HSRP - Duplicate address on Vlan, sourced by mac-address

Similar Messages

• HSRP Duplicate address

  Hi,
  There is two 4500 switches installed as distribution switches.
  HSRP and .1q trunk has been enabled between these two switches.
  access switches connected redundantly to these switches.
  mistp has been configured for layer 2 loop avoidance.
  I have checked native vlan and ip address configuration on both the distribution switches.
  still it gives the error messages continuouly
  "%HSRP-4-DUPADDR: Duplicate address 10.229.56.3 on Vlan151, sourced by 0013.c383.cebf."
  what could be the problem.
  Thank in advance.
  Thanks & regards
  Rajesh

  Hi
  Duplicate Address errors always related to some miconfiguration with the ip address on the interfaces.
  i also did try the error message decoder which also proved to be same..
  do find the same and find the recommended action to overcome this problem..
  The IP address in an HSRP message that was received on the specified interface is the same as the IP address of the router. Another router might be configured with the same IP address. The most likely cause of this condition is a network loop or a misconfigured switch that is causing the router to see its own HSRP hello messages.
  Recommended Action: Check the configurations on all the HSRP routers to ensure that the interface IP addresses are unique. Make sure that no network loops exist. If port channels are configured, check that the switch is correctly configured for port channels. Enter the standby use-bia command so that the error message displays the interface MAC address of the sending router, which can be used to determine if the error message is caused by a misconfigured router or a network loop
  regds

• Duplicate address x.x.x.x on Port-channel10.101, sourced by 0080.7733.b2f

  HI,
  I am getting the following log message on my L3 device and the L3 switch hangs. I have restricted telnet session on the L3 device. What is causing this ?
  32w1d: %AUTOSTATE-6-SHUT_DOWN: Putting interface Port-channel10.131 into Autostate mode
  32w1d: %SYS-5-CONFIG_I: Configured from console by vty0 (127.0.0.2)
  32w1d: %AUTOSTATE-6-BRING_UP: Taking interface Port-channel10.131 out of Autostate mode
  32w1d: %AUTOSTATE-6-SHUT_DOWN: Putting interface Port-channel10.131 into Autostate mode
  32w1d: %AUTOSTATE-6-BRING_UP: Taking interface Port-channel10.131 out of Autostate mode
  39w3d: %IP-4-DUPADDR: Duplicate address x.x.85.254 on Port-channel10.101, sourced by 0080.7733.b2f9
  48w2d: %STANDBY-3-DUPADDR: Duplicate address x.x.83.251 on Port-channel10.102, sourced by 0000.0c07.ac66
  I tried to track these two mac addresses 0080.7733.b2f9 and 0000.0c07.ac66
  These mac addresses belong to IP phones which are connected to a L2 device which in turn cascaded to the L3 switch.
  Whats the meaning of "Duplicate address x.x.85.254 on Port-channel10.101, sourced by 0080.7733.b2f9 "
  x.x.85.254 is the L3 IP(Virtual L3 interface) on the L3 switch.
  Is the IP phones MAC address conflicting with the mac address of the L3 switch?
  How can I find the L3 switch's system mac addresses.
  Appreciate some detailed explanation.

  Hi,
  Just an idea : look at the STP instance of the concerned VLAN (Virtual L3 interface). it can be caused by a loop.
  symptoms ("show proc cpu hist" and "sh spann vlan x detail") and try to look at "Number of topology changes ".
  it was just an idea, hope it helps

• IPv6 Duplicate Address issue

  I'm having a problem involving IPv6 with stateless autoconfig on my network. I have a Cisco 800 series router and we have several VLAN interfaces each configured with an IPv6 prefix. The problem I'm noticing is that whenever any host on the network tries to start up with stateless autoconfig they immediately detect a duplicate address for whatever address they are trying to use.
  I performed a packet capture and what I'm seeing is that when the host selects an IPv6 address to use, it performs the Neighbor Solicitation to check if the address is in use. I immediately see the exact same Neighbor Solicitation message echo'd back with the source MAC being the Cisco router. This causes the host to reject the address as a duplicate since it is receiving a Neigbor Soliciation for the same address it is attempting to use.
  This happens on all of the VLANs I have configured for IPv6. The basic VLAN config is like this:
  interface Vlan109
   description Engineering VLAN
   ip address .....
   ip helper-address .....
   ip nat inside
   ip virtual-reassembly in
   ip tcp adjust-mss 1300
   ipv6 address HE-ENG ::/64 eui-64
   ipv6 enable
   ipv6 nd ra interval 60
  Attached is a PCAP with some ICMPv6 traffic. You can see that the NS messages are duplicated and the source of the duplicates seems to be the Cisco router (70:ca:9b:e0:94:2e). Does anyone know what is going on here?

