ARP and IP Problems - TCP-IP

This is a discussion on ARP and IP Problems - TCP-IP ; I'm experiencing an issue that appears to be related to ARP and am not sure how to handle it. I have several devices on my LAN (two Dell/Windows servers and my own Apple laptop are the devices I'm working with) ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: ARP and IP Problems

  1. ARP and IP Problems

    I'm experiencing an issue that appears to be related to ARP and am not
    sure how to handle it.

    I have several devices on my LAN (two Dell/Windows servers and my own
    Apple laptop are the devices I'm working with) that will sporadically
    lose IP connectivity to the LAN gateway (Cisco 3845 router). In my
    troubleshooting, I have discovered that when the host loses the
    ability to communicate with the gateway, if I run an "arp -d" command
    on the arp entry for the gateway, connectivity is immediately
    restored.

    The problem will occur approximately every 15 minutes or so. When the
    problem occurs, if I run an "arp -a" command on the node, the ARP
    entry appears to be correct. I also reviewed the MAC table on my
    switch (Cisco 3750) and on my gateway router. Both also appeared to be
    correct. To be sure, I cleared the MAC addresses on both devices, but
    the problem persists.

    I have a feeling it has something to do with the router, but am not
    sure how to show it.

    Any help would be greatly appreciated.

  2. Re: ARP and IP Problems

    On 16 Jan 2008, Nicholas wrote:

    > I'm experiencing an issue that appears to be related to ARP and am
    > not sure how to handle it.
    >
    > I have several devices on my LAN (two Dell/Windows servers and my
    > own Apple laptop are the devices I'm working with) that will
    > sporadically lose IP connectivity to the LAN gateway (Cisco 3845
    > router). In my troubleshooting, I have discovered that when the
    > host loses the ability to communicate with the gateway, if I run
    > an "arp -d" command on the arp entry for the gateway, connectivity
    > is immediately restored.


    I'm not sure I understand exactly when happens. The hosts can
    communicate with each other OK but just not with the gateway? Or can
    they not see each other? Do all the hosts lose communication with
    the gateway at the same time?

    > The problem will occur approximately every 15 minutes or so. When
    > the problem occurs, if I run an "arp -a" command on the node, the
    > ARP entry appears to be correct. I also reviewed the MAC table on
    > my switch (Cisco 3750) and on my gateway router. Both also
    > appeared to be correct. To be sure, I cleared the MAC addresses on
    > both devices, but the problem persists.
    >
    > I have a feeling it has something to do with the router, but am
    > not sure how to show it.


    Interesting. I have seen something similar when an Ethernet *switch*
    isn't behaving properly. If there's no traffic for a while, the
    switch drops old entries from it's forwarding tables. If this
    happens for the gateway, the switch "forgets" (and must relearn)
    which port the gateway is attached to. This shouldn't matter since
    it should forward frames with unknown destination to all active
    ports. But maybe sometimes it doesn't ;-)

    If this is happening in your case, when you clear the ARP table and
    your host issues a new ARP request, it is broadcast to all ports by
    the switch, and when the gateway replies, the switch learns where it
    is from source MAC address of the reply. So you're back in business.

    If this is what's happening, I would expect all the hosts connected
    to the switch to lose connectivity to the gateway at the same time
    since it's a problem with the forwarding tables in the switch. You
    might also check if a ping to the LAN's broadcast address restores
    connectivity without clearing the ARP cache. (I'm guessing that the
    ping on your Apple may support pinging the broadcast address and your
    Cisco router may respond to broadcast pings.) Also, if this is
    right, continuosly pinging the router from one of the hosts would
    prevent the problem from happening as long as the pinging continues,
    since the forwarding table entry won't timeout.

    Dave

    --
    D.a.v.i.d T.i.k.t.i.n
    t.i.k.t.i.n [at] a.d.v.a.n.c.e.d.r.e.l.a.y [dot] c.o.m

+ Reply to Thread