Solved: arp entries and vlans on layer 2 switch

murray-davis · ‎07-21-2010

On a layer 2 Cisco 2960, the management vlan is vlan 1. I have a couple of more vlans configured on the switch. In particular, vlan 8 is configured on two ports. From the CLI, I can ping the vlan 8 IP of a device connected to port fa0/8. After I see that the pings were successful, I issued the command "sh arp". I was surprised to see that the arp entry (IP and mac-address) for the device was not listed.

My goal was to get the mac-address for the device plugged into port fa0/8 using this method. I then got the mac-address by issuing the command "sh mac-address-table | include Fa0/14".

However, my question is why didn't I see the mac-address when I issued the "sh arp" after my pings were successful.

I thought maybe I needed to issue something like "sh arp vlan 8", but that command is not a valid command.

The vlan 1 management IP is 192.168.1.10/24, the vlan 8 ip address is 192.168.8.2/24. vlan 8 is defined in the vlan database on this layer 2 switch, but on on a vlan interface. There is a layer 3 switch on the network that has a vlan 8 interface defined as 192.168.8.1/24.

So, what is going on, why can't I see the arp entries from vlan 8?

Jon Marshall · ‎07-21-2010

The 2960 is a L2 switch so it doesn't care about IP addresses. When you ping a device from this switch the 2960 will use it's vlan 1 interface to send a packet to it's default-gateway which is a vlan 1 interface on a L3 switch presumably. The L3 switch will then route the packet onto vlan 8 and send it back to the 2960 assuming you have a trunk link which you must do.

So if you want to see the arp entry for the device on vlan 8 you need to go onto the L3 device that is responsible for inter-vlan routing. Note this will be the device that has a vlan 1 interface with the IP address that is set as the default-gateway on the 2960.

Jon

View solution in original post

Jon Marshall · ‎07-21-2010

The 2960 is a L2 switch so it doesn't care about IP addresses. When you ping a device from this switch the 2960 will use it's vlan 1 interface to send a packet to it's default-gateway which is a vlan 1 interface on a L3 switch presumably. The L3 switch will then route the packet onto vlan 8 and send it back to the 2960 assuming you have a trunk link which you must do.

So if you want to see the arp entry for the device on vlan 8 you need to go onto the L3 device that is responsible for inter-vlan routing. Note this will be the device that has a vlan 1 interface with the IP address that is set as the default-gateway on the 2960.

Jon

murray-davis · ‎07-21-2010

Thanks, Jon

Yoiu were right the mac entry was on the Layer 3 switch. It makes sense that the L3 switch that handles inter-vlan routing would handle the ping packets.

However, what doesn't make sense is that the layer 2 switch builds arp entries for vlan 1 IPs, but not for other vlan 8 or other non-default vlan entries. But I guess an arp table would only be built if there was an interface on the L2 switch that had a defined IP address.

Cheers,

Jon Marshall · ‎07-21-2010

However, what doesn't make sense is that the layer 2 switch builds arp entries for vlan 1 IPs, but not for other vlan 8 or other non-default vlan entries. But I guess an arp table would only be built if there was an interface on the L2 switch that had a defined IP address.

Correct. When i said the 2960 doesn't care about IPs that is for traffic passing through the switch. However the switch itself will have an IP for managament and this IP on your switch is in vlan 1 (note that you can use a different vlan for managing the switch). So for any other devices in vlan 1 the 2960 does not need to route those packets because they are in the same network so it can just arp out for them. But for any devices not in vlan 1 it must send them to it's default-gateway so that's why you don't see arp entries for anything other than vlan 1.

Jon