  Hi,
  Under you interface val config can you try adding:-
  int vlan 109
  ipv6 address autoconfig
  Worth a try
  Regards
  Alex

• Duplicate address across VPC peer-link on Nexus 7010

  Just set up a VPC peer-link between two 7010 switches.  The peer-link is a port-channel of two 10Gb connections.  On both sides I'm seeing this in the log:
  2010 Jan  5 04:27:34 CRMCN7K-1 %ARP-2-DUP_SRC_IP:  arp [3069]  Source address of packet received from 0024.f716.b341 on Vlan401(port-channel10) is duplicate of local, 10.180.0.17
  and on the other
  2010 Jan  5 04:23:39 CRMCN7K-2 %ARP-2-DUP_SRC_IP:  arp [3052]  Source address of packet received from 0024.f71f.a7c1 on Vlan401(port-channel10) is duplicate of local, 10.180.0.18
  VLAN 401 is the only VLAN on them right now with a Layer 3 address.  What am I missing?  Everything looks correct.  Port-Channel10 is up and running fine..or so it seems.

  Hey Nashwj,
  What version of NX-OS are you running?
  Are the 7K in a stand alone environment (lab or similar) or connected to other production network devices?
  Are both of the VLANs carried across the vPC peer link port-channel?
  Are both of the VLANs carried across any vPC port-channel?
  Do you have HSRP setup on the VLAN 401 interfaces on each of the 7Ks?  If so, what are the real and vip IP addresses?
  If you can either provide answers to the above or configuration snapshots of the vPC and SVI interfaces for your VLANs on each of the 7Ks a solution should be reachable.

• Duplicate address

  Hi,
  I would appreciate some advise on the following:
  1) If 2 PCs have the same IP address on the network, what would be the impact?
  2) If a PC is having the same IP address as the gateway, what would be the impact? How do we track on the network if it happens?
  3) What would be the impact when I encountered %HSRP-4-DUPADDR: Duplicate address 192.168.1.1 on Vlan502, sourced by 0000.0c07.ac46? I tried to look into the configurations of the network devices but do not find any duplicate HSRP ip addresses, could it be the external WAN link which is using the same HSRP ip address as the router which causes it?
  4) Any impact of having same HSRP groups for 2 different VTP domains?
  5) For the above, to avoid unauthorised people to access the network, especially those who plug in a switch to disrupt the network, as well as avoid people from using the same ip address as the gateway, other than or in addition to bpdu guard, is it advisable to implement mac address tie to IP address on the DHCP server? If not, any suggestions?
  Thanks
  Christina

  When Hot Standby Router Protocol (HSRP) is running on a device, the %HSRP-4-DUPADDR:Duplicate address [IP_address] on [chars], sourced by [enet] error message can appear on the console if the IP address in an HSRP message received on the specified interface is the same as the IP address of the router receiving the message. The most likely cause of this condition is a network loop or a misconfigured switch that is causing the router to see its own HSRP hello messages.
  Check the configurations on all the HSRP routers to ensure that the interface IP addresses are unique. Check that no Layer-2 loops exist. If port channels are configured, check that the switch is configured correctly for port channels. Issue the standby use-bia command so that the error message displays the interface MAC address of the sending router, which can be used to determine if the error message is caused by a misconfigured router or a network loop.

• Nexus 5548 - %ARP-3-DUP_SRCIP_PROBE: Duplicate address Detected

  Hello.
  Looking for some assistance on the following please, I'll try to include a lot of detail:
  I noticed we're receiving repeating messages on a pair of Nexus 5548UP switches, regarding duplicate IP's, and the IP's in question are the mgmt0 of each respective Nexus switch; which are connected to each other and uplinked to two 3750X switches which are also linked to each other (not as a stack, with optics).
  Here is a sample of the syslog message:  %ARP-3-DUP_SRCIP_PROBE:  arp [####]  Duplicate address Detected. Probe  packet received from zzzz.zzzz.zzzz on mgmt0 with destination set to our local ip, xxx.xxx.xxx.xxx
  And in ascii art, here is a diagram:  SW1&2 are 3750X (running 15.x code) and NX1&2 are Nexus 5548UP (running 6.x code)
  SW1---SW2
  |           |
  NX1---NX2
  Pretty basic box/"ring", just in case the diagram doesn't format well, with rapid spanning-tree in effect.  The Nexus are Layer2 only, and the 3750X's are Layer 2 & 3 /w HSRP on a few SVI's in them.  All vlans can pass over the connecting trunks.  And on the Nexus, the management interface (mgmt0) is connected to 3750X (NX1 to SW1 and NX2 to SW2); e.g. management is done over this vrf interface, versus it flowing through a trunk interface to a SVI on the Nexus.
  I know these messages to be erroneous as far an being actual duplicate IP's on the network, and have seen a few posts that indicate a command ("no ip arp gratuitous hsrp duplicate") typically referencing a Nexus 7000 setup has helped, but obviously as described that's not involved here.  Note: Placing that command on the mgmt0 interface of the two nexus had no positive effect.  The messages didn't start showing until after HSRP was enabled on the applicable 3750X SVI's - so seems a likely correlation.
  Essentially looking to clear this up (ideally) or suppress the messages since they're false.  Any ideas?
  Thanks!

  For those encountering this same issue, here is some information that may lead you to a resolve.
  I decided to open a TAC case to get some direct assistance, and I was directed to the 3750X's and a new feature in the 15.x code, "ip device tracking".  I was directed to remove that without specific details / steps on how to best do it (e.g. "no ip device tracking" does not remove it from the global config, as of 15.2(1)E anyway and is the most current at the time of this posting), and that didn't take, giving the message: % IP device tracking is disabled at the interface level by removing the relevant configs.  However, after doing some research on the command, I can across some similar posts on 15.x code and duplicate IP messages.... Here's two posts I referenced:
  https://supportforums.cisco.com/thread/2244042
  https://supportforums.cisco.com/thread/2239656
  I opted for the "no macro auto monitor" command in the 3750X's in global config, as mentioned in the above post(s) - This did stop the messages from occurring in the Nexus switches.  IMPORTANT NOTE:  I noticed that it did appear to bounce all the switch ports however, which could impact production - Be advised!
  I cannot speak to if the interface level command 'nmsp attach suppress' is a better route to go, which is also referenced in the posts (first one primarily) - I went the other route to not have all the extra config line entries.  I have asked Cisco what the true impact of the "no macro auto monitor" command is, and am waiting a response - Ideally there's little to none, probably depending on if you want to make use of device tracking or not... in my case, I suspect I don't have a need for this and thus there's no impact - I shall see.
  It would be ideal if code is released to disable this service / feature in the future more gracefully and/or code changes are done to remedy this issue so you can have the feature enabled (or not).  I akin this much like the "vstack" service that was introduced around 12.2(55/58)SE IOS that couldn't be disabled & left an open TCP port (not good for security scans), then with 12.2(58)SE2 they allowed it to be disabled (e.g. "no vstack" in global config).
  Hopefully these details prove of value.
  Regards.
  NOTE:  Since it doesn't seem you can"answer" your own posts, which seems silly; please note I consider this item resolved / answered.

• %IP-4-DUPADDR: Duplicate address

  Hi, I've been getting the follwoing message on my c2600 (version 13.3) router since last december (according to the log file).
  005179: .Dec 28 04:35:08.652 AUS: %IP-4-DUPADDR: Duplicate address xxx.xxx.xxx.xx on
  FastEthernet0/0, sourced by 0015.f987.941a
  The symptom of the problem is that occassionally the network looses connactivity.
  The mac addresses are both for Cisco devices. One is the router and i'm not sure what the other is possibly a firewall.
  The Cisco site says that we can change the mac address of one of the offending items ?
  Which would be the best one to change?
  How can i find out what the other device is?
  What if any issue arise with changing the mac address ?
  Proably other questions that i should be asking as well, but i'll get to those later.
  thanks in advance for any reponses.

  changing the mac-address will not help.
  You have to change the ip address.
  You first have to find out what/where is the other device.
  For that you can follow the L2 path.
  Go the switch to which the router is connected on fast0/0. If you don't know the switch, try 'sho cdp nei'.
  Once on the switch, check the mac-address with the command 'show mac-address address x.x.x'. It should give the port.
  Check what device is attached to this port.
  If another switch, repeat the operation above until you find the end device.
  Gilles.

