Try tracing down further things on the next occurence, such as checking Vlan interface status, gathering ipv6 nd table 'sh ipv6 neighbors', and 'sh mac address-table' to see where those MACs are pointing to.
Andras On Sun, Dec 9, 2012 at 3:03 PM, Randy <[email protected]> wrote: > On 12/08/2012 6:59 pm, Dobbins, Roland wrote: > >> On Dec 9, 2012, at 9:26 AM, Randy wrote: >> >> Rogue RA? >>> >> >> That was actually my first thought. Is this an access VLAN in a >> customer colo (real or virtual) environment? >> > > It's a colo cabinet full of unmanaged VM's bridged onto the VLAN so it's > conceivable they could have done just about anything. IPv4 continued to > function normally but I guess someone was able to either disable or steal > the v6 GW. > > -- > ~Randy > > ______________________________**_________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/**mailman/listinfo/cisco-nsp<https://puck.nether.net/mailman/listinfo/cisco-nsp> > archive at > http://puck.nether.net/**pipermail/cisco-nsp/<http://puck.nether.net/pipermail/cisco-nsp/> > _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
