cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2985
Views
0
Helpful
3
Replies

catalyst 3750/2960: ARP entry after copy tftp command

Hy

We have some problems downloading the configuration via tftp. The problem occurs after we move to the new WAN-router. We find out that the problem is in the ARP-cache of the Catalyst switches.

Both switches C3750 and C2960 are configured as L2 Switches (VLAN interface and default-gatway);

When I do a COPY RUN TFTP command and afterwards an SHOW ARP I see an entry for the TFTP-Server, although the server is not in the local subnet:

C2960#sh arp

Protocol  Address          Age (min)  Hardware Addr   Type   Interface

Internet  192.168.1.2             0   0014.f26d.d17f  ARPA   Vlan1

Internet  192.168.5.200          39   0014.f26d.d17f  ARPA   Vlan1

Internet  192.168.1.199           -   0024.51ba.3fc0  ARPA   Vlan1

When I repeat the test with an COPY RUN FTP, the FTP-session uses the normal Default-GW ARP entry (no arp-entry with 192.168.5.200)

When I change the configuration on the C3750 to IP routing with a default-route, then TFTP uses also the Default-GW ARP entry (no entry with the TFTP-server)

A sniffer-trace show, that there is no ARP Packet to the Router when the entry is created.

Question:         why does this occur with tftp and not with ftp?

                        Is it possible to deactivate this function?

Best regards

Bernd

3 Replies 3

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Bernd,

this is very peculiar indeed.

However, you see proxy ARP in action here:

Internet  192.168.1.2             0   0014.f26d.d17f  ARPA   Vlan1

Internet  192.168.5.200          39   0014.f26d.d17f  ARPA   Vlan1

as you see the MAC address of both entries is that of the gateway 0014.f26d.d17f

the device 192.168.1.2  has proxy-ARP enabled and answers with its own MAC address for an ARP request done for 192.168.5.200 that is out of context.

This is done to help hosts that don't know their default gateway or have a wrong shorter mask.

To be noted that the device should :

or use ip default-gateway for all communications

or rely on proxy ARP for all communications

What IOS image is running on the switches?

>> A sniffer-trace show, that there is no ARP Packet to  the Router when the entry is created.

even more strange, proxy ARP would require the ARP request to be sent to the L3 device

What device is the new router and what IOS image is running on it?

Hope to help

Giuseppe

hy Giuseppe,

thank you for the fast answer;

I did the tests with 12.2(50)SE1 and 12.2(35)SE5. My customer uses 12.2(44)SE2; Always the same result.The default-router in my lab is an C2801; I already deactivated proxy-arp on the interfaces; with the same result; the arp-entry comes again after a copy run tftp.

The question is, why does the switch do a kind of proxy-arp with TFTP and not with FTP, Telent or ICMP?

It would by ok, when there is no default-gateway configured, but there is on; this ARP entry only happens with tftp;

I already deactived several services, like service dhcp, service config and so on, but result remain the same.


my trace shows ARP packets for the default-gw, when I clear the arp-cache, but no packets for the arp-entry TFTP-server.

following an output from the ARP:

C2960#sh arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  192.168.1.2             0   0014.f26d.d17f  ARPA   Vlan1
Internet  192.168.1.199           -   0024.51ba.3fc0  ARPA   Vlan1
C2960#ping 192.168.5.200

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.5.200, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/9 ms
C2960#sh arp           
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  192.168.1.2             0   0014.f26d.d17f  ARPA   Vlan1
Internet  192.168.1.199           -   0024.51ba.3fc0  ARPA   Vlan1
C2960#copy run tftp://192.168.5.200/xy
Address or name of remote host [192.168.5.200]?
Destination filename [xy]?
!!
1610 bytes copied in 0.394 secs (4086 bytes/sec)
C2960#
C2960#sh arp                         
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  192.168.1.2             0   0014.f26d.d17f  ARPA   Vlan1
Internet  192.168.5.200           0   0014.f26d.d17f  ARPA   Vlan1
Internet  192.168.1.199           -   0024.51ba.3fc0  ARPA   Vlan1
C2960#
C2960#clear arp-cache
C2960#
C2960#sh arp         
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  192.168.1.199           -   0024.51ba.3fc0  ARPA   Vlan1
C2960#ping 192.168.5.200            

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.5.200, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/202/1007 ms
C2960#sh arp           
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  192.168.1.2             0   0014.f26d.d17f  ARPA   Vlan1
Internet  192.168.1.199           -   0024.51ba.3fc0  ARPA   Vlan1

ciao

Bernd

HI

 

I am also facing some similar issue. Were you able to find out any solution??

 

 

OM: Bootstrap program is C3560 boot loader
BOOTLDR: C3560 Boot Loader (C3560-HBOOT-M) Version 12.2(44)SE6, RELEASE SOFTWARE (fc1)

 

System image file is "flash:c3560-ipservicesk9-mz.122-58.SE2.bin"

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: