Unable to ping until arp cache cleared - Page 7

samirshaikh52 · ‎02-04-2014

Hello Experts

I have 3 servers connected to Cisco Catalyst Switch C2960 and this switch has uplink to one of the access switch and ultimately this access switch connected to our 2 Core Switch

We are running HSRP and core switches has direct link between them.

Today I encountered an issue these server are unreachable from vlans other that its own. I just cleared arp-cache and it started pinging.

Please can you help since this happening repeadetly.

Thanks

Vishesh Verma · ‎02-09-2014

I haven't read the whole discussion; however, are arp-timeout and mac-aging timer same on the core switches? If so, configure arp-timeout to be lower than mac-aging timer.

-Vishesh

samirshaikh52 · ‎02-09-2014

I suggest to read the whole thread its very interesthing because this is going nowhere.

Anyway, I have configured static arp on our cores poin

arp 10.1.1.15 0014.5ebc.7466 ARPA

arp 10.1.1.17 0014.5ebc.7466 ARPA ( VIP)

arp 10.1.1.21 0014.5ebc.7466 ARPA

Lets see the result.

Thanks

samirshaikh52 · ‎02-09-2014

Please see the attached interfaces configuration. The cluster is Active/Passive.

Thanks for the help.

Vishesh Verma · ‎02-09-2014

I may have seen a similar issues in past and that is why suggest you to look into the arp-timeout and mac-aging timer

By default arp-timeout is 4 hours, mac-aging timer is 5 minutes. Most of the times Admins change the arp-timeout to 300 seconds and make it equal to mac-aging timer and this causes issues with CEF syncronisation when you run HSRP on top of that, and assymetric routing occurs, as shown below -

Outgoing Traffic

+---------------------------------------->>>

+ +------------+

| | |

| | HSRP | R

+---------------------+ Active +--------+ e

| | | s

| | | t

| +------------+

+-+ | of

| +------------+

+-+ | N

| e

| +------------+ t

| | | w

| | HSRP | o

+---------------------+ Standby +--------+ r

| | | k

| | |

+ +------------+

<<<----------------------------------------+

Incoming Traffic

You mention in your post that this issue occurs every 5 minutes so I am guessing that would make the arp-timeout to 300 in your case as well.

If this is the case you have 2 options -

1. arp-timeout 280, mac-aging timer 300 (default)

2. arp-tmeout 14400 (default) & mac-aging timer 14405

One question, what are core devices, platform and IOS?

-Vishesh

samirshaikh52 · ‎02-09-2014

But visheh it was working for almost now 6 years with everything default.

elanaalex · ‎03-12-2021

I'm a little curious as to how the server is doing it's clustering. Because users are going to 10.1.1.17, which on the core has an ARP entry of 10.1.1.17 > 0014.5ebc.7466, which is on Server 2. So how exactly is Server 1 working? I don't know how the clustering is working, so that's a mystery to me right now. If it's doing Active/Active, I'm not sure how that's working if the MAC is going to Server 2 in the ARP entry.