07-04-2014 01:01 AM - edited 03-07-2019 07:55 PM
Hi,
the environment is the following:
|border-switch|--|core-switch|--|server-access-switch|--|linux-server|
There is a managmenet vlan. This vlan ip range is: 172.16.1.0/24. The linux-server is in this vlan and the management interface of the border-switch
is also in this vlan. Linux server is 172.16.1.15/24 and border-switch is 172.16.1.34/24.
The linux-server is monitoring the border-switch with icmp and snmp. It works, but from time to time the linux-server cannot reach
the border-switch icmp fails, snmp queries fail. The connection recovers only if I ping the border-switch from the core-switch!
I think this should be a L2 related issue but I do not have idea where to look.
Does anybody have any idea why this is happening?
Thanks,
Andras
07-04-2014 01:06 AM
Hi ,
How is your connectivity made for your border switch ?? .
Share me show IP interface brief from your border switch .
HTH
Sandy
07-04-2014 01:41 AM
Hi,
At a second look, my network diagram was a bit wrong. (I am not maintaining the environment so
I have very very limited view/access to it but I am trying to help to my colleagues as I can) so the correct diagram is:
|border-switch|--|server-access-switch1|--|core-switch|--|server-access-switch2|--|linux-server|
border-switch use fastethernet0/1 (trunk port, only management vlan is allowed) to access the
server-access-switch1 fastethernet 0/13 (trunk port, only managment vlan is allowed).
Thanks,
Andras
07-04-2014 02:40 AM
Hi Andras,
On your network setup have you trunked your management VLAN from Broder switch to server access switch 2 .(In between all network switches should allow Management vlan)
1) Similarly check for arp on your linux server towards router IP address
2) similarly check for arp on your router towards linux server .
I am suspecting duplicate IP addressing on your LAN segment .
HTH
Sandy
07-04-2014 03:29 AM
Hi,
thanks for the suggestions... but if it were the problem of a duplicate ip address.
Why the problem disappears when my colleague ping the border-switch from the
core-switch? It seems that somehow the L2 information does not hit the linux-server...
and this happens not just the border-switch but other devices on the network...
and affects only the management lan everything else is working fine... (switches
forward the traffic for other vlans etc. etc.) and from other network the border-switch
also can be pinged. I have never seen this issue before... I agree must be connected
with arp entries but how?
Andras
07-04-2014 04:20 AM
Hi ,
With arp you can verify NIC MAC address of your router & Linux Server.
kindly share me show IP interface brief & show vlan & show ip route from your device .
similarly check for subnet mask on your linux server .When you say can ping border switch from your core switch its clear your management VLAN reach ability is working fine with out any issue .
If there is L2 Switch issue either way you cant ping .
border-switch|
server-access-switch1
core-switch
server-access-switch2
linux-server
HTH
Sandy
07-04-2014 06:23 AM
Sandy,
as I said I cannot provide you those information.
but I did dig deeper and I found out that the mac address of border-switch
is different in the linux-server's arp table than the mac address of the same switch in the core-switch arp table. we are trying to track down what device pretends to be the border-switch. mac address is owned by IBM. Any idea?
Thanks for your understanding that I cannot send you the requested
information.
Andras
07-04-2014 06:32 AM
Hi ,
Based your comment , I am suspecting one IBM server is assigned IP address of your border router .Use
Show mac address-table on your switch to see mac address table for figure out on which physical port your IBM sever is connected .
we are trying to track down what device pretends to be the border-switch. mac address is owned by IBM. Any idea?
HTH
Sandy
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide