Solved: Re: Strange arp issue

jamesn2898 · ‎04-24-2007

I've got what appears to be an arp problem on a Cisco 2620, IOS 12.2(15)T5 on our network. It is plugged into a Catalyst 2924XL that is setup for 2 VLANs, with another router that is being used for Nat translation and bandwidth control based off of MAC (a Mikrotik, if it means anything). The Mikrotik router has 2 ethernet ports that are plugged into the Catalyst (one on each VLAN), and its default route is to the Cisco. The basic setup is as follows:

Cisco 2620--------S VLAN1

Mikrotik--------------W

..........................I

Mikrotik--------------T VLAN2

Wireless AP-------C

..........................H

The Cisco router has an IP of x.x.x.249/29, the Mikrotik's outside address is .250/29, and the Catalyst is .252/29. Now this all worked when initially setup, the routing functioned as expected, but after a few hours, the Cisco router could not ping the Mikrotik or the Catalyst IPs, and 'sh arp' showed Incomplete for these addresses. After a 'clear arp', I could ping the .250, but not .252. I then did a 'wr mem' and 'reload', which then lost the ability to ping either device. If I did a broadcast ping (.255), I got a reply from both .250 & .252, but no entries in the arp table. However, I was able to do a static arp entry for both devices and could pass traffic to them again, but as soon as I remove the static entry, I'm back where I started (can't ping either device). Google searches show a few similar problems, and it seems that in their cases, changing the arp timeout to 5 minutes from 4 hours cleared their problems, but the cause of the problem was never discovered.

Any ideas? Thanks in advance,

::James

sundar.palaniappan · ‎04-24-2007

Why do you have the command 'no arp arpa' configured on f0/0 in the router. Can you remove this command and try?

HTH

Sundar

View solution in original post

sundar.palaniappan · ‎04-24-2007

Can you post the configuration of the Cisco router and switch?

jamesn2898 · ‎04-24-2007

*Sanitized for IPs & passwords*

sundar.palaniappan · ‎04-24-2007

Why do you have the command 'no arp arpa' configured on f0/0 in the router. Can you remove this command and try?

HTH

Sundar

jamesn2898 · ‎04-25-2007

I honestly don't know where this command came from. I don't remember entering it myself, but I might have when I was adjusting arp timeouts for some reason. I've removed it ('arp arpa' on the conf-if#). It seems to be working now (arp table is still full after removing the static arps), but I'll keep a close eye (and monitoring program) on it to see if this clears it up.

Thanks Sundar, it's always good to have another pair of eyes.

sundar.palaniappan · ‎04-25-2007

That's good :)

Glad to be of help!!

Technically that command would have disabled dynamic ARP and I am sure that's not what you wanted.

HTH

Sundar

jamesn2898 · ‎04-25-2007

Now I'm really confused. I dug up my oldest config from this router (we took over control of this network a few months back, so it was already in place), and this 'no arp arpa' was in that as well. This hasn't been a problem until recently, though. Regardless, this looks to have cleared up our problems.

Thanks again.

::James