we have a Cisco 6500 switch with FWSM module. we changed the VLAN names on the switch, the FWSM and the access switches. we also changed the security levels on the FWSM for the user access VLANs. the cahnges done were just to put users VLANs on the same security level, leaving the server farm unchanged. also, the firewall rules were left unchanged. after the change, the network failed. the FWSM module was restarted and part of the network came up. the other part was still down. it was later realized that the AD was not responding, which is sitting in the server farm which nothing has been changed on it. it was also realized that the AD server registered 2 mac-addressed sharing the same IP address. the FWSM syslog message were warning of ARP collisions. after the AD server was restarted, the network came up. the two ARP entries disapeared.
Now the network is up with the changes but want we are trying to find out is why the AD server needed a restart before it can come up? why we had two mac-address with same IP address? according to the system team, this is normal due the NIC teaming. was the problem caused by restarting the switches, VLAN names or security levels?
Your help will be highly appreciated as we are doing some root cause analysis.
I would suggest to open a cisco TAC service request for this issue.
There is a need for a detailed analysys to understand what went wrong in the network, what were the impairments in the network.
After all this is analyzed it would be possible to discuss if that multi homed server, the AD has overreacted to network changes or even it had switched to the isolated part of the network or it has simply tried to survive.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...