arp issues

Unanswered Question
Mar 5th, 2010

Hi guys

last night we had an issue with one of our servers, basically I have 2 core switches using vrrp, we have remote sites that come into the office, this traffic then hits the core switches, then to the server. what was happening is that everything on the lan locally on the core seems ok on the active router, but the wan traffic comes into the backup master router. The server is a cluster and has an alias address, from the wan we can ping the real addresses but not the alias, but from the lans locally it seems fine. One thing I noticed is that the alias arp entry was missing from one of the core routers, the one where it comes in from the wan.

The only way I got it working was to run a ping from the core switch to the server, this then put the arp entry back in the cache. but when I ping from the wan its almost like its not arping!!

any ideas why this is happening ?

cheers

Carl

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Fri, 03/05/2010 - 02:53

Hello Carl,

was the ARP entry missing on VRRP master or on VRRP standby core switch?

traffic in each direction can use a different path and this is not a problem unless there is a FW on path that worries about this.

if traffic from server was sent to VRRP master this is expected.

the other core switch has an ARP entry if it has talked to the host in last 4 hours.

The problem I see is that someone should answer the ARP request to find out the MAC address for the alias.

if I've understood you correctly the problem is related to the alias not to the real server IP address.

a possible fixup could be the use of a static ARP entry

conf  t

arp  alias-ipaddress xxxx.yyyy.zzzz arpa

Hope to help

Giuseppe

Kevin Dorrell Fri, 03/05/2010 - 03:22

Does the virtual server use Microsoft NLB (Network Load Balancing)?  If so, you will need a static ARP entry in the routers.

Kevin Dorrell

Luxembourg

carl_townshend Fri, 03/05/2010 - 03:58

hi there

the servers are in different rooms in a cluster, and on this site they are some Nortel Passports (not cisco i know :-)  , i have tried to add the static arp entry on them but it looks liek you have to assign it to a layer 3 port, you cant add them using a L3 vlan, I wonder why this is...

cheers

Giuseppe Larosa Fri, 03/05/2010 - 04:01

Hello Carl,

the static ARP has to be added on device on destination subnet not on routers that are on remote sites

Hope to help

Giuseppe

carl_townshend Fri, 03/05/2010 - 04:06

Hi Guislar

Yes I know this, the central router as the Nortel passport, it wont let me add them unless the interface is L3, I think my only option is the turn off the backup master function on my vrrp backup, Nortel have a feature where the Backup master can also route if the traffic hits there first, this shoudl resolve the issue!!

Actions

This Discussion