cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1988
Views
5
Helpful
4
Replies

Ping from WAN - Not from LAN

sblavanya
Level 1
Level 1

Hi All

Got a wierd issue ..

We have done re-addressing of a subnet say 172.16.10.0/24 to a new IP range 10.x.x.x... everything works fine as expected. we defined 10.x.x.x as primary , and 172.16.10.x as secondary IP addresses on the VLAN, for migration purpose..

We have now migrated all IPs from 172.16.10.x to 10.x.x.x and wanted to delete the secondary IP range 172.16.10.0/24... Just before deleting, I wanted to make sure we dont have any Iive IPs on that segment. I looked on the core switch (show arp), and made sure there are no ARP associations for 172.16.10.x IPs..

Just to confirm, Im also doing a scan from my laptop (solarwinds ip scan), through a WAN connection, and strangely found some random IPs responding.. for eg i can ping 172.16.10.7 from my laptop from WAN, but not from LAN.. that IP never exists, but for some reason, im able to ping from my laptop in WAN. Can this be due to proxy arp on that vlan interface ? i have proxy arp enabled on the vlan SVI...

Will someone know the exact reason as to why IPs would not be reachable from LAN, and it responds randomly from WAN ? Can this be a bug ?

Note - there is no overlapping networks.. IPs are dedicated to that site.. when i do a tracert, it reaches the core switch of that site..

Lavanya

4 Replies 4

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Lavanya,

if pinging on the vlan side no host in 172.16.x.y net answers I would think no host is present.

the correct test is sh ip arp 172.16.10.7

if this show does not provide a MAC address there is no one there.

proxy-arp can help hosts that are in the vlan side to get router's mac address in answer to an ARP request.

but it does not imply that the router will answer to an ICMP echo request on behalf of an host on the lan segment.

you can use an ACL like

access-list 111 permit icmp host 172.16.10.7 any

debug ip packet detail list 111

on the router.

(you may need to disable CEF if this is possible on the device, possible on a SW router it may be not possible on a multilayer switch)

Hope to help

Giuseppe

Hi Guislar

Thanks for responding..

neither the show ip arp 172.16.x.x nor , show arp | incl vlanxxx shows me anything.. we are sure that the host is not present.. we cannot ping these IPs from the local segment or from the PCs locally..

its only that we were able to ping IPs random from a couple of locations over the WAN.. even now, am able to arbitarily ping 172.16.10.103, but there is no arp or the host doesnt exist on the destination VLAN !

When using solarwinds IP tracker, many a times i see bogus DNS names like "QUIN", "WENDAI" etc associated with IPs which are not reachable, but still showing it as reachable on solarwinds.. this might be a bug with solarwinds, but a normal ping from command prompt is now reachable.. its a puzzle to me !

Hi,

a) what about some NAT forgotten somewhere in your network?

b) I'd try Wireshark capturing packets on your PC - it might show some details like TTL, adddresses in headers, etc.

HTH,

Milan

Hi Milan

I dont think there are any NATs between the source and destination.. infact we removed the dhcp scope off the server, to make sure there are no hosts.. and still some vague responses.. i noticed the IPs start responding after i do a solarwinds ip scan for that subnet.. solarwinds gives wierd DNS names for these IPs which dont exist , but responds to ping as I do...

wierd !

Thanks

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: