From: Jian Gu (guxiaojian@gmail.com)
Date: Wed Apr 11 2007 - 17:52:11 ART
Ian,
You are right, clear arp on router does not help much, not sure what is
default ARP aging time on PCs.
Is it possible to flap the physical link and then watch ARP messages?
during scheduled downtime?
Jian
On 4/11/07, Ian Blaney <ian.blaney@gmail.com> wrote:
>
> Jian
>
> A clear arp on the router will just clear the arp cache from the routers
> point of view. You are just forcing it to do an arp broadcast again to find
> its own ip->MAC mappings. You are not able to find the hosts gateway from
> this or do you know some other way???
>
> Router receiving reply to arp broadcast from laptop connected to a test
> router
> *Apr 11 16:32:53: IP ARP: rcvd rep src 10.10.10.100 000a.e4b9.c78b, dst
> 10.10.10.251 Vlan122
> *Apr 11 16:32:53: IP ARP: creating entry for IP address: 10.10.10.100, hw:
> 000a.e4b9.c78b
>
> When I clear the arp table on my laptop connected to a test router then I
> can see if its the correct gateway using debug arp
>
> clear arp on laptop and Default Gateway set to 10.10.10.254
> *Apr 11 16:41:48: IP ARP: rcvd req src 10.10.10.100 000a.e4b9.c78b, dst
> 10.10.10.254 Vlan122
> *Apr 11 16:41:48: IP ARP: sent rep src 10.10.10.254 0000.0c07.ac02, dst
> 10.10.10.100 000a.e4b9.c78b Vlan122
>
> Clear arp on laptop and default gateway set to 10.10.10.253
> *Apr 11 16:48:35: IP ARP: rcvd req src 10.10.10.100 000a.e4b9.c78b, dst
> 10.10.10.253 Vlan122
> *Apr 11 16:48:35: IP ARP: sent rep src 10.10.10.253 0000.0c07.ac02, dst
> 10.10.10.100 000a.e4b9.c78b Vlan122
>
> Regards
> Ian
>
>
>
> On 4/11/07, Jian Gu <guxiaojian@gmail.com> wrote:
> >
> >
> > Why are you guys making a simple solution so complicated? turn on debug
> > ARP and then do clear ARP on the router will show you those hosts that are
> > using virtual IP or physical IP.
> >
> > On 4/11/07, Greg Wendel <gwendel@gmail.com> wrote:
> > >
> > > Note to group,
> > > Avoid the stupid mistakes I made and make sure you are looking at the
> > > latest copies of the thread before replying. I am 2 for 2 today with
> > > responding with duplicate information.
> > >
> > >
> > >
> > > On 4/11/07, Greg Wendel <gwendel@gmail.com> wrote:
> > > >
> > > > Sorry, I just realized I was restating what Douglass had said 30
> > > > minutes earlier. I was also thinking you had separate groups for the good
> > > > and the bad, but you are right if you only have the one standby group on the
> > > > vlan interface you are just recreating the probelms with a prettier mac
> > > > address.
> > > >
> > > > On 4/11/07, Ian Blaney < ian.blaney@gmail.com> wrote:
> > > > >
> > > > > Greg
> > > > >
> > > > > This changes the mac address for both IPs so I back to square one
> > > > > again.
> > > > >
> > > > > test(config)#int vlan 122
> > > > > test(config-if)#standby 2 mac-address 1111.1111.1111
> > > > > test(config-if)#
> > > > > *Apr 11 17:15:43: %STANDBY-6-STATECHANGE: Standby: 2: Vlan122
> > > > > state Active -> Listen
> > > > > *Apr 11 17:16:03: %STANDBY-6-STATECHANGE: Standby: 2: Vlan122
> > > > > state Speak -> Standby
> > > > > *Apr 11 17:16:03: %STANDBY-6-STATECHANGE: Standby: 2: Vlan122
> > > > > state Standby -> Active
> > > > >
> > > > > test#sh ip arp vlan 122
> > > > > Protocol Address Age (min) Hardware Addr Type
> > > > > Interface
> > > > > Internet 10.10.10.100 28 000a.e4b9.c78b ARPA Vlan122
> > > > > Internet 10.10.10.251 - 0050.80ce.d200 ARPA Vlan122
> > > > > Internet 10.10.10.253 - 1111.1111.1111 ARPA
> > > > > Vlan122
> > > > > Internet 10.10.10.254 - 1111.1111.1111 ARPA
> > > > > Vlan122
> > > > >
> > > > >
> > > > >
> > > > > On 4/11/07, Greg Wendel <gwendel@gmail.com> wrote:
> > > > > >
> > > > > > Can you try to do this to force the secondary standby group to
> > > > > > use a different mack?
> > > > > >
> > > > > > Rack1R1(config-if)#int f0/0
> > > > > > Rack1R1(config-if)#standby 111 mac-address abc.abc.abc
> > > > > > Rack1R1(config-if)#
> > > > > >
> > > > > >
> > > > > > On 4/11/07, Jian Gu < guxiaojian@gmail.com> wrote:
> > > > > >
> > > > > > > Can't you simply turn on debug arp and clear arp to see what
> > > > > > > are those hosts
> > > > > > > are sending ARP requests to physical IP adderess?
