[c-nsp] Strange ARP behaviour

Rodney Dunn rodunn at cisco.com
Sat Aug 6 17:38:01 EDT 2005 

David,

Before you ping to the machine get:

sh ip cef <dst ip> from RouterA where the subnet
is connected to.

Get it both on the RSP and the ingress VIP the
traffic is coming in on from Router B.

A directly attached subnet should match a glean
adjacency and when a packet comes in you drop
and punt so the process level code can arp for it
to build the CEF adjacency. When the arp address is
populated (sh arp) then there will be a /32 FIB entry
installed (sh ip cef dstip) that points to the new adjacency
(mac header rewrite) for that ip address.

It sounds like the ingress packet isn't being punted to
the RSP for the ARP to be sent which is a bug.

If you ping from the router it's a process switched packet
so the arp is being generated.

The same arp should go out if the first packet to that
destination comes in and is being switched in the (d)CEF
path also.

Rodney




On Thu, Aug 04, 2005 at 02:28:42PM -0400, David Coulson wrote:
> I'm having a weird issue with a 7507/RSP4 (Router A) running 12.2(25)S5.
> There is a subnet defined, which is redistributed into another router
> (Router B) using OSPF. I have a single host within this subnet, which
> I'm running tcpdump on. I've also got a Router C, which has the same
> problem as Router B.
> 
> If I try to ping the host from router B, I don't get any response. A 'sh
> ip ro x.x.x.x' shows a normal looking routeing entry:
> 
> #sh ip ro 207.166.219.197
> Routing entry for 207.166.219.192/28
>   Known via "ospf 10", distance 110, metric 2, type intra area
>   Last update from 207.166.192.3 on FastEthernet0/0, 00:10:36 ago
>   Routing Descriptor Blocks:
>   * 207.166.192.3, from 207.166.219.2, 00:10:36 ago, via FastEthernet0/0
>       Route metric is 2, traffic share count is 1
> 
> If I traceroute to it, I see the correct nexthop, but it dies at that
> point. Strange thing is, I NEVER see an ARP request on the host I'm
> ping/tracing to.
> 
> If I ping direct from Router A, I drop the first packet, probably due to
> the ARP lookup, then I can throw 1000 packets at it and not drop any.
> More strange, I can now ping/trace to the host from Router B without any
> packet loss. As long as the IP is in the ARP cache of Router A, I don't
> have any problems - Changing the IP, or dumping the ARP cache, and I'm
> back to square one where I can't hit it at all from Router B.
> 
> I'm guessing this is probably an IOS bug or something, but I'm having
> difficulty tracking it down. Any suggestions? I've got no access-lists
> or weird route-maps at all.
> 
> David
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list