Hi,
The symptoms are very very similar, but the arp table is empty apart from the VLAN 1 mac address which is correct.
When you try to ping anything the arp table will just show the incomplete entry for the IP address you try to ping.
Thanks a lot for the pointer though, the IOS that runs in the switch is in the affected range so I will upgrade these soon.
> -----Original Message-----
> From: Gert Doering [mailto:gert@greenie.muc.de]
> Sent: Thursday November 2001 19:07
> To: steven.godfrey@intechnology.co.uk; 'Kevin Gannon';
> cisco-nsp@puck.nether.net
> Subject: Re: [nsp] Buffers full on switch?
>
>
> hi,
>
> On Thu, Nov 15, 2001 at 05:53:07PM -0000, Steven Godfrey wrote:
> > Any ideas how such a thing could happen on 2 switches at the same
> time, and why it only drops stuff destined for the VLAN interface?
>
> Could you, by chance, have some rogue hosts on that VLAN? There was a
> bugtraq article by Cisco today about ARP spoofing attacks against IOS
> switches, leading to the switches not responding to ARPs to their own
> IPs
> anymore.
>
> http://www.cisco.com/warp/public/707/IOS-arp-overwrite-vuln-pub.shtml
>
> gert
> --
> USENET is *not* the non-clickable part of WWW!
>
> //www.muc.de/~gert/
> Gert Doering - Munich, Germany
> gert@greenie.muc.de
> fax: +49-89-35655025
> gert.doering@physik.tu-muenchen.de
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:54 EDT