> > > > > > >
> > > > > > > On 4/11/07, Ian Blaney < ian.blaney@gmail.com > wrote:
> > > > > > > >
> > > > > > > > Karl
> > > > > > > >
> > > > > > > > An ACL on the IP address of the HSRP physical/virtual will
> > > > > > > not work as the
> > > > > > > > destination address will always be the same and will never
> > > > > > > be the actual
> > > > > > > > HSRP IP address. For example if I do a ping from a remote
> > > > > > > subnet to a
> > > > > > > > machine that I am trying to find the default gateway of. The
> > > > > > > icmp reply
> > > > > > > > Layer 3 IP header will always have the IP address of the
> > > > > > > remote
> > > > > > > > destination
> > > > > > > > so it will never be matched on the ACL. Its only the layer 2
> > > > > > > headers that
> > > > > > > > changes. Someone correct me here if I am talking out my
> > > > > > > ar*e.
> > > > > > > >
> > > > > > > > Saying the layer 2 header changes my initial question was
> > > > > > > not quite
> > > > > > > > correct.
> > > > > > > > This is a sample of the config
> > > > > > > >
> > > > > > > > interface Vlan122
> > > > > > > > ip address 10.10.10.251 255.255.255.0
> > > > > > > > standby 2 ip 10.10.10.254
> > > > > > > > standby 2 ip 10.10.10.253 secondary
> > > > > > > > standby 2 priority 200
> > > > > > > > standby 2 preempt
> > > > > > > >
> > > > > > > > As a temporary workaround the line "standby 2 ip 10.10.10.253
> > > > > > > secondary"
> > > > > > > > was
> > > > > > > > added as some hosts had the wrong default gateway of
> > > > > > > 10.10.10.253 instead
> > > > > > > > of
> > > > > > > > 10.10.10.254. The company want to take this out now but
> > > > > > > before they want
> > > > > > > > to
> > > > > > > > find all hosts with the wrong IP address ie .253. The
> > > > > > > problem is when I do
> > > > > > > > a
> > > > > > > > show ip arp
> > > > > > > >
> > > > > > > > TestLab#sh ip arp vlan 122
> > > > > > > > Protocol Address Age (min) Hardware Addr Type
> > > > > > > Interface
> > > > > > > > Internet 10.10.10.100 35 000a.e4b9.c78b ARPA
> > > > > > > Vlan122
> > > > > > > > Internet 10.10.10.251 - 0050.80ce.d200 ARPA
> > > > > > > Vlan122
> > > > > > > > Internet 10.10.10.253 - 0000.0c07.ac02 ARPA
> > > > > > > Vlan122 <---
> > > > > > > > Internet 10.10.10.254 - 0000.0c07.ac02 ARPA
> > > > > > > Vlan122 <---
> > > > > > > >
> > > > > > > > You see that both .253 and .254 have the same mac address ie
> > > > > > > reserved HSRP
> > > > > > > > mac address 00-00-0c-07-ac-xx where xx is the standby group
> > > > > > > number. I
> > > > > > > > cannot
> > > > > > > > even sniff and filter on mac address as they have the same
> > > > > > > mac address.
> > > > > > > >
> > > > > > > > Anyone have any ideas.
> > > > > > > >
> > > > > > > > Ian
> > > > > > > >
> > > > > > > > PS It would be great if we could use DHCP but there are some
> > > > > > > really old
> > > > > > > > specialized machines where DHCP is not available and the
> > > > > > > only option is to
> > > > > > > > statically configure the IP information
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > On 4/11/07, Karl Brenner < karl.brenner@morenet.biz> wrote:
> > > > > > > > >
> > > > > > > > > Hi Ian,
> > > > > > > > >
> > > > > > > > > I've to recall my previous mail. You can't get the info
> > > > > > > you're after
> > > > > > > > > with an ACL. I can't think of anything else than sniffing
> > > > > > > for the arp
> > > > > > > > > requests. Don't you use a DHCP server for the subnet to
> > > > > > > manage IP
> > > > > > > > > addressing centrally?
> > > > > > > > >
> > > > > > > > > Karl
> > > > > > > >
> > > > > > > >
> > > > > > > _______________________________________________________________________
> > > > > > > > Subscription information may be found at:
> > > > > > > > http://www.groupstudy.com/list/CCIELab.html
> > > > > > >
> > > > > > >
> > > > > > > _______________________________________________________________________
> > > > > > > Subscription information may be found at:
> > > > > > > http://www.groupstudy.com/list/CCIELab.html
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > > > --
> > > > > > Gregory Wendel
> > > > > > Springfield VA, 22153
> > > > >
> > > > >
> > > > >
> > > >
> > > >
> > > > --
> > > > Gregory Wendel
> > > > Springfield VA, 22153
> > > >
> > >
> > >
> > >
> > > --
> > > Gregory Wendel
> > > Springfield VA, 22153
This archive was generated by hypermail 2.1.4 : Tue May 01 2007 - 08:28:35 ART