Hello all once again!

I am hoping to gain some valuable troubleshooting assistance again from this forum. I've been able to lend a hand to others, but I need a hand again because I'm stumped. So, follow along, I'll try and make this easy to follow.

A= Access Switch

D=Distro Switch

C=Core Switch

P= PC

We have a typical A-D-C Cisco layout. Access switches are segmented vlan, connected to the Distro swtich. MLS layer 3 routing occurrs in the Distro switch.

So, in my segment, I have the following:

                                                                                               Mgmt Vlan 10.70.51.1          Mgmt Vlan 10.70.51.3

P----------------------------A------------------------------------C------------------------------------------D-------------------------------A---------------------------------------P

my pc                  access                            Core                               Local Distro                       Mac Table                      Far end PC.

10.70.4.210                                                  10.70.3.233/30               10.70.3.234/30                   1234 Vlan 10                 10.70..48.85

Vlan 4                                                                                           ARP 10.70.48.85:1234                                               Vlan 10

                                                                                                                                                                                     MAC 1234     

So, here's what I have:

In the local segment distro switch, you'll see that it's trunk link is 10.70.3.234/30. The uplink is the 10.70.3.233/30, which is the core switch.

The Distro switch has my problem child's MAC address resolved in the ARP table to it's IP. THat's the IP that DHCP gave out to the device. It is in the correct VLAN DHCP scope.

The problem PC's MAC address is resolved in the Access switche's mac address table. It's on the correct port, which is configured for port-security mac sticky. It's configured for the correct data vlan, vlan 10.

However, you cannot ping the problem PC. So, I did a traceroute from my PC, which is connected to an access switch, then goes into the core. The tracert goes

10.70.4.194

10.70.3.234

stops

So, 10.70.4.194 is the IP address for VLAN 4 on the Core switch. It then gets routed to the next hop, which is the far end link connection in the distro switch, 10.70.3.234. The trace stops there.

I did a reverse traceroute from the access switch that the problem PC is connected to. As I said, the PC's mac address is configured correctly on it's port. Doing a traceroute from that access switch:

10.70.51.1

10.70.3.233

10.70.4.210

This is successful. It hits the distro switch which has Mgmt Vlan address of 10.70.51.1. It's then routed to the next hop, the 10.70.3.233 of the core switch trunk link. Then, it gets thru the access switch and hits my PC successfully.

The thing that is throwing me off is the ARP table on the distro switch. Why am I not getting connectivity here? I looked at the routing table; the routing table is correct. Other devices in the same VLAN are having connectivity just fine. Could it be a bad port that is showing connectivity but not letting data thru? I'm stumped. I would think if it was a routing issue, other devices would have no connectivity. But they do. Just like I can traceroute and ping from the access switch without an issue.  

To rehash..when I'm on the PC's access switch, I do a sho mac-address table | i 1234. It gives me:

10      xxxx.xxxx.xxxx.1234     static      g2/0/3

Go into the distro, do a sho mac-address table | i 1234. Gives me:

10     xxxx.xxxx.xxxx.1234     dynamic     g1/0/2 (which is the correct port for the uplink)

Distro sho arp | i 1234:

Internet 10.70.48,85          81          xxxx.xxxx.xxxx.1234     ARPA     VLAN 10

But again, trying to ping from the core switch, I get Success rate is 0 percent (0/5). Also cannot ping from my PC.

Any suggestions would be GREATLY appreciated.