• How to get rid of duplicate addresses all over the place?

  Duplicate addresses appears all over the places: on my mac (in the mail program) and in my ios devices.
  I suspect that it occurs during some synchronisation activities but how to get rid of this once and for all?
  Thanks for your help. It helps also if some tell me that I am not alone in that kind of trouble

  iCloud- Resolving duplicate Contacts after setting up iCloud Contacts

• Duplicate addresses

  Here's a weird one. Virtually all the records in my address book recently disappeared - this is a periodic problem with Address Book. The records return when Sync asks if I want to delete more than a thousand records on .Mac. I select cancel and the records miraculously reappear in the Address Book.
  But this week, something different happened. When the addresses reappeared, over a thousand had been modified by duplication. Every work and home address is duplicated. What could have caused this bloating and how can I get rid of the duplicates? I took a backup of the database with duplicates from another of my Macs and just rebuilt the Address Book from that, yet it still contains the duplicate addresses. (Incidentally, it's only the addresses that have been duplicated in each record - not the names, phone numbers and emails.)
  One possible cause is that I recently purchased a fourth Mac and when I asked to Sync it warned that there were two computers with my username. I chose a different name to deal with that. But on one of my original Macs Retrospect is now telling me that there are two "indistinguishable" hard drives with the same username. I can only see one but there could be some sort of ghost in my system.
  And suggestions appreciated. Cheers.

  Sync invited me to choose another name. I just entered a variant of my usual user name (firstnamelastname), putting my middle initial in. That was on the new Mac which is running OS 10.5.something. On the older Mac, running OS 10.4.11, I've also changed the account name although, of course, the shortname remains the same. Retrospect reports the problem of the disk with the same name on the old Mac, but not on the new one.
  Another interesting thing: only Address Book entries with addresses have been updated. Address Book entries with just names and phone numbers or emails have not been updated (according to the light grey "Last updated" text in the bottom right of the window. It's as though just one or two fields in the underlying database have been duplicated (Home address and Work address).

• How to create a duplicate address book contact?

  This seems so simple yet I cannot determine how to create a new duplicate address book contact. I have a few contacts from the same company and want to change the variable data instead of re entering the data
  I can create a new contact, copy the data of the record I want to duplicate yet when I paste the info into the new record - address book puts everything into one field.
  Why not a duplicate contact command?
  GRRRR

  Rich,
  According to Address Book Help:
  To duplicate an address card:
  Select an address card.
  Choose Edit > Copy, and then choose Edit > Paste.
  Works for me

• Duplicate Mail Archive folders "ON MY MAC"

  I recently migrated all my email over to Mail from the fast-deprecating M'soft Entourage. Recently, I have been trying to diagnose and fix an issue in Mail 7.0 having to do with the automatic Archive command. When the command is applied to an iCloud message, then it is archived in the iCloud [myicloudusername] folder under Archive under the MAILBOXES section, which I think is logical and correct.
  However, when applying this command to any email other than an iCloud email, the message is archived in 9 (nine) duplicate folders, each titled "ON MY MAC" in the MAILBOXES section and under Archive. This syndrome seems to bw widespread among Mail users, with the main difference being the number of duplicate folders. Selecting one of these folders and deleting it causes all of the ON MY MAC folders and their contents to be deleted. This is a forever deletion; nothing goes to Trash.
  Inspecting the ~/Library/Mail folder I find that an Archive.mbox appears as a subfolder of Mailboxes. Appearing there are all of the non-iCloud Archived messages as would be expected. There is no hint of multiple instances of this and nothing named "ON MY MAC" anywhere therein.
  This problem was first observed in I think, Snow Leopard or Lion. I have not seen a reliable solution or an explanation for it. Other than the multiple ON MY MAC instances under Archive under MAILBOXES, the issue seems benign. However, just to be extra safe, I have decided to drag messages out of lthe ON MY MAC folder(s) from time to time and into a folder which I have called "Archive - Local" under the sidebar section also called ON MY MAC. That way I still enjoy the automated Archive command. I can keep the multiple ON MY MAC folders hidden with the triangle control next to the Archive folder.
  Still, this is annoying and I am a bit squeamish about issues like this in mission critical applications such as Mail. Is this just a display bug or a structural/database issue? I am writing here to find out if anyone has found a solution or explanation for this, or if it's just another bug that Apple has been kicking down the road for awhile. Any bits o' wisdom out there?

  More or less the same issue here. I have three "On My Mac" subfolders under "Archive". I think they are the same physical folder because deleting a messgage from one deletes it from all three. Previously I could drag a message on the "Archive" folder and all three subfolders would update. With the Marvericks update 10.9.1 I have to drag onto the last of the three subfolders. So looks like Apple touched the code but just made the problem slightly worse. Like you, I hate having flaky behavior in such an important application.

• HA NAT and %IP-4-DUPADDR: Duplicate address messages

  Are the messages %IP-4-DUPADDR: Duplicate address expected with HA NAT? 
  With Stateful NAT they were seen if the "redundancy GROUP_NAME" was not added to the static NAT. 
  I am seeing them with a correctly configured HA NAT Box to Box set up and there does not seem to be anything missing that will stop the messages. 
  Is this a bug?  Should the duplicate IP messages have been suppressed?

  James,
  We have implemented it in 3 customers, all of them got the same crash problem (just 10 customers in the world opened a ticket with TAC and just opened 3 of them).
  It will happen a lot o times during the day. Be prepared. I didnt monitor the frequency but we needed to shut the secondary router down until Cisco do something to solve.
  Unfortunately this is becoming very common with Cisco softwares. Not only with routers and switches, but with others solution too.

• Syslog message on DUPLICATE ADDRESS event

  hi,
  I am working on two cisco routers. my rquirement is  .. if i assign same address for two interfaces of different router, i have to receive DUPLICATE ADDRESS event. I was getting this syslog message, some months ago.
  But now, when  I try the same, I am not receiving any DUPLICATE ADDRESS event on the Router Terminal.
  ex: Router 1 : Interface gigabitethernet 0/0  - ip address 192.168.100.1 mask 255.255.255.0
  Router 2 : Interface gigabitethernet 0/0  - ip address 192.168.100.1 mask 255.255.255.0
  in this case i should the syslog message. (DUPLICATE ADDRESS)
  I was receiving such message, two months before.
  now i dont know what is happening
  I have to receive that syslog message for one of my project.
  kindly help me
  Thanks in Advance

  Duplicate post. 
  Go HERE.

• Duplicate addresses for the same contact in Address Book.

  For many of my contacts, there are duplicate addresses.  When I delete one of the addresses, both of them disappear.  Pretty funky.  Anybody else see this type of thing?

  Hi,
  Pls go to, Enterprise mangaer --> Monitoring -> incident --> Search for the target and  select as "show all"  will give you alert details.
  Enterpise --> Monitoring --> Incident Manager: Search -->
  Last updated : Date Range:< >
  Target Name : D B NAME
  Target Type:<DB TYPE>
  Include members             : Target and all  member
  Status : Show both open and closed
  Supressed : Show all
  2)Please verify your notification setup
  Setup --> Incident Rules => Select your rule(will be in the alert) -->edit --> Select the event --> NExt --> Add actions --> edit
  Repeat Notifications
  Both basic and advanced notifications can be sent repeatedly. The repeat notifications will stop only when one of the following conditions is met: The incident is acknowledged, the incident has cleared, or the maximum number of repeat notifications has been reached. Repeat notification is not supported for corrective action job status updates and causal analysis status updates on events.
    Send Repeat notifications  --> Enabled?  if is enabled then  u will get repeated notification.
  OR if you set the frequency like 15 mins , 5 notification then u will receive  5 on every 15 mins if the alert persists.
  Regards
  Krishnan