Nexus 9504 - ARP Failure

David - Korea · ‎09-09-2021

I have a Nexus 9504 pair running at layer-2 only. it connects to a 6880 VSS core switch with a layer 2 port channel / VPC. it also connects to an endpoint device on an access port. this device has multiple IPs in the same subnet, ending in 192.168.1.190 ... 192.168.1.196. the 6880 VSS acts as the gateway for the subnet (192.168.1.1). Nexus is running version 7.0(3)7(10).

Our problem appears to be that ARP requests from the 6880 core switch timeout when traversing the Nexus to the access port. I can ping the gateway IP from the device sourced from different IPs, e.g. 192.168.1.190 … 192. Afterwards, I can ping the same IPs from the core switch. However, I cannot ping IPs 193 … 196 from the core switch. ARP table shows incomplete entries, and eventually time out. After I ping the GW sourced from 193, I can then ping 193 from the core switch. this is repeatable for the other IPs 194 .. 196, etc.

I'm stumped...

balaji.bandi · ‎09-10-2021

You mean only Layer 2 extended towards between nexus, just for testing, shutdown 1 of the link port-channel group, and test.

Example :

vPC port-channel has 2 links towards Cat 6K Port connected to Gi 1/1 and Gi 1/2

Test 1 Shutdown Gi 1/1 (make sure Gi 1/2 ) up and running do the test. (is that works or failed)

Test 2 no Shutdown Gi 1/1 wait for the Port-channel can see both the links up and running, shutdown Gi 1/2 (make sure gi 1/1 up and running) do the test. (is that works ?)

I have seen this issue - i have to replace card on Cat 6500 (its was long long ago)

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Georg Pauwen · ‎09-10-2021

Hello,

what exactly is the 'endpoint' device connected to the Nexus ?

David - Korea · ‎09-10-2021

Shut down 2 of 4 ports on 6880, leaving 2 ports on 6880 A connected to nexus A and B. No difference

David - Korea · ‎09-10-2021

End point happens to be a pc but seems not to be germane

David - Korea · ‎09-10-2021

Repeated experiment substituting 4510 for nexus. No arp issues experienced. Works as expected

David - Korea · ‎09-13-2021

original device connected to the access port was a Cisco FI 6454 management port. but replaced with PC to simplify testing

marce1000 · ‎09-10-2021

- FYI : https://bst.cloudapps.cisco.com/bugsearch/bug/CSCux04393

M.

-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !

David - Korea · ‎09-15-2021

i checked this reference. it mentions that it could be an arp table aging issue. i don't think this is the problem because the nexus has no IPs in the problem subnet, and therefore has no arp table entries.. ARP requests originate from the core switch, and should pass thru the nexus to the endpoint.

David - Korea · ‎09-15-2021

i have eliminated the 6880 switch from the problem. System consists of two Nexus, each with an IP address, and one endpoint device connected to Nexus-B access port with an IP in the same subnet. i can ping either Nexus from the other, but i cannot ping the endpoint device from Nexus A - that is until i first ping from Nexus B. After i ping from Nexus B, pings originating from Nexus A start to work.

David - Korea · ‎09-15-2021

i have eliminated the 6880 switch from the problem. System consists of two Nexus, each with an IP address, and one endpoint device connected to Nexus-B access port with an IP in the same subnet. i can ping either Nexus from the other, but i cannot ping the endpoint device from Nexus A - that is until i first ping from Nexus B. After i ping from Nexus B, pings originating from Nexus A start to work.