ARP detstination mac-address 0000.0000.0000
Internet Router--->3550 Switch-->Nortel Contivity
63.169.164.134-->63.169.164.140--> 63.169.140.136
All the devices are having public IP addresses and are in Vlan 100.
Sometimes the Internet Router is not able to ping or connect to the Contivity where as the switch is able to access both the devices (Internet Rtr & Contivity).
While checking on the switch & Internet rtr i capture the following logs.
Switch#sh log
Mar 25 11:17:17.990 EDT: IP ARP: creating incomplete entry for IP address: 63.169.164.136 interface Vlan100
Mar 25 11:17:17.990 EDT: IP ARP: sent req src 63.169.164.140 0012.800b.a780,dst 63.169.164.136 0000.0000.0000 Vlan100
Internet RTR#sh log
Mar 25 11:17:17 EDT: IP ARP: rcvd req src 63.169.164.140 0012.800b.a780, dst 63.169.164.136 GigabitEthernet0/1
Mar 25 11:20:54 EDT: IP ARP: rcvd req src 63.169.164.138 0018.b964.66fc, dst 63.169.164.145 GigabitEthernet0/1
We have done a static ARPA entry in internet rtr for Contivity but still the issue remains same. The moment the issue persists again i tried to clear the arp on switch but it didn't make router to get reply from Contivity when i did the same clear arp-cache on internet rtr, it started getting communicate with Contivity.
I am not able to find the solution of this issue and the reason for that, now every time i have to do clear ip arp-cache on rtr whenever the issue comes down.
Also i want to understand the situation when a dest mac-address can be 0000.0000.0000.
Any help on this will be appreciated.
Thanks.
Bhupesh
If a router receives a packet to forward to a destination address which is on a local LAN but the destination IP address does not appear in the arp table then the router creates an incomplete entry in the ARP table (it is incomplete because the router does not have the destination MAC address and is attempting to learn it). The router creates the incomplete entry in the ARP table and sends an ARP request. If the router receives an ARP response then it puts the destination MAC address into the ARP table and the entry is now complete. If no ARP response is received the router will purge the incomplete entry. Note that the router can not forward the IP packet that caused the incomplete entry and the router will drop that IP packet.
In considering the problem with contivity I had been assuming that the problem was on rtr. But it occurs to me that it is quite possible (and even likely given the fact that you mention which is that in the problem the switch can still ping contivity ) that the problem is on contivity. I wonder if for some reason contivity gets an incorrect MAC for rtr? I suspect that clear arp on rtr fixes the problem because as it clears the arp table I believe that rtr will send a gratuitous arp which refreshes the ARP entry in contivity. In the time of the problem can you check the table in contivity?
HTH
Rick
Similar Messages
-
Hi All
I did not type the following command. Why does it appear when I show run ? Which command can cause the issue? Thank you
mac-address-table static 0000.0c07.ac01 interface FastEthernet1/0 vlan 3Hello,
It looks as if you have HSRP configured. Mac address 0000.0c07.ac01 is the HSRP virtual mac address. 01 at the end of the mac represents the HSRP group number.
Hope this helps,
Please rate helpful answers.
Thanks. -
MAc address 0000.0000.0080
Has any one seen this:
2549009: Nov 21 03:26:59.310 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 320: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549015: Nov 21 03:42:03.536 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 320: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549018: Nov 21 03:50:58.894 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 302: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549020: Nov 21 04:00:40.298 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 320: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549022: Nov 21 04:03:10.011 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 254: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549024: Nov 21 04:48:00.609 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 56: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549028: Nov 21 05:35:37.949 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 254: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549030: Nov 21 06:03:22.173 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 56: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549033: Nov 21 06:49:11.174 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 301: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549036: Nov 21 07:03:39.286 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 340: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549042: Nov 21 07:51:24.704 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 340: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549049: Nov 21 08:26:59.979 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 330: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549053: Nov 21 08:34:32.180 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 340: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549056: Nov 21 08:38:53.740 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 320: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549069: Nov 21 09:19:37.811 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 254: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549081: Nov 21 10:06:18.762 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 320: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549086: Nov 21 10:38:55.559 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 320: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549088: Nov 21 11:00:02.806 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 320: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549099: Nov 21 11:43:22.277 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 340: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549101: Nov 21 11:46:43.689 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 320: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549104: Nov 21 11:50:52.590 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 350: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549106: Nov 21 12:05:22.439 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 302: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549108: Nov 21 12:46:25.336 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 301: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549110: Nov 21 12:47:12.656 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 320: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549116: Nov 21 13:08:33.962 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 320: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549120: Nov 21 14:05:46.457 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 320: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549125: Nov 21 14:27:59.722 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 340: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549135: Nov 21 15:07:31.530 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 302: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
2549143: Nov 21 17:17:18.229 GMT: %SPANTREE-5-ROOTCHANGE: Root Changed for vlan 302: New Root Port is GigabitEthernet0/2. New Root Mac Address is 0000.0000.0080
Seem like only the Root mac is changing and not the root bridge.Hi ,
Seems you are getting superior BPDU from Gi0/2 . mac address 0000.0000.0080 below is Xerox corporation .
Do you have xeror switches in your network . Trace the mac and check if you have really a xeror switch and that suppose to be a root bridge. If not then decrease the xeror switch priority .
http://www.coffer.com/mac_find/?string=0000.0000.0080
If its not a switch then check why its generating a bpdu . If it is not require then shutdown the box or change the priority .
HTH
Regards,
VS.Suresh.
*Plz rate the usefull posts. -
ARP table not populating mac address for previously reachable IP address
Router has been online and working fine with one BGP neighbor for almost 2 years and no downtime. 2 weeks ago, added a 2nd BGP peer. Everything worked fine for 2 weeks, then all of a sudden yesterday the 2nd BGP peer is disconnected and does not come back. ISP checks and sees everything looks fine on their end. We cannot even ping each other now.
Upon investigation, the ARP table is not even populating the MAC address for the BGP peer IP anymore (same local subnet). Stays "incomplete" in the table no matter what we do, including clearing arp table, changing IP address, etc.
Plug a laptop directly into the 2nd BGP peer FE port and replicate the IP addressing. Laptop cannot ping Router, but Router CAN ping laptop. Check ARP table, but STILL no mac address assigned and now not even the ARP table showing "incomplete".
Thinking it could be the FE interface, switch to the 2nd FE interface and perform same laptop test, this time with arbitrary IP addressing. Now cannot ping each other, no MAC in ARP table.
End up rebooting the router and lo-and-behold, everything is working normally again. 2nd BGP peer peers up instantly.
I should also mention that the 1st BGP peer worked flawlessly throughout, taking all the Internet load and having no issues throughout.
Also, the FE ports for the 2nd BGP peer are on an HWIC FE card plugged into the router. The 1st BGP peer is plugged into the built-in GE interface. 2901 running: c2900-universalk9-mz.SPA.151-4.M4.bin
Lastly, no router resource issues, no error messages, no logs. Just the BGP peer disconnecting.
I have never, in 20 years working with Cisco routers seen something like this before. This is the most fundamental aspect of IP and Ethernet that was not working.
Has anyone ever seen this behavior before??
Here is the router config (IP's changed):
version 15.1
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service internal
service sequence-numbers
boot-start-marker
boot-end-marker
logging buffered 150000
aaa new-model
aaa authentication login LAUTHEN local
aaa authentication login TAUTHEN local group tacacs+ enable
aaa authorization console
aaa authorization exec LAUTHOR local if-authenticated
aaa authorization exec TAUTHOR local group tacacs+ if-authenticated
aaa session-id common
clock timezone PST -8 0
clock summer-time PDT recurring
no ipv6 cef
no ip source-route
ip cef
no ip domain lookup
multilink bundle-name authenticated
username ubiadmin privilege 15 secret 4 .JbeuWXuZvchrG0OL.5BftFtqrrEyxcnVHn5rIuCnTk
username umitsnoc01 privilege 15 secret 4 cUmoRUjey9O1x.wk9S.kleX.iAAhCwihupr6Z98p6OA
redundancy
ip ssh version 2
track 1 interface GigabitEthernet0/0 line-protocol
class-map match-any AutoQoS-VoIP-RTP-Trust
match access-group name SIP-Media-INBOUND
class-map match-any AutoQoS-VoIP-Control-Trust
match ip dscp cs3
match ip dscp af31
class-map match-any Customer-Voice
match access-group name Customer-VPNs
class-map match-any media
match access-group name SIP-Media
class-map match-any signaling
match access-group name SIP-Signaling
policy-map AutoQoS-Policy-Trust
class AutoQoS-VoIP-RTP-Trust
priority percent 70
class AutoQoS-VoIP-Control-Trust
bandwidth percent 5
class class-default
fair-queue
policy-map queue
class signaling
bandwidth percent 5
class media
priority percent 50
class Customer-Voice
priority percent 40
class class-default
fair-queue
policy-map shape
class class-default
shape average 10000000
service-policy queue
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
description BGP Peer 1
ip address 2.2.2.2 255.255.255.252
no ip redirects
ip flow ingress
ip flow egress
duplex auto
speed auto
service-policy output shape
interface GigabitEthernet0/1
description LAN
ip address 1.2.3.4 255.255.255.0
no ip redirects
ip flow ingress
ip flow egress
standby 255 ip 1.2.3.1
standby 255 priority 105
standby 255 preempt
standby 255 mac-address 1a2b.3c4d.5e6f
standby 255 track 1 decrement 10
duplex auto
speed auto
service-policy output AutoQoS-Policy-Trust
interface FastEthernet0/0/0
description BGP Peer 2
ip address 1.1.1.1 255.255.255.252
ip flow ingress
ip flow egress
duplex full
speed 100
service-policy output shape
interface FastEthernet0/0/1
no ip address
shutdown
duplex auto
speed auto
router bgp 7777
bgp router-id 2.2.2.2
bgp log-neighbor-changes
network 1.2.3.0 mask 255.255.255.0
neighbor 1.1.1.2 remote-as 5555
neighbor 1.1.1.2 update-source FastEthernet0/0/0
neighbor 1.1.1.2 prefix-list L3-DEFGW in
neighbor 1.1.1.2 route-map L3-LPREF-IN in
neighbor 2.2.2.1 remote-as 6666
neighbor 2.2.2.1 ebgp-multihop 2
neighbor 2.2.2.1 update-source GigabitEthernet0/0
neighbor 2.2.2.1 send-community
neighbor 2.2.2.1 prefix-list COLO-DEFGW in
neighbor 2.2.2.1 route-map COLO-LPREF-IN in
neighbor 2.2.2.1 route-map COLO-OUT out
ip forward-protocol nd
ip bgp-community new-format
ip as-path access-list 5 permit _5555_
ip as-path access-list 5 deny .*
ip as-path access-list 10 permit ^6666$
no ip http server
no ip http secure-server
ip flow-top-talkers
top 50
sort-by bytes
ip route 0.0.0.0 0.0.0.0 1.1.1.2 254 name L3
ip route 0.0.0.0 0.0.0.0 2.2.2.1 255 name COLO1
ip route 10.0.0.0 255.0.0.0 10.10.10.10 name FW_OUTSIDE
ip tacacs source-interface GigabitEthernet0/1
ip access-list standard SNMP_SOURCES
permit 12.12.12.0 0.0.0.255
deny any log
ip prefix-list L3-DEFGW seq 5 permit 0.0.0.0/0
ip prefix-list COLO-DEFGW seq 5 permit 0.0.0.0/0
ip prefix-list COLO-LPREF-OUT seq 5 permit 1.2.3.0/24
route-map COLO-LPREF-IN permit 5
match as-path 5
set local-preference 250
route-map COLO-LPREF-IN permit 10
set local-preference 150
route-map COLO-LPREF-IN permit 20
route-map COLO-OUT permit 10
match ip address prefix-list COLO-LPREF-OUT
set as-path prepend 7777 7777 7777
set community 29795:1004
route-map COLO-OUT permit 20
route-map L3-LPREF-IN permit 10
match as-path 10
set local-preference 200
route-map L3-LPREF-IN permit 20
set local-preference 150
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps vrrp
snmp-server enable traps flowmon
snmp-server enable traps transceiver all
snmp-server enable traps ds1
snmp-server enable traps call-home message-send-fail server-fail
snmp-server enable traps tty
snmp-server enable traps license
snmp-server enable traps envmon
snmp-server enable traps ethernet cfm cc mep-up mep-down cross-connect loop config
snmp-server enable traps ethernet cfm crosscheck mep-missing mep-unknown service-up
snmp-server enable traps flash insertion removal
snmp-server enable traps mac-notification
snmp-server enable traps aaa_server
snmp-server enable traps cef resource-failure peer-state-change peer-fib-state-change inconsistency
snmp-server enable traps memory bufferpeak
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps config-ctid
snmp-server enable traps event-manager
snmp-server enable traps hsrp
snmp-server enable traps cpu threshold
snmp-server enable traps rsvp
snmp-server enable traps syslog
snmp-server enable traps vtp
snmp-server enable traps ipslaWhen you were checking the ARP table was there an entry for Fast0/0/0?
HTH
Rick -
Force mapping to a specific MAC address a multicast IP address in ARP cache table with netsh
Hi all,
I would like to know if there is any solution (netsh option, registry entry, whatever...) to force mapping a given MAC address to a multicast IP address (224.x.y.z) in my ARP cache table.
I am doing the following:
netsh.exe interface ip add neighbors "Ethernet" "224.224.xxx.yyy"
"00-80-EE-UU-VV-WW"
But the entry in the ARP table is substitued by the calculated multicast MAC@ corresponding to my multicast IP@ :
netsh.exe interface ip show neighbors "Ethernet"
Interface 12 : Ethernet
Internet Address
Physical Address Type
224.0.0.22
01-00-5e-XX-YY-ZZ
static
224.224.yyy.zzz
01-00-5e-UU-VV-WW
static
(For information, calculation of the Multicast MAC Address is described in RFC1112§6.4 -> The MAC@ equals 01-00-5e + the last 23 digits of the multicast MAC Address)
My problem is that I'm not using an Ethernet network but an AFDX (used on Airbus A380, Boeing 787 Dreamliner, by the NASA...). This network topology is a deterministic Ethernet. The network must know accurately where each network packet is going. Thus...
the multicast MAC@ cannot be accepted and packet destinated to that MAC@ are not going anywhere.
So, I must match accurately my multicast IP@ to my MAC@ (00-80...).
It used to work with Windows XP (which was not doing any "magical" MAC@ substitution on multicast IP@), but since Windows Vista, netsh is doing the substitution described above. Is there any way to disable this substitution or force my IP
to MAC mapping in ARP table? And of course, I'm not using XP anymore ;)... but a tablet with Windows 8.1.
Thanks for any help.
Cheers,
Olivier.Hi,
The article you pointed me to is just an explanation of what I said in my original post : "Multicast MAC Address is described in RFC1112§6.4".
But, as I said in my original post, this is true ONLY for Ethernet network. And I am NOT on an Ethernet network.
So MAC address automatic calculation for my IP address done by Windows/netsh/arp is wrong in my case. The calculation Windows is doing is correct ONLY for Ethernet network. Since I am not on Ethernet, I don't want these calculations, and I'm looking for
a solution to disable them.
So, the underlying question is : "Is Microsoft/netsh/arp able to handle other network's type than Ethernet ?"
Thanks,
Olivier Dupré. -
Arp aging time on router and mac address aging time on switches set close t
Hi,
appreciate some advice on the following:
what is the benefit of setting arp aging time on router and mac address aging time on switches close to each other?
Thanks,
ChristinaHi,
based on the below output, do you think implementing it will benefit? Thanks.
C2950#sh int fa0/43
FastEthernet0/43 is up, line protocol is up (connected)
Hardware is Fast Ethernet, address is 000d.5e11.4e2b (bia 000d.5e11.4e2b)
MTU 1500 bytes, BW 100000 Kbit, DLY 1000 usec,
reliability 255/255, txload 7/255, rxload 2/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s
input flow-control is off, output flow-control is off
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 933000 bits/sec, 149 packets/sec
5 minute output rate 2981000 bits/sec, 263 packets/sec
2819781393 packets input, 3782332886 bytes, 0 no buffer
Received 266693 broadcasts (0 multicast)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 0 multicast, 0 pause input
0 input packets with dribble condition detected
4015025747 packets output, 2328228393 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
C2950# -
ARP cache not adding MAC address
Hi,
We have a network in the company where visitors\customers can connect their PCs to pick up a IP address & access the internet via our cluster of Checkpoint firewalls. The problem we are having is that whenever somebody with a Mac tries to use this network they cannot access the internet although it works fine for all Windows based PCs. So to investigate I got hold of a IBook & made the following observations.
The gateway provided by the DHCP servers is a IP address (192.168.48.203) on a multicast mac address that represents both of the firewalls, which in turn have a physical address of 192.168.48.201 & 192.168.48.202 respectively. This is done to provide redundancy.
