Arp vs route lookup

ahmad82pkn · ‎02-16-2014

Hi, i need explanation of a resolved issue. I have a router that is connected to a firewall. Router interface ip is 193.168.100.1/28 and firewall connected interface ip is 192.168.100.16/28. Router was not able to ping firewall. On this direct cable connection. Later found router was learning 192.168.100.1/31 from its wan multilink interface from mpls cloud. Blocking this subnet from receiving on multilink resolve the issue ans .1 of router was able to ping .16 of firewall. My question is why so? When we ping .16 packet reaches .16 since it kearning .16 from directly connecred interface and when .16 firewall respond back, it sees .1 as connected unterface and shoukdnt generate arp request? And ask .1 router to tell him its mac and send packet on mac address? Why communication wasnt happening when router was learning .1 with /31 from multilink interface? Any explanation would be helpful thanx

Sent from Cisco Technical Support Android App

Jon Marshall · ‎02-17-2014

There is not really enough information to go on here but the most obvious thing that stands out is the router and firewall IPs ie.

192.168.100.1 255.255.255.240 = subnet 192.168.100.0, broadcast 192.168.100.15

192.168.100.16 255.255.255.240 is actually the subnet address eg. subnet 192.168.100.16, broadcast 192.168.100.31

if those IPs are right then the router and firewall are not in the same subnet.

So when the router wants to send a packet to the firewall it knows it does not have a directly connected interface in the destination IP subnet so it looks in it's routing table for a matching route.

Can't really say much more without more details ie. would need to see routing tables of the router and the firewall.

Jon