ā08-20-2010 01:51 AM - edited ā03-06-2019 12:34 PM
Hi all,
I 'm experiencing a very strange situation regarding arp.
My topology :
<--router vlan Y C3750 router vlan X--> C2960G --> C3020--> Client 1
Client 1 is connect to a C3020 switch in vlan X and is trying to reach his default gateway using icmp
Client 1 sent arp request ( who is on vlan X interface ( hsrp)) but never receive answer . So it cannot join his default gateway.
When I connect a client 2 on C2960G in the same vlan X, then client 1 is now able to ping his default gateway because it"s now receiving the arp response from the default gateway. If I remove the Client 2 from the C2960, the client 1 lose the connection to the gateway.
At this time, the arp request is never arriving to the 3750 excepted when the client 2 is back on C2960G
Can some help me to solve the issue. This append for new vlan X not for other vlans already in use.
Also, client 1 can ping all other computer in the vlan excepted his default gateway.
vlan x is well forwarded up to the C3020.
vlan x is defined everywhere
Thanks a lot.
Regards.
ā08-20-2010 02:41 AM
Hi Riziv,
Hey i'm not expert to ans your query, but still i want to know; do you have any other system connected to same Vlan X on 2960? If no then can you check your Vlan X status before and after connecting your client 2 on 2960. Because i think when you dont have any system physically connected on your Vlan, till that time particular Vlan stays in Down state.( i.e. down down)
Experts! please correct me if i'm directing Riziv in wrong direction.
Regards,
Hardik
ā08-20-2010 02:52 AM
Hi Hardik,
Thanks for your reply.
Yes, the vlan is in active state as well as when Client 2 is connected on or not.
show vlan output:
41 xxxxxxx active
Thanks a lot.
Regards.
ā08-20-2010 02:59 AM
Hi,
As per your statement // Also, client 1 can ping all other computer in the vlan excepted his default gateway.//
To ping other computers are in the same vlan, no need to reach the default gateway.
can you paste the output of the below commands of all your switches.something we need to look C3020 configuration,
#sh vlan id
#sh int trunk
#sh vtp status
#sh spanning-tree
Thanks
Samy
ā08-20-2010 03:24 AM
Hi Samy,
I know that there 's no need to join the gateway when on the same subnet. but it proves that the vlan is well forwarded on the switches as another client located on the same vlan in another branch of the network can reach client1.
here is the output of the commands:
Note that Distri1-CPR-C67 is the 2960 switch and SW-BLADE1 is the 3020 switch
The issue is on vlan 41
Distri1-CPR-C67#sh spanning-tree vlan 41
VLAN0041
Spanning tree enabled protocol rstp
Root ID Priority 4137
Address 0024.13b5.c080
Cost 4
Port 21 (GigabitEthernet0/21)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32809 (priority 32768 sys-id-ext 41)
Address 0024.5153.c980
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- ----------------------------
Gi0/21 Root FWD 4 128.21 P2p
Gi0/22 Altn BLK 4 128.22 P2p
Po1 Desg FWD 3 128.56 P2p
Po2 Desg FWD 3 128.64 P2p
Po3 Desg FWD 3 128.72 P2p
Po4 Desg FWD 3 128.80 P2p
Distri1-CPR-C67#sh int trunk
Port Mode Encapsulation Status Native vlan
Gi0/21 on 802.1q trunking 1
Gi0/22 on 802.1q trunking 1
Po1 on 802.1q trunking 1
Po2 on 802.1q trunking 1
Po3 on 802.1q trunking 1
Po4 on 802.1q trunking 1
Port Vlans allowed on trunk
Gi0/21 1,9,11-12,14-15,40-46
Gi0/22 1,9,11-12,14-15,40-46
Po1 1,9,11-12,14-15,40-41
Po2 1,9,11-12,14-15,40-41
Po3 1,9,11-12,14-15,40-41
Po4 1,9,11-12,14-15,40-41
Port Vlans allowed and active in management domain
Gi0/21 1,9,11-12,14-15,40-46
Gi0/22 1,9,11-12,14-15,40-46
Po1 1,9,11-12,14-15,40-41
Po2 1,9,11-12,14-15,40-41
Po3 1,9,11-12,14-15,40-41
Po4 1,9,11-12,14-15,40-41
Port Vlans in spanning tree forwarding state and not pruned
Gi0/21 1,9,11-12,14-15,40,42-46
Gi0/22 none
Po1 1,9,11-12,14-15,40-41
Po2 1,9,11-12,14-15,40-41
Po3 1,9,11-12,14-15,40-41
Po4 1,9,11-12,14-15,40-41
Distri1-CPR-C67#
Distri1-CPR-C67# sh vtp status
VTP Version : running VTP2
Configuration Revision : 10
Maximum VLANs supported locally : 255
Number of existing VLANs : 17
VTP Operating Mode : Client
VTP Domain Name : CPR1
VTP Pruning Mode : Enabled
VTP V2 Mode : Enabled
VTP Traps Generation : Enabled
MD5 digest : 0xC4 0xC1 0x3A 0xA3 0x37 0x93 0x9F 0xD3
Configuration last modified by 10.14.2.3 at 8-13-10 08:21:44
Distri1-CPR-C67#sh vlan id 41
