Bing in over my head, I must confess to not knowing Cisco IOS. I did find the MAC address in the Cisco Network Assasin. This will help in the future...
Now, this brings up Problem #2: The machine in question is a Dell PE-1950 Citrix server. It has two NICs. When the server was built, only one of the NICs was used. Later, the Broadcom software was downloaded and installed, and the two NICs were teamed for fail-over redundency. Both the Cisco Network Assasin and the "ping / arp -a" show that this NIC has the IP address "10.1.2.47". It is a static IP address and is in our DATA VLAN. Wireshark shows that this NIC is sending gratuitous ARP packets and is claiming the address "10.1.20.45" (DHCP and in the VOICE VLAN). Any hints on how to make a (Dell/Broadcom) NIC stop sending gratuitious ARP packets? Thanks again... -- richard "Jim Holmgren" <[email protected]> wrote on 08/24/2010 09:21:02 AM: > Think lower-level. Find the MAC address on your switch, get the > port that it is plugged into and follow it from there. > > > Jim Holmgren > Manager of Server Engineering > XLHealth Corporation > The Warehouse at Camden Yards > 351 West Camden Street, Suite 100 > Baltimore, MD 21201 > 410.625.2200 (main) > 443.524.8573 (direct) > 443-506.2400 (cell) > www.xlhealth.com > > > > From: [email protected] [mailto:[email protected]] > Sent: Tuesday, August 24, 2010 10:17 AM > To: NT System Admin Issues > Subject: What IP has this MAC? > > > Greetings! > > I am experiencing a bit of a network problem with, at the moment, is > more of an annoyance (but could easily get bigger!). Somewhere I > have a NIC spewing out gratuitious ARP packets. (I did eventually > hunt it down, but for the future...) > > Using Wireshark, I have the MAC address of the offending NIC. > Again, for the future, is there a ping command switch or something > else which will enable me to enter the MAC address and have the IP returned? > > Wireshark does indicate the offender is a Dell system. However, > being mostly a Dell shop, pinging each node here and then examining > my ARP cache is rather slow... > > Thanks! > -- > Richard D. McClary > Systems Administrator, Information Technology Group > ASPCA® > 1717 S. Philo Rd, Ste 36 > Urbana, IL 61802 > > [email protected] > > P: 217-337-9761 > C: 217-417-1182 > F: 217-337-9761 > www.aspca.org > > The information contained in this e-mail, and any attachments > hereto, is from The American Society for the Prevention of Cruelty to Animals® > (ASPCA®) and is intended only for use by the addressee(s) named > herein and may contain legally privileged and/or confidential > information. If you are not the intended recipient of this e-mail, > you are hereby notified that any dissemination, distribution, > copying or use of the contents of this e-mail, and any attachments > hereto, is strictly prohibited. If you have received this e-mail in > error, please immediately notify me by reply email and permanently > delete the original and any copy of this e-mail and any printout thereof. > > > > > > > CONFIDENTIALITY NOTICE: This email, including attachments, is for > the sole use of the intended recipient(s) and may contain > confidential and/or protected health information. Under the Federal > Law (HIPAA), the intended recipient is obligated to keep this > information secure and confidential. Any disclosure to third parties > without authorization from the member of as permitted by law is > prohibited and punishable under Federal Law. If you are not the > intended recipient, please contact the sender by reply e-mail and > destroy all copies of the original message. > > NOTA DE CONFIDENCIALIDAD: Este mensaje incluyendo cualquier anejo es > para uso exclusivo del (los) destinatario (s) y puede incluir > información confidencial y/o información de salud protegida. La Ley > Federal (HIPAA) establece que el destinatario está obligado a > mantener la información confidencial y sequra. HIPAA prohíbe y > castiga cualquier divulgación a terceras personas sin autorización > del afiliado o permitido por ley. Si usted no es el destinatario, > redirija esta mensaje al remitente, y destruye cualquier copia > existente del mensaje original. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
