cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
350
Views
0
Helpful
3
Replies

ARP / MAC problem

JClarke007
Level 1
Level 1

Cat4510 /w Sup 6-E - 12.2(52)SG

Hello, having some issues at the link from layer 3 to layer 2.

It seems so far from my troubleshooting that random MAC addresses are flushed from the mac table at the default aging timer, 300 secs. Once the mac gets flushed and a request comes in for that IP from another VLAN, the 4510 doesn't arp for the new mac address, or appear to broadcast out all ports on that vlan to find the mac, and so the packet is dropped. There is still a ip->mac entry in 'show arp' for this IP, but there is no Layer 2->interface record 'show mac add'.

This started happening as soon as I upgraded from 12.2(50)SG1 to 12.2(52)SG, and it appears to affect random IP's.

If I ping the address from the same VLAN, it works fine as this is happening at layer 2. An arp goes out and the mac is stored in the mac address table of the host and switch.

If I ping the target IP from the switch directly, it will arp, store the mac in the mac table, and I am able to ping the address from any VLAN for the next 300 seconds. Again, once the mac is flushed, traffic immediately gets dropped.

Something to do with CEF perhaps?

3 Replies 3

Yudong Wu
Level 7
Level 7

It's hard to tell.

If there is arp entry but no mac entry, the switch should flood the packet on every ports in destination vlan.

So, you did the packet capture on destination PC and did not see any packet reach it?

Right, there is no broadcast sent out.

It's not a broadcast. We call it "unicast flooding". It's the same unicast packet but you can capture it on every port in the destination vlan.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco