Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2192
Views
0
Helpful
2
Replies

Duplicate IP affecting default gateway

Go to solution
drumrb0y
Level 1
Level 1

‎11-17-2006 11:01 AM - edited ‎03-05-2019 12:53 PM

I just had an entire VLAN drop out due to a host being brought onto the network that had been erroneously configured with a static IP that happened to be in conflict with the HSRP default gateway IP of the core switch; fortunately, we were able to remove the offending host and reconfigure default gateways as a workaround until the core switch's ARP table updated.

Is there any way to configure a 6500 running IOS to inhibit or block a conflicting IP (especially one with a gateway IP) by using a static ARP entry or other authoritative command?

Thanks,

Marc

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
sundar.palaniappan
Level 10
Level 10
In response to adavenport

‎11-17-2006 11:55 AM

You can configure Dynamic ARP Inspection (DAI) to protect the gateway address from being duplicated.

See the link below for more details.

http://www.cisco.com/en/US/products/ps6845/products_configuration_guide_chapter09186a00806e9f68.html#wp1041210

HTH

Sundar

View solution in original post

0 Helpful
2 Replies 2

Go to solution
adavenport
Level 1
Level 1

‎11-17-2006 11:14 AM

Had this same thing happen here years ago.

Not much you can do at the 6500. It will notice that a duplicate address exists, but not much can be done to combat it short of using static arp entries for the gateway in every single host on the lan. (and if folks have the option of configuring the gateway address as the ip address of the host, they are not likely going to do the right thing with a static arp entry, either.)

If you run DHCP on the lan, you might look into using dhcp-snooping configuration on the edge devices. That would most assuredly stop the miscreant devices.

Hopes this helps.

Roger

0 Helpful

Go to solution
sundar.palaniappan
Level 10
Level 10
In response to adavenport

‎11-17-2006 11:55 AM

You can configure Dynamic ARP Inspection (DAI) to protect the gateway address from being duplicated.

See the link below for more details.

http://www.cisco.com/en/US/products/ps6845/products_configuration_guide_chapter09186a00806e9f68.html#wp1041210

HTH

Sundar

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card