Our network has been experiencing intermittent issues the last few days. At random times, the network becomes unstable, voip, citrix connections to servers, connections to the internet, vpn connections, etc;.
I started watching the logging on the ASA and saw that at random times the inside interface(which is also the default gw for the lan) would "flap", or go down and come back up 3-4 times very rapidly. It appears that this is what is causing the network instability. I haven't seen any other issues.
Our ISP (Verizon) ran diagnostics and said they just saw a larger than normal amount of utilization on our T1.
What could cause an internal interface on an ASA to behave like that?
Ok, discovered the problem via the syslog entries:
"Received ARP response collision from xxx.xxx.xxx.xxx"
To make a long story short, a box had been assigned the same ip as the inside interface on the ASA. What is strange is that the interface would continue "flapping" even after the problem with the ip conflict was resolved. I cleared the ARP cache on the ASA and reset our switches and that seems to have corrected it.
My main concern is why would an interface behave like this simply because another device on the network also thought it was the same address?
Is this "normal" behavior for an ASA? It is running 7.2 firmware.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...