have 2 DHCP servers in a network that small? I think the conflict is from those ip helper-address configuration. When you enable vlan 210 on the trunk, the PCs are going to DHCP to get addresses. If DHCP are configured with same pool of addresses, or the pools overlap you get IP address conflicts.

Eugen

0 Helpful

elnurh
Level 1
Level 1
In response to ebarticel

‎02-09-2012 06:19 AM

The problem is that I don't use ip address space from vlan 210 in another place I need temproraly  to pass this vlan to another switch 3750 only layer 2 pass vlan 210 and thats all

why I add vlan 210 to allowed trunk in this vlan begin ip address conflict after that some pc user  restart his pc. In anotherr side I no vlan interface or ip address with this ip space. And that why I need exactly know why  begin ip conflict I need migration user from on netwrok to another and I need to pass this vlan to the switch 3750 in layer 2

0 Helpful

Vivek Ganapathi
Level 4
Level 4
In response to elnurh

‎02-09-2012 06:28 AM

If that's the case. Why do you have the below routes?

ip route 0.0.0.0 0.0.0.0 10.10.2.2

ip route 10.1.3.0 255.255.255.0 10.10.2.7

ip route 10.1.28.0 255.255.255.0 10.10.2.7

ip route 10.1.31.0 255.255.255.0 10.10.2.7

ip route 10.1.33.0 255.255.255.0 10.10.2.7

ip route 10.10.3.0 255.255.255.0 10.10.2.7

ip route 10.10.6.0 255.255.255.0 10.10.2.7

ip route 10.10.10.0 255.255.255.0 10.10.2.7

ip route 10.10.16.0 255.255.255.0 10.10.2.7

ip route 10.10.19.0 255.255.255.0 10.10.2.19

This clearly states that there an another 10.10.2.x network !!! Don't know how it's working.

Anyways, one more major thing to check. On your DHCP server, you need to make sure you have excluded your default gateway IP for VLAN 210 from the DHCP scope. Without that, DHCP server may go & lease out the IP of VLAN 210 to a laptop / PC. Do check this as well.

Thanks

Vivek

0 Helpful

ebarticel
Level 4
Level 4
In response to elnurh

‎02-09-2012 02:22 PM

Did you check the PC of that user? Is he got a static ip configuration or is DHCP?

One solution is to remove these:

ip helper-address 10.255.20.91

ip helper-address 10.255.20.6 from Fa0/0.210 subinterface.

Then create a dhcp pool on the router for that subnet. As you mention you don't used that subnet anywhere else.

ip dhcp pool VLAN210

network 10.10.2.0 255.255.255.0

domain-name abcdef

default-router 10.10.2.1

dns-server x.x.x.x (ip of DNS server that is configured).

After this make sure that the user PC is plugged in to a port on the switch that is in VLAN 210 and is configured for DHCP.

Eugen

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card