The hosts are on the same switch,other host can connect to the server.

Traffic destined to 10.20.28.X should have the mac address of 10.20.28.X, this issue could be caused by a possible corruption of the arp packets being distributed along the network.

Please what could possibly be why the ip phone is mapping to its vlan gateway and not the destination server.hence traffic within the same subnet is blocked by the ACL.

please be aware that we have a GPON platform at the GPON core, and then the device that the phone connects to is a Zhone 2804GPON ONT.our phone is on vlan 24.The ACL is blocking traffic within the same subnet.


When this issue happens, those phones are sending traffic to the destination mac of their gateway regardless of the destination ip. We took several captures and confirmed this. We also took more captures and confirmed that the gateway is not sending arp replies with incorrect data to the phone.

We disabled proxy arp on the switch which would cause this behavior and the issue persisted.

Hello

not sure this would be correct as you host/server are on the same switch not even hitting any other device 

Have you check that specific hosts addressing - you sure it doesn't have any other network interface or connection active - cellular- wifi etc..?

---

@Temitopeogunwola wrote:
Traffic destined to 10.20.28.X should have the mac address of 10.20.28.X, this issue could be caused by a possible corruption of the arp packets being distributed along the network

 

Hello,

Thank you for your response.
The destination is not on the same switch the destination is a linux server(10.20.28.x)

I noticed that when we removed/reconfigured the ACL on SVI vlan24 the server 10.20.28.1 send an arp reply to 10.20.29.233 and the host replies, this would effectively update the arp mapping on both devices for each other.

During the time of the issue,

+++ host 10.20.29.233 never sends an arp request to 10.20.28.1

+++ server 10.20.28.1 never has a arp mapping for 10.20.29.233 during the time of the issue

+++ no arp packets on po10 from any device stating 10.20.28.1 has a mac address of the gateway

As per the data when you remove the ACL on SVI vlan24 the switch will process the traffic to 10.20.28.1 from 10.20.29.233(since that traffic has a destination mac to the SVI VLAN24 on the c9200L) and send it to 10.20.28.1, host 10.20.28.1 then sends the ARP reply which updates the arp resolution on both end devices for each other.

It looks like ACL on the c9200L is not the cause of the issue here but it is giving indication of a possibly bigger issue here, several devices on vlan24 are having an incorrect ARP mapping for the other hosts

Hello

"The hosts are on the same switch,other host can connect to the server.

Traffic destined to 10.20.28.X should have the mac address of 10.20.28.X,"

 

 So you are saying the above isn't correct?

Hello,

The hosts are on the same switch( I meant several hosts within vlan 24 are are trying to communicate with the server( 10.20.28.X).

Very Respectfully,
Temi




Traffic destined to 10.20.28.X should have the mac address of 10.20.28.X,"

Hello

you also say they other multiple hosts on the same vlan on the same switch and from other vlans and other switches can successfully connect to this server so if then it's just this one host that is failing and this host is  physically attached to the same switch on the same vlan then i would suggest start looking at that specific host- maybe be even reset it's network bindings turn off all services other then wifi-turn /

Thank you for your response.
Currently the situation is :
a. The phone has no arp entry for the server hence the phone by default sends traffic to its gateway
b. The phone for some reason is incorrectly mapping the arp resolution for the ip address of the server to the mac address of the gateway .