we are having multiple VLANs in our infrastructure. for all the VLANs except 1 vlan when we ping the brodcast IP of that vlan pool, we get a reply from the gateway ip of the VLAN. But only for 1 vlan we are getting very wierd behaviour. for this VLAN we get a reply from some random machines from the LAN. We are unable to trace this issue as why any machines in LAN are replying when we ping brodcast IP of that LAN. Can any 1 please suggest possible cause ... Thanks in advance.
To really provide a correct answer we would need more information about your situation. But from what you have described I would say that the most common explanation would be that the machine that is generating the ping request to the broadcast address is in the same VLAN as the machines that are responding to the broadcast ping.
Many thanks for the reply. Yes you r right the machines which are replying are in the same VLAN of the brodcast IP. But this is happening only for one vlan not for others even though configurations are same. Anyways its not affecting the network. But I am unable to trace as why this is happening.
If I knew more about the topology of your network I could probably phrase my explanation better (for example I am not clear whether we are talking about using a router or a layer 3 switch as the gateway device). But I will attempt an answer and hope that it will make sense to you.
First I would like to be clear about some terminology. A ping to the broadcast address is known as a directed broadcast (especially when it is for a remote VLAN/remote subnet).
If a device sends a directed broadcast into its own VLAN then it is sent to all the devices within the broadcast domain. All the devices in the local VLAN receive the ping to the broadcast address and at least some of them will probably respond.
If a device sends a directed broadcast to a remote VLAN/remote subnet then it will send it to its default gateway. The local gateway will forward the directed broadcast to the remote gateway. then the question becomes will the remote gateway forward the directed broadcast into its VLAN (into its broadcast domain). It has been the default for quite some time that Cisco devices will not not forward directed broadcasts into their subnets (directed broadcasts can be used in some Denial of Service attacks). In this case the remote gateway will respond to the directed broadcast but will not forward it into its VLAN.
I believe that this is the behavior that you are seeing. Ping to the broadcast of the local VLAN gets responses from multiple machines because the broadcast is local. But ping to the remote VLANs gets responses only from the gateway interface because the default is to not forward directed broadcast.
You could configure the remote gateway interface with the command ip directed-broadcast. This would enable the gateway to forward the directed broadcast and then you would get responses from multiple remote machines. (I say that you COULD do this, I do not suggest that you SHOULD do this).
1 of my collegue added some network mgmt tool which was scanning our entire network with a very high frequency and also it was polling all the network devices by snmp. We observed that when we unpulgged that server our issue was resolved.
Many thanks again for providing help and replying to my query. Only for security reasons i couldnt disply the running config of my core devices. But now my network is stable...
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...