[c-nsp] Weird ADSL bridging issue

chris tknchris at gmail.com
Fri Dec 12 11:03:36 EST 2014 

Hello,

We have a small site we inherited that is still on ADSL on legacy sprint in
the northeast.
The ILEC is using aal5snap and we have a WIC-1ADSL with a physical ATM
interface thats bridged to BVI1, and we get a dynamic WAN ip from the ILEC
via DHCP on BVI1.

the ADSL part of our config looks like this:

*bridge irb*
*!*

*interface ATM0/0*
* description DSL Layer2*
* no ip address*
* atm restart timer 300*
* no atm ilmi-keepalive*
* dsl operating-mode auto *
* clock rate aal5 7000000*
* clock rate aal2 7000000*
* bridge-group 1*
* bridge-group 1 spanning-disabled*
* hold-queue 224 in*
* pvc 8/35 *
*  encapsulation aal5snap*
* !*
*!*

*interface BVI1*
* ip address dhcp*
* ip nat outside*

I was looking internet into a report of weird internet issues and I found
the arp table for BVI1 is full (several pages) of lots of random internet
IP's with the same MAC address which isnt local to the router:

*Protocol  Address          Age (min)  Hardware Addr   Type   Interface*
*Internet  17.110.228.155         26   0030.881b.f475  ARPA   BVI1*
*Internet  8.8.8.8               162   0030.881b.f475  ARPA   BVI1*
*Internet  23.3.13.24             25   0030.881b.f475  ARPA   BVI1*
*Internet  17.110.228.154         84   0030.881b.f475  ARPA   BVI1*
*Internet  74.209.254.102         24   0030.881b.f475  ARPA   BVI1*
*Internet  74.125.228.215         29   0030.881b.f475  ARPA   BVI1*
*Internet  173.194.121.18         29   0030.881b.f475  ARPA   BVI1*
*Internet  17.110.228.159         84   0030.881b.f475  ARPA   BVI1*
*Internet  69.172.216.55          24   0030.881b.f475  ARPA   BVI1*
*Internet  4.2.2.2               162   0030.881b.f475  ARPA   BVI1*
*Internet  31.13.69.80            25   0030.881b.f475  ARPA   BVI1*
*Internet  173.194.121.17         26   0030.881b.f475  ARPA   BVI1*
*Internet  17.110.224.152         36   0030.881b.f475  ARPA   BVI1*
*Internet  66.196.81.223           2   0030.881b.f475  ARPA   BVI1*
*Internet  74.125.228.219         21   0030.881b.f475  ARPA   BVI1*
*Internet  17.167.146.44          22   0030.881b.f475  ARPA   BVI1*
*Internet  173.194.121.30         26   0030.881b.f475  ARPA   BVI1*
*Internet  17.172.239.90          35   0030.881b.f475  ARPA   BVI1*
*Internet  74.122.189.133         97   0030.881b.f475  ARPA   BVI1*
*Internet  173.252.79.23          49   0030.881b.f475  ARPA   BVI1*
*Internet  17.173.255.74         144   0030.881b.f475  ARPA   BVI1*

Interestingly enough when I look up the OUI of that MAC I see Sierra
Systems aka Redback which I happen to know is the DSLAM that the ILEC is
using.

Anyone seen anything like this? I am trying to figure out if its an issue
with the bridging on the local router or telco misconfiguration.

I rarely touch any ATM anymore so I'm scratching my head here but hoping
something obvious might stand out to someone.

TIA,
chris

More information about the cisco-nsp mailing list