[nsp] leaking vlans on a cat2950/cat6500-msfc2
Matt Stockdale
mstockda at logicworks.net
Thu Sep 18 18:49:14 EDT 2003
Ok, I'm totally baffled. I've got a customer firewall that's seeing
traffic that exists on another vlan. tcpdump and some arp investigation
showed that it was our backup 6500 sending the traffic out to the
firewall's vlan. doing a shutdown and no shut on the vlan interface
stopped the traffic..
What I don't understand is
a) how it managed to send that traffic (where neither the source nor
the destination MAC's were on the firewall) to a 2950 that wasn't even
directly connected to it (actually, more than 1 2950)
b) why the 2950 went ahead and sent it to the firewall
I'm not even sure where to begin troubleshooting this...
suggestions?
Thanks,
Matt
--
-----------------------
Matt Stockdale
Sr Network Engineer
mstockda at logicworks.net
More information about the cisco-nsp
mailing list