Couldn't locate on MAC address

Unanswered Question
Jun 5th, 2009
User Badges:

Hi,


I check on my C6506E with CSM v4.2, the logging show following msg:


%CSM_SLB-4-TOPOLOGY: Module 1 warning: IP address conflict: ARP frame from 202.160.1.206 with MAC 00:1f:9e:53:c3:a1 received on VLAN 11

%CSM_SLB-4-TOPOLOGY: Module 1 warning: IP address conflict: ARP frame from 10.0.1.35 with MAC 00:1f:9e:53:c3:a1 received on VLAN 12


So i just try to locate my 202.160.1.206 and 10.0.1.35's the MAC and what happen with MAC 00:1f:9e:53:c3:a1


SS1#sh mod csm 1 arp

Internet Address Physical Interface VLAN Type Status

--------------------------------------------------------------------------------------------

202.160.1.206 00-01-64-F9-1A-01 0 CLNTNAT local

10.0.1.35 00-01-64-F9-1A-01 0 VSERVER local


Then

SS1#sh mac-address-table address 00:1f:9e:53:c3:a1

Legend: * - primary entry

age - seconds since last seen

n/a - not available


vlan mac address type learn age ports

------+----------------+--------+-----+----------+--------------------------

No entries present.


Feel weird why couldn't spot the MAC causing conflict? is it being spoof?


seeking for idea on it now, thanks


Noel

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Gilles Dufour Mon, 06/08/2009 - 01:01
User Badges:
  • Cisco Employee,

Noel,


interesting.

00:1f:9e is a Cisco mac address.

Could it be the standby CSM ?

Do a 'show module' on the standby chassis.


Do you see the error frequently ?


Gilles.

cisco_jiang Mon, 06/22/2009 - 02:10
User Badges:

Hi Gilles,


Hmm, my network topology is 2 unit of 6500 boxes with CSM module with it.


00:1f:9e mac-address couldn't spot it after i run the clear logging. But recently i do often saw this problem at the logging with this :

"%CSM_SLB-4-TOPOLOGY: Module 1 warning: IP address conflict: ARP frame from 202.160.x.xx with MAC 00:01:64:xx:xx:xx received on VLAN 11"


This time i can spot the MAC address, it's the NATPOOL client IP for the one of my server farm.


Just wonder, this error msg is it cause by the server's NIC network teaming not setting in proper, and making collision at the switch?


Thanks


Noel


cisco_jiang Mon, 06/22/2009 - 02:11
User Badges:

Hi Gilles,


Hmm, my network topology is 2 unit of 6500 boxes with CSM module with it.


00:1f:9e mac-address couldn't spot it after i run the clear logging. But recently i do often saw this problem at the logging with this :

"%CSM_SLB-4-TOPOLOGY: Module 1 warning: IP address conflict: ARP frame from 202.160.x.xx with MAC 00:01:64:xx:xx:xx received on VLAN 11"


This time i can spot the MAC address, it's the NATPOOL client IP for the one of my server farm.


Just wonder, this error msg is it cause by the server's NIC network teaming not setting in proper, and making collision at the switch?


Thanks


Noel


Gilles Dufour Mon, 06/22/2009 - 02:23
User Badges:
  • Cisco Employee,

Noel,


show mod csm X tech ft


Virtual mac address: 0:1:64:f9:1a:XX


The mac address you see is the virtual mac which should only be owned by the active CSM.


So, you may have some active-active collision.

Get the show mod command above and check the line :


Ver mismatch 0 Active State Collision 0 Standby state collision 0


See if you have any collision.


G.


cisco_jiang Tue, 06/23/2009 - 02:56
User Badges:

Hi Gilles,


yup, after look into sh mod csm X tech ft,

i did spot the Virtual mac address: 0:1:64:f9:1a: available on both switch!!


plus LRP Errors:

Ver mismatch 0 Active State Collision 0 Standby state collision 0

TX errors 0 xsum err 0 HB miss (0)


kinda curious, would it anything on the network design?


my topology is using 2 of 6500 with CSM, configuring in single subnet mode.

Server's NIC doing in Switch Fault Tolerance + Adapter Load Balancing mode, where physically connected to both switch GigabitEthernet port.


On the configuration, there's 2 vlan client (SF and DMZ) bridging to the CSM vlan server. On both switch, i did trunking allow vlan SF and DMZ among them.


(So, i did try to trunk and allow the vlan server i create in CSM across the both switch, but this will causing bridge loop, even i try to encounter using rapid-pvst and assign one of the switch become root primary, still having bridge loop...)


For uplink, these 2 switch trunking allowed vlan carry to the core switch, and core switch connect to firewall.

The NAT for SF (server farm) is done inside firewall, and also the gateway for vlan SF and DMZ point to Firewall. (hmm, something like threshold for internal goto external)


hmm, just wondering, i thought the CSM should running in Active-Active mode. What's the impact having this Active-Active mode?


(if there's nothing can turn-around on this Active-Active, is there any active-standby mode i can refer with?)


Really really appreciate your feedback all this times..


Noel

Actions

This Discussion