11-17-2006 11:01 AM - edited 03-05-2019 12:53 PM
I just had an entire VLAN drop out due to a host being brought onto the network that had been erroneously configured with a static IP that happened to be in conflict with the HSRP default gateway IP of the core switch; fortunately, we were able to remove the offending host and reconfigure default gateways as a workaround until the core switch's ARP table updated.
Is there any way to configure a 6500 running IOS to inhibit or block a conflicting IP (especially one with a gateway IP) by using a static ARP entry or other authoritative command?
Thanks,
Marc
Solved! Go to Solution.
11-17-2006 11:55 AM
You can configure Dynamic ARP Inspection (DAI) to protect the gateway address from being duplicated.
See the link below for more details.
HTH
Sundar
11-17-2006 11:14 AM
Had this same thing happen here years ago.
Not much you can do at the 6500. It will notice that a duplicate address exists, but not much can be done to combat it short of using static arp entries for the gateway in every single host on the lan. (and if folks have the option of configuring the gateway address as the ip address of the host, they are not likely going to do the right thing with a static arp entry, either.)
If you run DHCP on the lan, you might look into using dhcp-snooping configuration on the edge devices. That would most assuredly stop the miscreant devices.
Hopes this helps.
Roger
11-17-2006 11:55 AM
You can configure Dynamic ARP Inspection (DAI) to protect the gateway address from being duplicated.
See the link below for more details.
HTH
Sundar
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide