Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

ARP inspection

I need some help , i have ARP inspection applied on our switches, we applied the default limit rate 15 on all switches we have (Edge switches and server switch).

Some Edge port blocking and I did antivirus scan but I didn`t find any viruses.

Some servers ,routers and edges ports it’s always blocking.

when I tried to increase  the limit rate to 50 the also is blocking (on routers and servers), I increased again to 100 it’s not blocking

The question is how I can control and find any problem and what is the recommended limit rate for the servers PC`s and routers

and if there is a tool to check this

And kindly find the below simples log

%SW_DAI-4-PACKET_RATE_EXCEEDED: 20 packets received in 0 milliseconds on Fa1/0/3.
053421: Sep 29 20:52:11 EGY: %PM-4-ERR_DISABLE: arp-inspection error detected on Fa1/0/3, putting Fa1/0/3 in err-disable state
053422: Sep 29 20:52:12 EGY: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0/3, changed state to down

034155: Oct 12 15:16:37 EGY: %SW_DAI-4-PACKET_RATE_EXCEEDED: 49 packets received in 50 milliseconds on Fa0/30.

034156: Oct 12 15:16:37 EGY: %PM-4-ERR_DISABLE: arp-inspection error detected on Fa0/30, putting Fa0/30 in err-disable state

000124: Oct  5 23:33:17 EGY: %SW_DAI-4-PACKET_RATE_EXCEEDED: 53 packets received in 922 milliseconds on Gi0/37.

000125: Oct  5 23:33:17 EGY: %PM-4-ERR_DISABLE: arp-inspection error detected on Gi0/37, putting Gi0/37 in err-disable state

Everyone's tags (1)
4 REPLIES

Re: ARP inspection

Hello,
I hope this post will be useful to resolve your problem:

https://learningnetwork.cisco.com/thread/26465

Best regards.

Sent from Cisco Technical Support iPad App

Re: ARP inspection

thanks santamaria for you replay but this case not like my case

my case is the routers and servers is blocking randamly by it self

Re: ARP inspection

Hello.

I have seen similar problem caused due to windows, windows has a feature called link-layer topology discover mapper/responder.

For some reason windows tries to poll information from the network, causing arp inspection to put the interface into-errdisable status.

One test I suggest is to take a sniffer capture in one of the interfaces having the problem, filter by "arp" and study the behavior, it will give a better look of what is going on.

Regards.

Wilson B.

Re: ARP inspection

Thanks wilson for you r replay

i`m checking now this service but the problem is happening randomly on the cisco routers and servers

is there is any tool explain this blocking

or there is recommended rate to avoid this blocking

3134
Views
4
Helpful
4
Replies