Gratuituos arp issue on CSS

Unanswered Question
Sep 24th, 2010


Hi CSS experts,

I am facing issue with the arp table on the css. The issue is:-


PIX 1 and PIX2 are 2 cluster firewalls in active-standby mode.


And when my PIX2 is active ARP Gratuitios is ent to CSS in order to update ARP table concerning new mac addresses of PIX2 and CSS really does it.


On CSS  I type command  "sh arp" its  ARP table updated.Problem is CSS continues to use ARP table from PIX1. Hence wanted to know the reason for the same.


Any suggestion on this would be appriciated.


Thanks in advance.

Regards

Alex.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Ivan Kovacevic Thu, 09/30/2010 - 11:21

Hi Alex,


The way PIX firewall failover works is that at the time of switchover two PIXes swap IP addresses and MAC addresses on all interfaces, and the PIX that became active uses the very same addresses. Therefore the CSS (and any other device) is not aware that a switchover has even occurred. You can get more info on this topic at http://tools.cisco.com/squish/83558 .

I suggest you to take a better look at MAC addresses on PIXes before and after failover.


Ivan

Actions

This Discussion