Cisco Router 2811 causing IP address conflict

Unanswered Question

I just purchased a new Cisco 2811 router and a Catalyst 2960G switch for my office.

And after configuring it for few hours, found that the IP address I assigned to my vlan 1 in catalyst 2960G switch is having IP address conflict.


From the Cisco Network assistant, I found that there's 2 IP addresses showing on my router network topology. The router's FastEthernet interface is configured with IP address 192.9.200.1


At first I thought it was my some other devices is conflicting with my switch and apparently it was sourced from my Cisco 2811 router. This problem also occured in my old Cisco 1841 router.


Even after hard reset and reconfigure, it still gave the same problem. Any reason why such thing happened ?


Theretically and practically the router shouldn't occupy 2 IP addresses for an interface but how come it's happening in my case ?


Is it a nature of cisco 2811 router or something wrong with my configurations ? I start all over again using SDM to configure but it's still the same problem as well.


Someone please help me.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
satish_zanjurne Tue, 10/07/2008 - 05:31


Definitely it is the configuration error.


Check the conflicting IP Addresses in both configurations.


HTH..rate if helpful..

I have checked both devices configurations and apparently there's no ip address of 192.9.200.2 in it. It's somehow strange. And I did the arp tracing and found that this conflict is sourced from the Cisco 2811 router itself. The configuration is as of below.


version 12.4

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

no service password-encryption

service sequence-numbers

!

hostname PCSBRouter

!

boot-start-marker

boot-end-marker

!

no aaa new-model

clock timezone PCTime 8

!

!

ip cef

!

!

ip name-server 202.188.0.133

ip name-server 202.188.1.5

ip name-server 192.9.200.1

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

ip address-pool local

!

!

voice-card 0

no dspfarm

!

!

!

!

!

!

!

ip tcp synwait-time 10

!

!

!

!

!

interface FastEthernet0/0

description $ETH-WAN$

ip address 219.94.97.202 255.255.255.252

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

description $ETH-LAN$$ES_LAN$

ip address 192.9.200.1 255.255.0.0

no ip proxy-arp

ip nat inside

ip virtual-reassembly

duplex full

speed auto

!

interface BRI0/0/0

no ip address

encapsulation hdlc

shutdown

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 219.94.97.201

!

!

ip http server

ip http port 8000

no ip http secure-server

ip nat pool PCSB 192.9.200.1 192.9.255.255 netmask 255.255.0.0

ip nat source static tcp 192.9.200.3 3389 interface FastEthernet0/0 80

ip nat inside source list 1 interface FastEthernet0/0 overload

ip nat inside source static tcp 192.9.200.2 8001 interface FastEthernet0/0 8001

ip nat inside source static tcp 192.9.200.1 8000 interface FastEthernet0/0 8000

ip nat inside source static udp 192.9.200.3 4500 interface FastEthernet0/0 4500

ip nat inside source static udp 192.9.200.3 47 interface FastEthernet0/0 47

ip nat inside source static udp 192.9.200.3 1701 interface FastEthernet0/0 1701

ip nat inside source static tcp 192.9.200.202 83 interface FastEthernet0/0 83

ip nat inside source static tcp 192.9.200.3 47 interface FastEthernet0/0 47

ip nat inside source static tcp 192.9.200.3 1723 interface FastEthernet0/0 1723

ip nat inside source static udp 192.9.200.3 3389 interface FastEthernet0/0 3389

ip nat inside source static tcp 192.9.200.3 3389 interface FastEthernet0/0 3389

ip nat inside source static tcp 192.9.200.3 80 interface FastEthernet0/0 80

!

ip access-list extended PCSB

remark SDM_ACL Category=2

permit ip any any

!

logging trap debugging

access-list 1 remark SDM_ACL Category=2

access-list 1 permit 192.9.0.0 0.0.255.255

access-list 101 permit ip any any

!

!

!

!

control-plane

!

!

!

voice-port 0/1/0

!

voice-port 0/1/1

!

voice-port 0/2/0

!

voice-port 0/2/1

!


The rest are ommitted due to security reasons.

Please help me check what's the issue with this. Please let me know if you need any extra informations.

Richard Burts Tue, 10/07/2008 - 07:43

You have given us the router config and it confirms that the address is configured on the FastEthernet interface:

ip address 192.9.200.1 255.255.0.0


Can you post the switch config so that we can confirm what address is it using?


If it is using the 192.9.200.1 address also then there certainly is an address conflict.


HTH


Rick

Below is my switch configurations.


version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname PCSBSwitch

!

""Omitted""

!

""Omitted""

no aaa new-model

system mtu routing 1500

ip subnet-zero

!

ip name-server 202.188.0.133

ip name-server 202.188.1.5

ip name-server 192.9.200.1

!

!

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

interface GigabitEthernet0/1

!

interface GigabitEthernet0/2

!

interface GigabitEthernet0/3

!

interface GigabitEthernet0/4

!

interface GigabitEthernet0/5

!

interface GigabitEthernet0/6

!

interface GigabitEthernet0/7

!

interface GigabitEthernet0/8

!

interface GigabitEthernet0/9

!

!

interface GigabitEthernet0/10

!

interface GigabitEthernet0/11

!

interface GigabitEthernet0/12

!

interface GigabitEthernet0/13

!

interface GigabitEthernet0/14

!

interface GigabitEthernet0/15

!

interface GigabitEthernet0/16

!

interface GigabitEthernet0/17

!

interface GigabitEthernet0/18

!

interface GigabitEthernet0/19

!

interface GigabitEthernet0/20

!

interface GigabitEthernet0/21

!

interface GigabitEthernet0/22

!

interface GigabitEthernet0/23

!

interface GigabitEthernet0/24

!

interface GigabitEthernet0/25

!

interface GigabitEthernet0/26

!

interface GigabitEthernet0/27

!

interface GigabitEthernet0/28

!

interface GigabitEthernet0/29

!

interface GigabitEthernet0/30

!

interface GigabitEthernet0/31

!

interface GigabitEthernet0/32

!

interface GigabitEthernet0/33

!

interface GigabitEthernet0/34

!

interface GigabitEthernet0/35

!

interface GigabitEthernet0/36

!

interface GigabitEthernet0/37

!

interface GigabitEthernet0/38

!

interface GigabitEthernet0/39

!

interface GigabitEthernet0/40

!

interface GigabitEthernet0/41

!

interface GigabitEthernet0/42

!

interface GigabitEthernet0/43

!

interface GigabitEthernet0/44

!

interface GigabitEthernet0/45

!

interface GigabitEthernet0/46

!

interface GigabitEthernet0/47

!

interface GigabitEthernet0/48

!

interface Vlan1

ip address 192.9.200.4 255.255.0.0

no ip route-cache

!

ip http server

ip http port 8001

!

control-plane

!

!

line con 0

line vty 0 4

""Omitted""

line vty 5 15

""Omitted""


Hope this configuration you request helps.

glen.grant Thu, 10/09/2008 - 06:20

I would think it would have to be a device hung off the switch. If you do a sh arp what does it tell you , does the mac address match to any device hung off the 2960 ? It could also be someone who is intermittently coming on and off the network.

I checked the arp tables and found that the IP address come from the Cisco 2811 router.


Do you mean that the session hanged or something ?


Coz this happened to my old Cisco 1841 router as well. I don't quite understand why such a thing can occur and after all there's no power failure nor surge in my server room at all and my servers weren't down.


This case is really kinda unexplained. I tried resetting both devices and reconfigure but the same problem will still come back. I have checked through my whole network and there's confirmed no IP address conflict occur at all. The conflict occurs from the router itself.

heisman Thu, 10/09/2008 - 12:13

I'm guessing the problem is in the following line:


ip nat pool PCSB 192.9.200.1 192.9.255.255 netmask 255.255.0.0


Shouldn't the IP addresses you have listed (192.9.200.1 through 192.9.255.255) be the external addresses that you are NATing to instead of internal addresses? The router could see this as an IP conflict because 192.9.200.4 is in the range of addresses that it is NATing to so it would "claim" that address.

heisman Fri, 10/10/2008 - 06:10

The answer to your first question is yes. You may want the switch address to land in your source list to be translated, but you don't want it in the nat pool range to be NATed to.


The NAT pool is used to define the public addresses that you will NAT to. Since you only have one public address in 219.94.97.202, you will want to just NAT to that interface IP address. You already have this setup with the following command:


ip nat inside source list 1 interface FastEthernet0/0 overload



Since you are already NATing to your outside interface you can remove the following command:


ip nat pool PCSB 192.9.200.1 192.9.255.255 netmask 255.255.0.0


For additional information you can visit the following URL:


http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml


*Please rate post if this was helpful.*

Actions

This Discussion