Hello. I am trying to set up ip unnumbered on ME-3600X-24FS-M. IOS version currently running is 15.3(3)S1, also tried suggested (15.5(3)S2)
Problem occur, when i'm trying to enable arp poll mechanism (ip unnumbered <interface> poll). A windows PC does not apply settings which it has got via dhcp. It is recieving DHCP ACK and to ensure, that there is no stations with the same ip around, it then sends gratuitous arp, with src ip 0.0.0.0 src mac of itself and dst address, that was in DHCP ACK. ME3600 then sends an arp reply, with desired ip and it's own mac address in source (does not happen, if i switch off poll), a PC then sends DHCP DECLINE, because it thinks, that duplicate ip occur. This is what i see from debug arp: .Mar 21 14:11:39.175: IP ARP: rcvd req src 0.0.0.0 3c07.7159.98d2, dst 10.246.0.5 Vlan3996 .Mar 21 14:11:39.175: IP ARP: rejecting entry for IP address: 0.0.0.0, hw: 3c07.7159.98d2 .Mar 21 14:11:39.175: IP ARP: sent rep src 10.246.0.5 5c50.1543.8640 Here is testing lab's config: ip dhcp pool testdhcppoll network 10.246.0.0 255.255.255.0 default-router 10.246.0.1 vlan 3996 interface Loopback1 ip address 10.246.0.1 255.255.255.0 interface GigabitEthernet0/3 switchport access vlan 3996 spanning-tree portfast spanning-tree bpdufilter enable end interface Vlan3996 ip unnumbered Loopback1 poll I've tried to disable gratuitous arp and proxy arp and things like these, but nothing helps. Only solution i've found so far is to switch on ip arp inspection with an arp acl: arp access-list denygratarp deny request ip host 0.0.0.0 mac any permit ip any mac any Then it works, but when i switch on arp inspection on a customer vlan, on any of 3600s in my production network, i'm getting some unpleasant tracebacks in logs: Mar 21 12:11:46: -Traceback= 7316A4z 28646B0z 2865DBCz 2F53E70z 25B3D00z 25F7808z 25F24C4z 25F3338z 2F3F06Cz 2894CC4z 2894CC4z 2F3F128z 1066C18z 1066C18z 10672F8z 247667Cz Mar 21 12:11:46: ************** SVI SEND invoked with NULL HWIDB Mar 21 12:11:46: -Traceback= 7316A4z 28646B0z 2865DBCz 2F53E70z 25B3D00z 25F7808z 25F24C4z 25F3338z 2F3F06Cz 2894CC4z 2894CC4z 2F3F128z 1066C38z 1066C18z 10672F8z 247667Cz Mar 21 12:11:46: ************** SVI SEND invoked with NULL HWIDB Also I really don't want to use arp inspection, if not needed. Are there any ways to solve this problem? Also tested this mechanism on several other L3 switches, 3750-12G and C4900M, seems to work fine. С уважением, Мудров Дмитрий, Ведущий инженер Тел. +7(812)386-20-20 Доб. 3202 _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
