Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3917
Views
0
Helpful
2
Replies

DHCP Reservation problems caused by ARP proxy?

speters
Level 1
Level 1

‎12-02-2013 11:09 AM - edited ‎03-03-2019 07:14 AM

We have been having recurring problems at three of our new school sites with printer IP addresses. We have created the address reservations in our DHCP servers (Windows Server 2012) but several times per week, the address shows up as a "BAD ADDRESS" in the DHCP leases and the printer never does get a good lease until we recreate the reservation and power cycle the printer. This is happening across several different printer models.


Because this is only happening at our new sites, I've been investigating possible reasons. The configurations are mostly identical at our new sites and old; we have 3750X's at the old sites and 3850's (and one school with 4500X's) at the new sites. We have the correct IP helpers on every VLAN - one for each of our DHCP servers and one for each ISE node. ISE doesn't respond to the DHCP requests, it only listens for them to profile the endpoints. I've also begun enforcing ISE at one of the sites to see if it was just related to IP conflicts - no luck so far.


Today I was fixing a printer reservation and came across something interesting. At one of the new schools, the MDF ARP table reported that 10.24.12.20 was assigned to a workstation (it is supposed to be assigned to a printer).  When I ran a check on the port in the IDF associated with that IP address to find the IP that was associated with the device, the device had an IP of 10.24.12.26. This caused me to start looking for ARP problems.


I went looking for a difference in the configs on the 3850's and the 4500X's compared to the 3750X's at the older sites. Here's what I found when I did a "sh run all":


4500X:

ip arp poll queue 1000

ip arp poll rate 1000

no ip arp proxy disable

ip arp gleaning tftp

ip arp gleaning udp

ip arp incomplete retry 20

ip arp incomplete entries 5000

ip arp incomplete enable

ip arp inspection log-buffer entries 32

ip arp inspection log-buffer logs 5 interval 1

ip sticky-arp

no ip gratuitous-arps

The 3750X only has the following ARP commands:

ip sticky-arp

no ip gratuitous-arps

ip arp inspection log-buffer entries 32

ip arp inspection log-buffer logs 5 interval 1

I was looking in particular at the "no ip arp proxy disable" on the 4500 and 3850's. I'm wondering if the newer switches are working as ARP proxies and causing problems with the printers. It doesn't seem that the 3750X's or older are doing this, or even have the commands. I am headed down the wrong path here? What are the repercussions of disabling the arp proxy on the newer switches to test it?

Thanks

2 people had this problem
Labels:
0 Helpful
2 Replies 2

cadet alain
VIP Alumni
VIP Alumni

‎12-05-2013 02:23 AM

Hi,

if you have proxy arp then you should see multiple IP mapped to same MAC( the one from the device with proxy arp enabled), is this the case ?

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
0 Helpful

Jeff Van Houten
Level 5
Level 5
In response to cadet alain

‎12-07-2013 09:16 AM

In my humble opinion, proxy-arp is only good for hiding misconfigurations on hosts and should be turned off on all routed interfaces in a well managed environment. Just my 2 cents.

Sent from Cisco Technical Support iPad App

0 Helpful
Customers Also Viewed These Support Documents