What happens on the IBook is that it picks up a DHCP address as well as the DNS & gateway address as supplied by the DHCP server, but then when you try to access the internet you have no joy. If you check the arp table you will then notice that the table have not been updated with the mac address of the 192.168.48.203 gateway. If you then manualy add the mac address of 192.168.48.203, using arp -s, it works fine or if you staticaly configure the IP address settings to use either 192.168.48.201 or 202 as gateways (which have unicast mac addresses) it also solves the problem & immediately updates the arp cache with the mac addresses of either of these two interfaces depending on which one you are using.
We put a sniffer on the network & could see that the mac address for 192.168.48.203 is being passed on to the IBook but for some reason it just does not update the arp cache with this details. Also tried this on some of the other networks we are running that uses the same concept & the same thing happens. As I mentioned no Windows hosts are having this problem & immediately updates their arp details to include the mac address of the .203 address.
On a Mac after obataining a DHCP address & running "netstat -r" you get the following:
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.48.203 UGSc 5 5 en1
127 localhost UCS 0 0 lo0
localhost localhost UH 9 2477 lo0
169.254 link#5 UCS 0 0 en1
192.168.48/22 link#5 UCS 1 0 en1
192.168.48.203 link#5 UHRLW 4 30 en1
192.168.51.1 localhost UHS 0 1 lo0
Then after adding the mac address manualy it looks as follows & works fine:
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.48.203 UGSc 26 6 en1
127 localhost UCS 0 0 lo0
localhost localhost UH 9 12353 lo0
169.254 link#5 UCS 0 0 en1
192.168.48/22 link#5 UCS 0 0 en1
192.168.48.203 1:0:5e:7c:0:48 UHLS 26 28 en1
192.168.51.1 localhost UHS
Any ideas why this is happening ?
Regards
IBook G4 Mac OS X (10.4.3)Hi,
I am facing exactly the same problem here with an iMac G5. I have called the apple support and the conclusion was that they have no clue for that and we should wait for an update that will hopefully resolve this.
I was also aksing them if there was a way in the mac to set a static mac address for the gateway in the macintosh so I don't have to run the terminal and type the arp -s every time I start up. They said it is out of the kind of support they can provide... Do you have an idea on how to add a static ARP entry in the table ?
Thank you. -
IP-4-ZERO_ADDR: Zero MAC address for ip in ARP cache
Could someone hlep me with this log message: IP-4-ZERO_ADDR: Zero MAC address for <ip> in ARP cache
It just started appearing in our Cisco 10012 CMTS, and all of the documentation is very vague as to what it is and how to fix it. I'm hoping someone else has seen the message and can help clarify it's meaning. Thanks in advance!Your not the only one with these logs mess :
Jan 20 13:05:10: %IP-4-ZERO_ADDR: Zero MAC address for 10.100.xxx.69 in ARP cache
Jan 20 13:30:02: %IP-4-ZERO_ADDR: Zero MAC address for 10.100.xxx.69 in ARP cache
I thing the reason is that someone has a worm or something ping-flooding/scanning the network, check your arp table for incompletes.
What to do about it, disable icmp on the network maybe, for now we dont have a problem on the network but would be nice to fix this thing.
Martin
DK -
Arp/mac address cache timeouts
Anybody know how long a mac address stays in a Cisco IOS arp cache when issuing "show ip arp"? How about a mac address in a CatOS switch when issuing "show cam dynamic". What constitutes the length of time an arp entry is cached?
Hello,
the default ARP timeout (show ip arp) is 14400 seconds, which equals 4 hours. The CAM default agingtime (show cam dynamic) is 300 seconds, which equals 5 minutes. That means that the ARP or CAM entry will stay in the cache for a minimum of 4 hours and 5 minutes, respectively...
Is that what you are asking ?
Regards,
GP -
Sh arp does not show mac address of IP --- ASA
Hi Everyone,
I can ping the IP from the ASA but when i do sh arp it does not show me mac address od that IP.
Need to know the reason behind this.
Regards
MAheshSo your ASA should have a route on the inside interface to internal networks. The address of that next hop in the routing table is the one you should have in your arp table allowing you to reach non-directly-connected (subnet-wise) hosts within the scope of that route statement.
