- Posts: 67
- Thank you received: 0
ARP issue on the router with HSRP.
17 years 2 weeks ago #23897
by ramasamy
ARP issue on the router with HSRP. was created by ramasamy
Hi,
We have a ISA server configured with failover. The ISA server is having the Vritual IP and MAC address and 2 routers are in HSRP.
The router and ISA Server are on the same network but i am not able to ping the Vritual IP address of the server from the router. and i am able to ping the ISA server Physical IP address.
From other devices i am able to ping the vritual IP address.
I have given the show arp command and found that the Router is not able to get the ARP entry only for the Vritual IP address
Internet 10.190.0.7 0 Incomplete ARPA
In the debug output of the ARP
2d02h: IP ARP: rcvd req src 10.190.0.38 0019.aa1e.e81b, dst 10.190.0.7 GigabitEthernet0/1.309
2d02h: IP ARP: sent req src 10.190.0.37 0019.56eb.fa1b, dst 10.190.0.7 0000.0000.0000 GigabitEthernet0/1.309
2d02h: IP ARP throttled out the ARP Request for 10.190.0.7
Can any one help me in this case.
Thanks in advance..
We have a ISA server configured with failover. The ISA server is having the Vritual IP and MAC address and 2 routers are in HSRP.
The router and ISA Server are on the same network but i am not able to ping the Vritual IP address of the server from the router. and i am able to ping the ISA server Physical IP address.
From other devices i am able to ping the vritual IP address.
I have given the show arp command and found that the Router is not able to get the ARP entry only for the Vritual IP address
Internet 10.190.0.7 0 Incomplete ARPA
In the debug output of the ARP
2d02h: IP ARP: rcvd req src 10.190.0.38 0019.aa1e.e81b, dst 10.190.0.7 GigabitEthernet0/1.309
2d02h: IP ARP: sent req src 10.190.0.37 0019.56eb.fa1b, dst 10.190.0.7 0000.0000.0000 GigabitEthernet0/1.309
2d02h: IP ARP throttled out the ARP Request for 10.190.0.7
Can any one help me in this case.
Thanks in advance..
17 years 2 weeks ago #23906
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: ARP issue on the router with HSRP.
This is something that we came across because the actual reply comes from the physical and the switch ports don't learn the virtual MAC which caused us problems with the switch ports being flooded.
We manually added the MAC addresses to the switch ports that the servers are plugged into.
This may be similar to your issue.
IGMP Snooping can also be configured to stop the broadcast storms that can occur with NLB
support.microsoft.com/kb/283028
technet2.microsoft.com/windowsserver/en/...ff282f8e7f11033.mspx
We manually added the MAC addresses to the switch ports that the servers are plugged into.
This may be similar to your issue.
IGMP Snooping can also be configured to stop the broadcast storms that can occur with NLB
support.microsoft.com/kb/283028
technet2.microsoft.com/windowsserver/en/...ff282f8e7f11033.mspx
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Time to create page: 0.114 seconds