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
41 NLB_exchange active Gi0/21, Gi0/22, Po1, Po2, Po3
Po4
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
41 enet 100041 1500 - - - - - 0 0
Remote SPAN VLAN
----------------
Disabled
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
SW-BLADE1#sh int trunk
Port Mode Encapsulation Status Native vlan
Gi0/1 on 802.1q trunking 1
Gi0/2 on 802.1q trunking 1
Gi0/3 on 802.1q trunking 1
Gi0/4 on 802.1q trunking 1
Gi0/5 on 802.1q trunking 1
Gi0/6 on 802.1q trunking 1
Gi0/7 on 802.1q trunking 40
Gi0/8 on 802.1q trunking 40
Gi0/9 on 802.1q trunking 40
Gi0/10 on 802.1q trunking 40
Port Mode Encapsulation Status Native vlan
Gi0/11 on 802.1q trunking 40
Gi0/15 on 802.1q trunking 40
Gi0/16 on 802.1q trunking 40
Po1 on 802.1q trunking 1
Po2 on 802.1q trunking 1
Port Vlans allowed on trunk
Gi0/1 11-12,14-15,40-46
Gi0/2 11-12,14-15,40-46
Gi0/3 11-12,14-15,40-46
Gi0/4 11-12,14-15,40-46
Gi0/5 11-12,14-15,40-46
Gi0/6 11-12,14-15,40-46
Gi0/7 40
Gi0/8 40
Gi0/9 40
Gi0/10 40
Gi0/11 40
Gi0/15 40
Gi0/16 40
Po1 1,9,11-12,14-15,40-46
Po2 1,9,11-12,14-15,40-46
Port Vlans allowed and active in management domain
Gi0/1 11-12,14-15,40-46
Gi0/2 11-12,14-15,40-46
Gi0/3 11-12,14-15,40-46
Gi0/4 11-12,14-15,40-46
Gi0/5 11-12,14-15,40-46
Gi0/6 11-12,14-15,40-46
Gi0/7 40
Gi0/8 40
Gi0/9 40
Gi0/10 40
Gi0/11 40
Gi0/15 40
Gi0/16 40
Po1 1,9,11-12,14-15,40-46
Po2 1,9,11-12,14-15,40-46
Port Vlans in spanning tree forwarding state and not pruned
Gi0/1 11-12,14-15,40-46
Gi0/2 11-12,14-15,40-46
Gi0/3 11-12,14-15,40-46
Gi0/4 11-12,14-15,40-46
Gi0/5 11-12,14-15,40-46
Gi0/6 11-12,14-15,40-46
Gi0/7 40
Gi0/8 40
Gi0/9 40
Gi0/10 40
Gi0/11 40
Gi0/15 40
Gi0/16 40
Po1 1,9,11-12,14-15,40-41
Po2 42-46
SW-BLADE1# sh spanning-tree vlan 41
VLAN0041
Spanning tree enabled protocol rstp
Root ID Priority 4137
Address 0024.13b5.c080
Cost 7
Port 56 (Port-channel1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32809 (priority 32768 sys-id-ext 41)
Address 0023.05dd.7f80
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/1 Desg FWD 4 128.1 P2p Edge
Gi0/2 Desg FWD 4 128.2 P2p Edge
Gi0/3 Desg FWD 4 128.3 P2p Edge
Gi0/4 Desg FWD 4 128.4 P2p Edge
Gi0/5 Desg FWD 4 128.5 P2p Edge
Gi0/6 Desg FWD 4 128.6 P2p Edge
Po1 Root FWD 3 128.56 P2p
Po2 Altn BLK 50 128.64 P2p
SW-BLADE1#sh vtp status
VTP Version : running VTP2
Configuration Revision : 10
Maximum VLANs supported locally : 1005
Number of existing VLANs : 17
VTP Operating Mode : Client
VTP Domain Name : CPR1
VTP Pruning Mode : Enabled
VTP V2 Mode : Enabled
VTP Traps Generation : Enabled
MD5 digest : 0xC4 0xC1 0x3A 0xA3 0x37 0x93 0x9F 0xD3
Configuration last modified by 10.14.2.3 at 8-13-10 08:21:44
SW-BLADE1#sh vlan id 41
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
41 NLB_exchange active Gi0/1, Gi0/2, Gi0/3, Gi0/4
Gi0/5, Gi0/6, Po1, Po2
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
41 enet 100041 1500 - - - - - 0 0
Remote SPAN VLAN
----------------
Disabled
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
Thanks a lot for your help
ā08-20-2010 06:49 AM
Riziv,
That sounds like an issue with the client1.
Well, the arp response that the router is gonna send after the request from the Client 2 which is connected to the 2950 is a unicast and hence lesser chance for the client 1 to learn the MAC based on that.
What you can do is:-
1. Ping to the Client 2 (on 2950) from Client 1 (on 3020) and see what happens ?
2. If you could sniff on the Client 2 when the Client 1 is doing a Arp request, you may find whether the request is going upstream (since its a broadcast and Client 2 in the same Vlan)
3. Check the MAC address table of the 3020 and see whether the MAC of the gateway is learnt downstream at the trunk.
ā08-20-2010 07:52 AM
The client 1 is not the cause of the issue because I have one other client on the blade switch in this
vlan and every client is impacted with the issue.
Ping between client within the vlan is OK.
The mac address of the gateway is well known on the switch 3020.
When the client 2 is connected to the 2960, the arp request is well arriving up to the 3750 router and it reply to the client1
If the client 2 disconnect from the 2960, the client 1 is well doing arp request but does not receive any reponse from the 3750 anymore.
It sound like a bug on C2960 switches.
Switch 2960 already restarted without success.
Regards.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide