Hello,
I have a problem / issue that's currently blowing my mind and giving me a headache. We have a stack of 3750 switches with a pair of SonicWALL firewalls connected that run HA (Shared Virtual Address / implemenation of VRRP or similar)....
Now this created as mac address as follows : 0217.c516.cb20 (MS_NLB_PhysServer - according to Wireshark...)
The above is fine however, this interface X0 also has multiple VLAN subinterfaces which also use the same MAC Address so if I do a "show mac address-table" I get about 9 results for this MAC in varying VLAN's.
The issue I have is that a downstream 100Mb switch which has a trunk to the 3750's is having traffic issues, I setup a SPAN session with a source of the uplink and a destination port on the same switch.
90% of the traffic I captured had a source mac of the 3750 VLAN 1 SVI with a destination of the SonicWALL MAC, so it would seem all traffic that should be unicast from 3750 -> Soniwcall is being spat out / flooded across Vlan 1....
For reference 3750 has multiple VLAN's / inter-vlan routing / default route is via SonicWALL, SonicWALL X0 interface (not the subinterfaces) is in Vlan1 (I'm aware this is a poor design at the moment).
3750 will naturally provide proxy-arp responses to the SonicWALL for Subnets / hosts behind the 3750...
I'm utterly perplexed at this point and looking for some different directions to look for solutions.
Any help would be greatly appreciated.
Dunc.