Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACE - bridged mode - blocking Traffic

Hi

Just a short question. Is an ACE blocking traffic from a Source if the mac-address of that source is not in the ARP/MAC table? No security feature is enabled. The sniffer shows, that the packet is not going through. Other traffic works fine. So no problem with incoming ACL or something else. Any reason for that.

Cheers

patrick

3 REPLIES
New Member

Re: ACE - bridged mode - blocking Traffic

Any suggestions?

Cheers

patrick

Re: ACE - bridged mode - blocking Traffic

By default, for bridged traffic, the ACE learns MAC addresses from all traffic.

What is the source address in your case?

Is it a default gateway?

If it is then create a dummy real server using gateway IP address. This way ACE will pro actively populate the ARP table and ARP entry will never time out.

Syed Iftekhar Ahmed

Cisco Employee

Re: ACE - bridged mode - blocking Traffic

Patrick,

indeed, if the src mac is not in the arp table, we can't setup a flow entry for that traffic and it is dropped.

We should first learn the mac-address from arp traffic.

Also check the following command to see if that helps:

switch/Admin(config-if)# arp inspection validate src-mac ?

flood Enable the flood option

no-flood Enable the no flood option

Carriage return.

Gilles.

293
Views
0
Helpful
3
Replies
CreatePlease login to create content