the environment is the following:
There is a managmenet vlan. This vlan ip range is: 172.16.1.0/24. The linux-server is in this vlan and the management interface of the border-switch
is also in this vlan. Linux server is 172.16.1.15/24 and border-switch is 172.16.1.34/24.
The linux-server is monitoring the border-switch with icmp and snmp. It works, but from time to time the linux-server cannot reach
the border-switch icmp fails, snmp queries fail. The connection recovers only if I ping the border-switch from the core-switch!
I think this should be a L2 related issue but I do not have idea where to look.
Does anybody have any idea why this is happening?
At a second look, my network diagram was a bit wrong. (I am not maintaining the environment so
I have very very limited view/access to it but I am trying to help to my colleagues as I can) so the correct diagram is:
border-switch use fastethernet0/1 (trunk port, only management vlan is allowed) to access the
server-access-switch1 fastethernet 0/13 (trunk port, only managment vlan is allowed).
On your network setup have you trunked your management VLAN from Broder switch to server access switch 2 .(In between all network switches should allow Management vlan)
1) Similarly check for arp on your linux server towards router IP address
2) similarly check for arp on your router towards linux server .
I am suspecting duplicate IP addressing on your LAN segment .
thanks for the suggestions... but if it were the problem of a duplicate ip address.
Why the problem disappears when my colleague ping the border-switch from the
core-switch? It seems that somehow the L2 information does not hit the linux-server...
and this happens not just the border-switch but other devices on the network...
and affects only the management lan everything else is working fine... (switches
forward the traffic for other vlans etc. etc.) and from other network the border-switch
also can be pinged. I have never seen this issue before... I agree must be connected
with arp entries but how?
With arp you can verify NIC MAC address of your router & Linux Server.
kindly share me show IP interface brief & show vlan & show ip route from your device .
similarly check for subnet mask on your linux server .When you say can ping border switch from your core switch its clear your management VLAN reach ability is working fine with out any issue .
If there is L2 Switch issue either way you cant ping .
as I said I cannot provide you those information.
but I did dig deeper and I found out that the mac address of border-switch
is different in the linux-server's arp table than the mac address of the same switch in the core-switch arp table. we are trying to track down what device pretends to be the border-switch. mac address is owned by IBM. Any idea?
Thanks for your understanding that I cannot send you the requested
Based your comment , I am suspecting one IBM server is assigned IP address of your border router .Use
Show mac address-table on your switch to see mac address table for figure out on which physical port your IBM sever is connected .
we are trying to track down what device pretends to be the border-switch. mac address is owned by IBM. Any idea?