[c-nsp] Strange ARP problem between 3560 and Linksys

Garry Glendown garry at glendown.de
Tue Sep 4 15:09:08 EDT 2007


Hi,

I've had some strange problem at a customer site ... setup generally
looks like this: two 3560 (call the A and B), connected to each other
via 2 port etherchannel, each of the two connected via one fiber link to
a Linksys SRW 2024 (called L). STP blocks one of the fiber links (let's
say between B and L), everything looks good on layer 2/3 ... Multiple
VLANs are in use, which are trunked between the Ciscos and the Linksys,
though only 4 VLANs are actually in use on the Linksys (the others
aren't configured).

Now for the problem, I can't seem to get any ARP requests through from
the Cisco switches to the Linksys, at least not from anything further
than A: I can ping anything connected to L from A, though neither B nor
other hosts hooked up to A can reach anything connected to L. I did a
"debug arp" on A, and I do see the arp requests coming in. Once the
boxes connected to L actively ping (or anything else) anything hooked up
to either A or B, that destination can then reach that box as it then
has the MAC of the box (so MAC addresses seem to be learned correctly on
the Cisco switches). Doing a tcpdump on a Linux box hooked up to L
showed me no ARP requests from behind A, so there must be SOMETHING
keeping either A from forwarding the ARP requests, or L from accepting
them on the trunk link.

As the Linksys was just hooked up replacing a 3524, without any changes
to the two 3560s, I wouldn't expect the Cisco switches to be causing
this ... especially as there isn't much to the port config anyway...:

interface GigabitEthernet0/26
 switchport trunk encapsulation dot1q
 switchport mode trunk
 speed nonegotiate

Storm Control and stuff is all disabled on the Linksys, can't really see
anything else in the config that could/should cause this kind of problem ...

Anybody have any suggestions?

Tnx!

-- 

They who would give up an essential liberty for temporary security,
neiter deserve nor receives either   --  B.Franklin


More information about the cisco-nsp mailing list