cdp neighbour show 127.0.0.12

Answered Question
Jul 31st, 2003
User Badges:

If i use "show cdp neighbours detail" I see two 6509 with native IOS (all others catOS)with same IP address (127.0.0.12).

On both 6509, VLAN1 and a loopback interface has it own IP address.

Because there are two machines with same IP address for CDP (127.0.0.12) CiscoWorks can`t work with them.

How can I change these addresses?

Sven

Correct Answer by milan.kulik about 14 years 2 weeks ago

Well, a little progress!

1)I would guess the original problem is caused by not allowing VLAN1 on the trunk.

Are you able to check some trunk where VLAN1 is allowed?

Remember: CDP is sent always in VLAN1 on trunks. Even when VLAN1 is not allowed on the trunk, CDP, VTP, CMP and other service protocols should be sent via VLAN1, only user data and STP are stopped. But some IOSes are having bugs related to this feature.

2)Another possibility is EtherChannel misconfiguration.

Remember: All ports connected to the same channel must have the same speed, duplex and VLANs ALLOWED.

3)Which VLAN are you using as the management one? I suppose VLAN1 (the only IP address of the switch is on int VLAN1 you said). So why VLAN1 is not allowed on the trunk?

Regards,

Milan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (3 ratings)
Loading.
milan.kulik Thu, 07/31/2003 - 01:40
User Badges:
  • Red, 2250 points or more

Hi,

why are you using such suspicious IP addresses in your network?

See RFC3330:

"127.0.0.0/8 - This block is assigned for use as the Internet host loopback address. A datagram sent by a higher level protocol to an address anywhere within this block should loop back inside the host.

This is ordinarily implemented using only 127.0.0.1/32 for loopback, but no addresses within this block should ever appear on any network anywhere [RFC1700, page 5]."

So I think there is a term mismatch what Cisco and the IANA means by "loopback".

But definitely you shouldn't use the 127.0.0.0/8 IP address range to address devices in your network.

I don't know how 6509 native IOS config looks (I don't use it in my network) but I suppose you should do

conf t

int VLAN1

ip address .....

int loopback 0

ip address ....

to change the addresses.

Regards,

Milan



sniff Thu, 07/31/2003 - 02:23
User Badges:

I configure only VLAN1 and a loopback interface with 10.x.x.x addresses but never 127.0.0.12 (internal address for supervisor engine slot 1).

Thats the problem.

The 6509 use the internal(!) not the configured address for cdp.


Sven

milan.kulik Thu, 07/31/2003 - 03:55
User Badges:
  • Red, 2250 points or more

It looks like a IOS bug to me.

Are you able to telnet to the VLAN1 address from another device?

Can you post the "sh cdp nei det" output issued on the neighbor CLI to see the 6509 entry?

The only case I could imagine a "reasonable" use of 127.0.0.12 address in CDP packet would be a case when there is no IP address assigned to the box (or VLAN1 shutdown) and you issue "sh cdp nei det" on the console of the box itself.

Regards,

Milan


sniff Thu, 07/31/2003 - 04:18
User Badges:

There is no problem to connect over telnet (VLANs IP address)


Here a part of the show cdp neighbours detail message:


***********************************

Device ID: C6509-B09-N2-xxiv

Entry address(es):

IP address: 127.0.0.12

Platform: cisco Catalyst 6000, Capabilities: Switch IGMP

Interface: GigabitEthernet9/16, Port ID (outgoing port): GigabitEthernet9/16

Holdtime : 122 sec


Version :

Cisco Internetwork Operating System Software

IOS (tm) c6sup2_rp Software (c6sup2_rp-PSV-M), Version 12.1(11b)E7, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)

TAC Support: http://www.cisco.com/tac

Copyright (c) 1986-2002 by cisco Systems, Inc.

Compiled Wed 21-Aug-02 05:12 by eaarmas


advertisement version: 2

VTP Management Domain: 'XXX-DUS-DMZ'

Native VLAN: 108

Duplex: full

********************************


Sven

milan.kulik Thu, 07/31/2003 - 22:38
User Badges:
  • Red, 2250 points or more

Hi,

some additional questions:

Is your 6509 providing L3 functionality? If yes, is an IP address assigned to int VLAN108? Is GigabitEthernet9/16 a trunk or access port? Isn't it a part of EtherChannel?

Regards,

Milan


sniff Thu, 07/31/2003 - 23:44
User Badges:

Hi,

there´s a msfc integrated.

VLAN108 hasn`t an IP address.

GE 9/16 is part of an channel and the channel is a trunk.


Only VLAN1 has an IP address (Loopback interface with an IP address was temporary created for tests only)


Thanks for yor help!

Sven

sniff Fri, 08/01/2003 - 00:12
User Badges:

Additional info


VLAN 108 is native VLAN of the trunked channel


**************************************************


interface Port-channel2

description Channel 9/15-16 to XXIII

no ip address

switchport

switchport trunk encapsulation dot1q

switchport trunk native vlan 108

switchport trunk allowed vlan 4,45,108,110,112,114,116,163,169,170,1002-1005

switchport mode trunk


***************************************************

Sven

sniff Fri, 08/01/2003 - 01:36
User Badges:

Additional info 2


NO IP ROUTING


is set !


Sven

milan.kulik Fri, 08/01/2003 - 02:19
User Badges:
  • Red, 2250 points or more

Sven,

last idea:

try to catch a CDP frame sent via an access port assigned to VLAN1.

If it contains a correct IP address, the problem might be caused by not allowing VLAN1 on the trunk (I remember a bug in 3550 IOS), Etherchannel (also remember a bug on 6000) or something similar.

If it contains the 127.0.0.12 IP address report a bug to TAC.

Regards,

Milan


sniff Fri, 08/01/2003 - 03:08
User Badges:

Hello Milan,


I enabled cdp on an access interface (VLAN1)

a switch (connected on this interface) shows the correct IP address now!


Sven

Correct Answer
milan.kulik Fri, 08/01/2003 - 03:57
User Badges:
  • Red, 2250 points or more

Well, a little progress!

1)I would guess the original problem is caused by not allowing VLAN1 on the trunk.

Are you able to check some trunk where VLAN1 is allowed?

Remember: CDP is sent always in VLAN1 on trunks. Even when VLAN1 is not allowed on the trunk, CDP, VTP, CMP and other service protocols should be sent via VLAN1, only user data and STP are stopped. But some IOSes are having bugs related to this feature.

2)Another possibility is EtherChannel misconfiguration.

Remember: All ports connected to the same channel must have the same speed, duplex and VLANs ALLOWED.

3)Which VLAN are you using as the management one? I suppose VLAN1 (the only IP address of the switch is on int VLAN1 you said). So why VLAN1 is not allowed on the trunk?

Regards,

Milan

sniff Fri, 08/01/2003 - 04:39
User Badges:

Hi Milan,


the system is a coreswitch, so I can test different configurations on special days only.


Your statements about this problem hit the problem, I think.


So I will close this session an check the problem later (special days).


Thanks for your help.

Sven

Actions

This Discussion