Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3682
Views
0
Helpful
2
Replies

ARP Filtered... Martian source

ANDREA GELATI
Level 1
Level 1

‎07-24-2007 03:12 AM - edited ‎03-05-2019 05:27 PM

Good morning everyone,

I have a strange problem interconnecting a Cisco851 with an ISP router.

The ISP router has the 192.168.1.1 255.255.255.0 address and the C851 has the 192.168.1.100 255.255.255.0 on the FastEthernet4 connected to the ISP device through a switch (but i've tried also the direct connection).

given this, no communication passes by between the c857 and the ISP device.

Sniffing the packets, i can see that the ISP Provider sends an ARP Request to know wich one is the 192.168.1.100 and the C857 filters it with the following reason:

IP ARP req filtered src 0.0.0.0 0017.c2cf.974f, dst 192.168.1.100 0000.0000.0000 martian source.

can someone tell me why? is there a way not to make the router filter these ARP Request?

Below there's the full configuration of the router which has 12.4.15(T1) release onboard (bt i've tried also older ones..)

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname giacomo-Alberione-gw

!

boot-start-marker

boot-end-marker

!

logging buffered 4096

!

no aaa new-model

clock timezone CET 1

clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00

!

!

!

no ip source-route

no ip dhcp use vrf connected

ip dhcp excluded-address 192.168.0.254

!

ip dhcp pool locale

network 192.168.0.0 255.255.255.0

default-router 192.168.0.254

dns-server 194.20.8.1 151.99.125.2

lease 30

!

!

ip cef

no ip bootp server

no ip domain lookup

ip domain name router.it

!

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface FastEthernet4

ip address 192.168.1.100 255.255.255.0

ip virtual-reassembly

duplex auto

speed auto

ip nat outside

!

interface Vlan1

ip address 192.168.0.254 255.255.255.0

ip nat inside

ip virtual-reassembly

!

ip route 0.0.0.0 0.0.0.0 192.168.1.1

!

no ip http server

ip http authentication local

ip http secure-server

ip http timeout-policy idle 5 life 86400 requests 10000

ip nat inside source list 100 interface fastethernet4 overload

!

!

access-list 11 permit any

access-list 100 remark ****** ACL per PAT ******

access-list 100 permit ip 192.168.0.0 0.0.0.255 any

control-plane

!

!

line con 0

logging synchronous

login local

no modem enable

line aux 0

line vty 0 4

exec-timeout 120 0

logging synchronous

login local

transport input telnet ssh

!

scheduler max-task-time 5000

end

Labels:
0 Helpful
2 Replies 2

Jon Marshall
Hall of Fame
Hall of Fame

‎07-24-2007 03:17 AM

Hi

I'm not sure it's your router. If you look at the message it is complaining about the source address being 0.0.0.0 which is clearly incorrect.

Have you talked to your ISP.

Jon

0 Helpful

ANDREA GELATI
Level 1
Level 1
In response to Jon Marshall

‎07-26-2007 05:04 AM

The source mac address is that of the service provider router (which is actually open in that I can configure it but there are very few options.. for instance I can't set a static arp)

The Service Provider says everything's fine and it suggests to connect the machines directly to its Router (in this scenario, everything works properly and the computers have no problem answering that request).

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card