arp poison interesting observation/ possible bug

Unanswered Question
Oct 30th, 2007
User Badges:
  • Gold, 750 points or more

I witnessed something very interesting yesterday.

We had a client attach a device with a static ip which happened to be the same as one of our controller service interfaces, but in a different vlan, but one that the controller has a dynamic interface in as well.

All of a sudden, all the APs on the affected controller started disassociating! It took a while to clear out the arp cache and get things settled down, but it has been stable for 16 hours since we disconnected the wired client.

As the dynamic interface is not actively in use, I have disabled it for now.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
irisrios Mon, 11/05/2007 - 07:19
User Badges:
  • Silver, 250 points or more

Is it a dynamic interface or AP manager interface. In any case make sure that you dont assign the same ip address as the controller.

ericgarnel Mon, 11/05/2007 - 12:00
User Badges:
  • Gold, 750 points or more

The rogue ip showed up on guest vlan "D", but it was the same ip address as the service interface on one WLC controller. The wlc had a dynamic interface in vlan "D" as well.

Actions

This Discussion

 

 

Trending Topics - Security & Network