Ping from WAN - Not from LAN

Unanswered Question
Feb 17th, 2010
User Badges:

Hi All


Got a wierd issue ..


We have done re-addressing of a subnet say 172.16.10.0/24 to a new IP range 10.x.x.x... everything works fine as expected. we defined 10.x.x.x as primary , and 172.16.10.x as secondary IP addresses on the VLAN, for migration purpose..


We have now migrated all IPs from 172.16.10.x to 10.x.x.x and wanted to delete the secondary IP range 172.16.10.0/24... Just before deleting, I wanted to make sure we dont have any Iive IPs on that segment. I looked on the core switch (show arp), and made sure there are no ARP associations for 172.16.10.x IPs..


Just to confirm, Im also doing a scan from my laptop (solarwinds ip scan), through a WAN connection, and strangely found some random IPs responding.. for eg i can ping 172.16.10.7 from my laptop from WAN, but not from LAN.. that IP never exists, but for some reason, im able to ping from my laptop in WAN. Can this be due to proxy arp on that vlan interface ? i have proxy arp enabled on the vlan SVI...


Will someone know the exact reason as to why IPs would not be reachable from LAN, and it responds randomly from WAN ? Can this be a bug ?


Note - there is no overlapping networks.. IPs are dedicated to that site.. when i do a tracert, it reaches the core switch of that site..


Lavanya

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 2.5 (2 ratings)
Loading.
Giuseppe Larosa Wed, 02/17/2010 - 14:02
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Lavanya,

if pinging on the vlan side no host in 172.16.x.y net answers I would think no host is present.


the correct test is sh ip arp 172.16.10.7


if this show does not provide a MAC address there is no one there.


proxy-arp can help hosts that are in the vlan side to get router's mac address in answer to an ARP request.


but it does not imply that the router will answer to an ICMP echo request on behalf of an host on the lan segment.


you can use an ACL like


access-list 111 permit icmp host 172.16.10.7 any


debug ip packet detail list 111


on the router.


(you may need to disable CEF if this is possible on the device, possible on a SW router it may be not possible on a multilayer switch)



Hope to help

Giuseppe

sblavanya Wed, 02/17/2010 - 14:22
User Badges:

Hi Guislar


Thanks for responding..


neither the show ip arp 172.16.x.x nor , show arp | incl vlanxxx shows me anything.. we are sure that the host is not present.. we cannot ping these IPs from the local segment or from the PCs locally..


its only that we were able to ping IPs random from a couple of locations over the WAN.. even now, am able to arbitarily ping 172.16.10.103, but there is no arp or the host doesnt exist on the destination VLAN !


When using solarwinds IP tracker, many a times i see bogus DNS names like "QUIN", "WENDAI" etc associated with IPs which are not reachable, but still showing it as reachable on solarwinds.. this might be a bug with solarwinds, but a normal ping from command prompt is now reachable.. its a puzzle to me !

milan.kulik Thu, 02/18/2010 - 04:26
User Badges:
  • Red, 2250 points or more

Hi,


a) what about some NAT forgotten somewhere in your network?

b) I'd try Wireshark capturing packets on your PC - it might show some details like TTL, adddresses in headers, etc.


HTH,

Milan

sblavanya Mon, 02/22/2010 - 08:01
User Badges:

Hi Milan


I dont think there are any NATs between the source and destination.. infact we removed the dhcp scope off the server, to make sure there are no hosts.. and still some vague responses.. i noticed the IPs start responding after i do a solarwinds ip scan for that subnet.. solarwinds gives wierd DNS names for these IPs which dont exist , but responds to ping as I do...


wierd !


Thanks

Actions

This Discussion

Related Content