Think through the logic - ASA pings a host. It needs to determine proper egress interface. It checks and asks "Is it reachable via a directly connected interface (most preferred route)?" Answer no. "Do I have a route statement telling me how to get to it?" Answer yes (otherwise use default). OK - so ASA sends packet out egress interface defined in that route statement to the next hop as defined in route statement and waits for reply. -
ACE How can we do a static arp to multicast mac address?
I have a architecture that uses ACE to do Firewall Load Balancing. I need to add a static map of a VIP IP to a multicast mac address (Microsoft servers with NLB in multicast mode). The ACE does not accept multicast mac address in the static arp statement, anybody knows why? Is there any other way to do that?
Regards,
Artur PintoHi,
The ACE doesn't support multicast MAC addresses. This is a limitation impose by the hardware used on the boards. Syed has previously proposed a workaround at https://supportforums.cisco.com/message/464174#464174 . I don't know if that will be applicable in your case.
HTH
Cathy -
Hi...
Whenever I telnet to the switch that my PC is connected to and type sho arp I get all the IP addresses of PCs connected to the switch while the hardware address is the same for all of them.
How can I get the mac addresses of the PCs connected to the ports?
ThanksYou should be getting the correct hardware address if the PCs are directly connected to the switch.
If you are connecting a group of PCs that pass through a router, then the single MAC that you are seeing is the MAC of the router interface connecting to the 2950.
To get the real MACs of the PCs, you'd need to look at the ARP table of the router.
Here's a sh arp from my switch:
Smack_2950#sho arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 172.16.1.254 190 000a.4144.d4bd ARPA Vlan1
Internet 172.16.1.198 3 0004.75db.07b9 ARPA Vlan1
Internet 172.16.1.57 74 00d0.5836.f441 ARPA Vlan1
Internet 172.16.1.29 - 0009.b74a.9580 ARPA Vlan1
Internet 172.16.1.127 81 0013.6042.8a8d ARPA Vlan1
Internet 172.16.1.77 0 0002.b349.c8c8 ARPA Vlan1
Smack_2950#
You might also try a sh mac-address-table, it'll give you MAC and switch-port that the MAC is connected to.
Here's an example:
Smack_2950#show mac-address-table
Mac Address Table
Vlan Mac Address Type Ports
All 0009.b74a.9580 STATIC CPU
All 0100.0ccc.cccc STATIC CPU
All 0100.0ccc.cccd STATIC CPU
All 0100.0cdd.dddd STATIC CPU
1 0002.b349.c8c8 DYNAMIC Fa0/24
1 0002.b349.c965 DYNAMIC Gi0/1
1 0004.75db.07b9 DYNAMIC Fa0/23
1 000a.4144.d4bd DYNAMIC Fa0/18
1 000d.613b.28e5 DYNAMIC Gi0/1
1 000e.a62d.abf1 DYNAMIC Gi0/1
1 000f.f73a.bc4d DYNAMIC Fa0/19
1 0010.7be7.a772 DYNAMIC Fa0/21
1 0011.240d.960f DYNAMIC Fa0/19
1 0013.6042.8a8d DYNAMIC Fa0/20
1 0030.4821.e689 DYNAMIC Fa0/24
1 00d0.5836.f441 DYNAMIC Fa0/22
56 0001.5c22.9982 DYNAMIC Fa0/12
56 000a.4144.d4bc DYNAMIC Fa0/13
100 0000.0c4a.5eca DYNAMIC Fa0/1
100 00c0.7b4c.9325 DYNAMIC Fa0/2
200 0000.0c5d.b3ee DYNAMIC Fa0/3
400 0010.7b80.2ecd DYNAMIC Fa0/8
300 0000.0c5c.f28c DYNAMIC Fa0/7
Total Mac Addresses for this criterion: 23
Smack_2950#
Check it out and let us know what you find.
FWIW
Scott -
Static MAC address without configuration
Hello,
i am a german guy, so please excuse my bad english.
I have a question about static MAC addresses on a WS-C3750G-48TS Switch.
I have no static adresses configured on my switch, but see some when execute the "show mac address-table static" command. And i mean not the 0000.0c07.ac01 addresse for HSRP, Spanning-tree or something else, which are forwarded to the CPU, i mean entries like this:
Switch#show MAC address-table interface g2/0/47
Mac Address Table
Vlan Mac Address Type Ports
3 1212.1212.1212 STATIC Gi2/0/47
3 1414.1414.1414 STATIC Gi2/0/47
Total Mac Addresses for this criterion: 2
This entries not configured or dynamicly learned.
I suspected functions like gratitious-arp, but this is only for IP<->MAC translation. Then i have searched functions like gratitious-mac or mac-notification. I have searched for a function with tells the switchport: "Hey, that is my MAC address. There is no need to learn this address dynamicly", but with no luck.
Does anybody can tell me, why these MAC addresses are shown static, and not dynamicly?
Thanks for help.
ThomasHi Thomas,
Are there any port-security related configurations in interface Gi2/0/47? Could you post the running-configuration of this interface in concern, output of show mac-address-table interface Gi2/0/47 and also could you let me know what is connected to this interface?
Thanks,
Arun -
I have a single remote device attached to a 1700 sereis router. I need to ensure that if anyone disconnects the device, they can't easily plug anything elses in to the router and hence wanted to use a mac-adddress access list.
I have created an access list as follows:
access-list 700 permit xxxx.xxxx.xxxx 0000.0000.0000, but there appears to be no way to add this to the Fa0 interface on the router.
Can anyone confirm if this is possible on a router or does this only work on a switch?No, its the Ethernet local LAN interface of a routed link so no bridging going on.
Config below:
interface FastEthernet0
description Mufulira Post Office Post Office LAN
ip address xxx.xxx.xxx.xxx 255.255.255.248
ip access-group 120 in
no ip redirects
no ip unreachables
no ip proxy-arp
no ip mroute-cache
speed auto
full-duplex
no cdp enable
IP access lst 120 defines just a single host allowed in to a group of servers.
I'm having to tie everything down as much as possible as its for a remote ATM on the end of a Wireless backhaul link and our Risk people are trying to insist that we use mac address security as well. I am already running a GRE tunnel and IPSec 3DES over the routed portion of the link. -
HSRP - Duplicate address on Vlan, sourced by mac-address
Hi ,
Network structure
Switch A --- Customer firewall 1
|
Switch B --- Customer firewall2
May be some one can help me.
There was a nagious alert yesterday and on investigation I found the 'Duplicate address x.x.x.x(VIP) on Vlanxxx, sourced by 0006.b19c.c5d9' error
It a HA feed from our switches which is going to customer firewalls.
On further investigation I have found on our switch A the ARP table is not learning the VIP address from this mac-address where as on switch B is learning the VIP address through mac 0006.b10c.c8d9 which is customer sonic firewall which is not a normal behaviour.
Our switches are Cisco 3560 switch.
Please if you could let me know what causing this.Hi mcgowan,
Yes, there is duplicate MAC. But, its duplicate between interface vlan address and virtual MAC address on HSRP.
when I type command :
show mac address | i 0000.0c07.ac01
It shows me :
100 0000.0c07.ac01 STATIC CPU
I think this MAC generate by system on HSRP. Currently I shutdown interface vlan 100 on switch A, like as your suggestion. But the impact is my client will get trouble when switch B is down, because HSRP is not running well.
Regards,
Rakhmad
Maybe you are looking for
-
Issues using HTTP Connection Manager to run SSRS reports from SSIS
In my package, I have a HTTP Connection Manager called "ReportServer". And I have two variables called "ReportURL" and "ReportFile". "ReportURL" is the URL for the report. I won't get into the details of this URL because I don't think this is the iss
-
I have a scenario, ECC-PI-Message broker. ECC sending IDOC to PI, PI execute mapping and sends data to Message borker(thru JMS channel).(with almost one to one mapping)., IDOC(AAE)-PI-JMS. Now my requirement is., from PI after mapping we need to
-
Add component and Delete Operation in Process order Using COR2
Hello, I need to update any process order (Add components in it and delete some operations of it) on the save of the process order. Transaction for change PO: COR2. I have found a badi to change in process order (WORKORDER_UPDATE) Method: BEFORE_UPDA
-
How to change Goods Supplier for GR against PO in MIGO or MB01
Dear Experts, We have maintained 3 different Goods Supplier for a Vendor Master. While craeting PO, we are not aware who will be the Goods supplier (Partner Functons) for the Vendor and hence we have selected one of the Goods Suppliers from Pop Up. I
-
Resources assigned to a Work Center
Hi Experts , Is there any Function Module to get the 'Person Responsible' and the Resources assigned to a Work Center ? Thanks, Radhika.