[c-nsp] ARP on ASR9k 4.3.2
Florian Lohoff
f at zz.de
Thu Jan 16 03:35:23 EST 2014
Hi,
we made some upgrade from 4.1.1 to 4.3.2 tonight and discovery new and
strange ARP behaviour.
The ASR9k seems to store arbitrary ARP responses in its MAC Address
table.
In our setup this lead to reachability problems because it had cought
an ARP response for a loopback address of a linux server which it had
a route to. Because of this arp entry the loopbacks ip address was
unreachable.
172.3.4.49/28 172.3.4.52/28
ASR9k <---------------------> linux <------> lo1 172.3.4.8/32
We have ospf between the linux machine and the ASR9k for announcing
the loopback hostroute (anycast DNS setup)
I can see the route but i also see an ARP entry for the lo1 on the
linux machine with the mac address of eth0.
I know linux has some bad behaviour concerning ARP (default proxy arp
etc) but still i wouldnt expect a decent networking device polluting
their ARP table with entries for ip address not directly connected
or better - not reachable in any directly connected ip segment.
By tracing i could see that the ASR would not ask for an ARP
entry but other linux machines on the segment did.
Flo
PS: I made some sysctl tweaks on the linux machine to behave a little
more nice but still i see a bug here.
--
Florian Lohoff f at zz.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 828 bytes
Desc: Digital signature
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20140116/0809e232/attachment.sig>
More information about the cisco-nsp
mailing list