10-07-2015 01:46 AM - edited 03-08-2019 02:06 AM
I found one below warning message on syslog in out network:
"10-07-2015 08:09:38 Local7. Warning 10.20.10.28 Oct 7 2015 18:02:09 SECURITY-GF-SW ARP/4/ARP_IPCONFLICT_TRAP:OID 1.3.6.1.4.1.2011.5.25.123.2.6 ARP detects IP conflict. (IP address=10.20.10.28, Local interface=Vlanif10, Local MAC=e097-96c1-f3fb, Local vlan=0, Local CE vlan=0, Receive interface=Eth-Trunk1, Receive MAC=e097-96ba-f861, Receive vlan=10, Receive CE vlan=0, IP conflict type=Local IP conflict)"
IP Address: 10.20.10.28 (Security switch Vlan 10 IP address)
While when i try to ping 10.20.10.28 from my computer, it gives me several packets loss after few replies, what shall i do to resolve this issue of ip conflict.
10-07-2015 01:58 AM
Hey you have duplicate ip addresses set you need to trace both macs at layer 2 in that alert and see what ports they belong too as they both have same ip address change 1 of them
how you do this is trace the mac , follow it through the port its learnt to the next switch by cdp neighbour , so below I see mac learnt from po122 so do a sh cdp neigh for the po jump to the next switch and then run the show mac address again and it will tell you whether it belongs on that switch or if its learnt through another switch again , you just follow that process and eventually depending on how big your layer 2 network is it will bring you to the port that the mac resides on, check the ip of that device
CORE#sh mac address-table address d4be.d907.4424
Legend: * - primary entry
age - seconds since last seen
n/a - not available
S - secure entry
R - router's gateway mac address entry
D - Duplicate mac address entry
Displaying entries from standby supervisor:
vlan mac address type learn age ports
----+----+---------------+-------+-----+----------+-----------------------------
* 160 d4be.d907.4424 dynamic Yes 0 Po122
Displaying entries from active supervisor:
vlan mac address type learn age ports
----+----+---------------+-------+-----+----------+-----------------------------
* 160 d4be.d907.4424 dynamic Yes 0 Po122
10-07-2015 02:20 AM
@Mark Malone
I did that practice by going to each switch and execute show mac address command, but in all the switches it shows me that both these mac addresses are learned from Eth-Trunk. suggest plz
10-07-2015 02:40 AM
sorry what do you mean its learned from Eth trunk , if its learned through a trunk you need to go to the next switch that the trunk is connected too in cdp and run the command again, that's the only way to trace a layer 2 conflict with ip address the macs have to belong to some interface debvice at layer 2
if you run a show ip arp on your layer 3 device it will probably show up with the same ip entry twice but 2 different macs
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide