Static IP's sticking with MAC after they are replaced

AdamF1 · ‎02-06-2023

Issue- Devices that have a static IP address on Cisco 3850's running 3.6.8 or 16.12.7 that get replaced by a replacement device do not clear from the tables. A printer fails, and we replace with a new printer with the same IP, the new printer never comes up and is not pingable. We have to manually clear the arp entry and mac address from the switch every time. The mac address should be aging out after 300 seconds. Why are the switches still holding onto it? We don't have this issue on our nexus switches. We also run ISE 3.0 in monitor mode but I do not believe this to be the issue as we are not enforced.

Are we confusing the switch by swapping out the device in the 300 seconds and it's still trying to associate the ARP entry to the old MAC?

Do we need to wait for the default 4 hour arp timer to run its course?

Hopefully I'm missing something easy or misunderstanding some concept.

I have not run any debugs or wireshark captures as its an easy fix and we normally need to fix asap however its becoming more of an annoyance.

MHM Cisco World · ‎02-06-2023

if you run L2 security then this can lead to make SW not learn new MAC address
are you run
1- DHCP snooping
2- DAI
3- port-security
4- IP guard

AdamF1 · ‎02-07-2023

Yes we run DHCP snooping, port-security is not enabled as we use ISE, DAI no, ip guard no

MHM Cisco World · ‎02-07-2023

DHCP Snooping and you have static ip,
THEN check the DHCP binding table.
try remove static entry to dhcp snooping if there