Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
427
Views
0
Helpful
2
Replies

Cisco 6500 ACE ARP / mac-stick enable

bdyzel123
Level 1
Level 1

‎06-10-2014 09:51 PM - edited ‎03-07-2019 07:42 PM

Hi,

 

We recently found two entries on our ACE logs constantly complaining about ip/arp collisions(%ACE-4-405001), and on further investigation we saw that these IP's related to the mac addresses no longer existed anywhere in our network.

 

1              5              2014-06-07 06:00:03         2014-06-08 02:00:04         WARNING            LOCAL4 ACE-CORE1:         %ACE-4-405001: Received ARP RESPONSE collision from x.x.x.x yy.yy.yy.yy.yy.yy on interface vlan5

2              4              2014-06-07 10:59:48         2014-06-08 02:59:49         WARNING            LOCAL4 ACE-CORE1:         %ACE-4-405001: Received ARP RESPONSE collision from x.x.x.x yy.yy.yy.yy.yy.yy  on interface vlan5

3              2              2014-06-07 06:59:48         2014-06-07 22:59:48         WARNING            LOCAL4 ACE-CORE1:         %ACE-4-405001: Received ARP RESPONSE collision from x.x.x.x yy.yy.yy.yy.yy.yy  on interface vlan5

4              1              2014-06-07 10:00:04         2014-06-07 10:00:04         WARNING            LOCAL4 ACE-CORE1:         %ACE-4-405001: Received ARP RESPONSE collision from x.x.x.x yy.yy.yy.yy.yy.yy  on interface vlan5

 

I exhausted the search for these two "ghost" ip's in our network, and finally remembered that our ACE configuration had a context we removed a few months back.

 

From this context we had the following configured on the interface:

 

interface vlan 18

  description CHAT-DMZ-FW

  bridge-group 1

  mac-sticky enable

  no shutdown

 

I want to confirm with you guys if anyone has seen something similar, or knows of this, but I believe the IP's learned mac addresses got "sticky" on the ACE admin context due to the mac-sticky enable command, even after we removed the context these entries persisted?

I finally used this command to remove the "ghost" IP's related to the mac addresses:

 

clear arp x.x.x.x no-refresh

 

 

Labels:
0 Helpful
2 Replies 2

Parvesh Paliwal
Level 3
Level 3

‎06-11-2014 01:32 AM

Dear Friend,

 

Also confirm if the IP addresses were reachable though  and as far as the Ghost synonym is referred, I can say there can be virtual mac-addresses, Ip addresses therein the network.

Thats it !

 

_

Parvesh

0 Helpful

bdyzel123
Level 1
Level 1
In response to Parvesh Paliwal

‎06-13-2014 05:22 AM

Hi Parvesh,

 

The IP address was not reachable(ping-able) at all. The IP address did show up in the arp table though.

The MAC address that it found on the ACE is the MSFC's system MAC address, so the MAC is/was valid, but not the IP.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card