[j-nsp] Odd issue with ARP in different subnet

Keegan Holley keegan.holley at sungard.com
Wed Mar 9 19:50:50 EST 2011 

There us a keyword like primary or preferred that tells the switch which ip address to use to source traffic on a particular interface.  It doesn't quite fit the behavior I remember but it could be part of the problem.  What does the routing table say?

Sent from my iPhone

On Mar 9, 2011, at 10:43 AM, Chris Adams <cmadams at hiwaay.net> wrote:

> I have run into an odd issue with ARP on an EX switch that I think is a
> bug in JUNOS, but I wanted to see what others thought before I tried
> JTAC (maybe I'm missing something).
> 
> I have an EX2200 switch that cannot talk to one of my recursive DNS
> servers.  The switch is in subnet a.b.c.0/27, while the DNS IP is in
> x.y.z.0/29.  The DNS IP is anycasted, and the primary server serving it
> is in the same a.c.b.0/27 subnet as the switch (the DNS IP is a
> secondary IP on the same interface).
> 
> When the switch tries to reach the DNS IP, it sends the packet to the
> default router.  The router sends it to the server, and the server sends
> an ARP request for the switch's IP.  The sending IP address in the ARP
> request is the DNS IP.  As far as I can tell, JUNOS doesn't send a
> response to the ARP request.
> 
> I'm guessing that it isn't sending a response because the sending IP is
> in a different subnet, but as far as I can tell from reading the ARP RFC
> (826), that is not supposed to figure into an ARP response.
> 
> The DNS server is Linux, and I can see Linux will respond to
> out-of-subnet ARP requests.  I also have an old Cisco switch in the same
> subnet, and it also responds to out-of-subnet ARP requests.
> 
> If I ping the switch from the Linux server, the ARP request goes out
> with the IP in the same subnet, the switch responds, the Linux server
> gets an ARP cache entry, and communication works both ways for all IPs
> until the ARP cache entry expires on the Linux side.
> 
> -- 
> Chris Adams <cmadams at hiwaay.net>
> Systems and Network Administrator - HiWAAY Internet Services
> I don't speak for anybody but myself - that's enough trouble.
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>

More information about the juniper-nsp mailing list