RE: [WIRELESS-LAN] MAC OSX Duplicate IP's
Hello Joel, Our 6500's had arp timeouts set to 300 seconds and the Nexus 7K's were set to 1500 seconds. After going back and forth with Cisco, they recommended setting the arp timeout to 300 seconds since we weren't having the problems with this before our 7K's went in. After making the change, mind you I'm not the primary engineer for the 7k, the problems seemed to have resolved themselves. We did have to clear the arp table after the changes were made on each Vlan. What was strange was that it appeared to only affect IOS devices at first, but then we had MS Surfaces, Windows 10 PC's and tablets starting to exhibit problems. AVC wasn't ever enabled on our 8540's because of other posts in the thread. Cisco also recommended to disable DHCP profiling as a troubleshooting step on our 802.1x wireless network, but that didn't seem to have any impact on the problem. Since shortening the timer on the 7K's, we haven’t had any issues. September 2016 through November 2016 we upgraded our core to the 7K's, upgraded our wireless controllers from redundant 5508's to 8540 HA pairs, added nearly 800 1810W APs in our dorms and replaced all our 100Mbps switches (in dorms) with the Cisco 3850 10G model. We have an additional 850 3802 APs going into our Academic buildings as well as replacing all switches with the 3850 48port 10G model. With such a massive undertaking, we were bound to run into some issues, but our Cisco team, as well as our VAR (Sentinel) helped us expedite and get quite a few bugs resolved in record time. We've had only 16 network related tickets since January 5th, 2017 which is down from 80-100 when the students return from Winter Break. Considering I'm the only wireless engineer at the University, this upgrade has made things manageable and students very happy. Thanks for checking back on this thread. Take care, and have a great weekend! Shayne -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Spaans, Joel H Sent: Friday, March 17, 2017 2:41 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] MAC OSX Duplicate IP's Just finally got around to catching up on the Listserv. Shane, have you found a resolution to this issue? The default ARP timers on Cisco 6500 are actually 14400 seconds(4 hours). The default MAC address timers are 5 minutes. These were both Cisco standard up until Nexus(to my knowledge). Nexus uses a default ARP timer of 1500 seconds(25 minutes). The MAC address timer in Nexus is 1800 seconds(30 minutes). You'll notice that the ARP timer used to be longer than the MAC timers. Cisco has rightfully moved to a default that keeps the ARP timers lower than the MAC timers in order to reduce flooding of unicast frames. Did you change the ARP or MAC timers and what value did you set? Do any network devices in your environment have "ip device tracking" turned on? There is plenty of reading on Google about the problems this can cause. We saw this previous to our Nexus deployment with a some 3750X switches running 15.2 IOS. -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Shayne Ghere Sent: Tuesday, February 28, 2017 11:38 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] MAC OSX Duplicate IP's Hello Bruce, Thanks for the info. I read the info about the ARP Caching in FlexConnect mode and didn't never enabled it due to some issues others were having before we set everything up in September 2016. The second link was the bug on the 5500's I read about. The mac add count is only 10660, which isn't that high so we're leaning to the ARP Timeout in the Nexus switches being set at 1500 by default to 300 like they were in the 6500's before the upgrade. We made the timeout change a little over an hour ago, and so far so good, but there's still 13 hours to go. Ha ha Thanks again Shayne -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Bruce Curtis Sent: Tuesday, February 28, 2017 11:28 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] MAC OSX Duplicate IP's Importance: High Are your APs in Flexconnect mode and if so do you have flex connect arp cache enabled? If so you might want to try disabling ARP caching. http://www.cisco.com/c/en/us/td/docs/wireless/controller/8-2/config-guide/b_cg82/b_cg82_chapter_010010101.html https://quickview.cloudapps.cisco.com/quickview/bug/CSCuy29143 What model of card are the devices connected to on the Nexus 7ks? And how many MAC addresses are in the MAC address table (the layer 2 table, not the ARP table)? (check with "show mac address count”) We saw dif
RE: [WIRELESS-LAN] MAC OSX Duplicate IP's
Just finally got around to catching up on the Listserv. Shane, have you found a resolution to this issue? The default ARP timers on Cisco 6500 are actually 14400 seconds(4 hours). The default MAC address timers are 5 minutes. These were both Cisco standard up until Nexus(to my knowledge). Nexus uses a default ARP timer of 1500 seconds(25 minutes). The MAC address timer in Nexus is 1800 seconds(30 minutes). You'll notice that the ARP timer used to be longer than the MAC timers. Cisco has rightfully moved to a default that keeps the ARP timers lower than the MAC timers in order to reduce flooding of unicast frames. Did you change the ARP or MAC timers and what value did you set? Do any network devices in your environment have "ip device tracking" turned on? There is plenty of reading on Google about the problems this can cause. We saw this previous to our Nexus deployment with a some 3750X switches running 15.2 IOS. -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Shayne Ghere Sent: Tuesday, February 28, 2017 11:38 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] MAC OSX Duplicate IP's Hello Bruce, Thanks for the info. I read the info about the ARP Caching in FlexConnect mode and didn't never enabled it due to some issues others were having before we set everything up in September 2016. The second link was the bug on the 5500's I read about. The mac add count is only 10660, which isn't that high so we're leaning to the ARP Timeout in the Nexus switches being set at 1500 by default to 300 like they were in the 6500's before the upgrade. We made the timeout change a little over an hour ago, and so far so good, but there's still 13 hours to go. Ha ha Thanks again Shayne -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Bruce Curtis Sent: Tuesday, February 28, 2017 11:28 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] MAC OSX Duplicate IP's Importance: High Are your APs in Flexconnect mode and if so do you have flex connect arp cache enabled? If so you might want to try disabling ARP caching. http://www.cisco.com/c/en/us/td/docs/wireless/controller/8-2/config-guide/b_cg82/b_cg82_chapter_010010101.html https://quickview.cloudapps.cisco.com/quickview/bug/CSCuy29143 What model of card are the devices connected to on the Nexus 7ks? And how many MAC addresses are in the MAC address table (the layer 2 table, not the ARP table)? (check with "show mac address count”) We saw different symptoms when the MAC MAC address table was exceeded but it is still worth checking to eliminate as a possible problem. > On Feb 27, 2017, at 9:10 PM, Shayne Ghere > wrote: > > I’m reaching out since we just started having problems with users > complaining about getting messages on their Mac’s about a duplicate IP > address on the network. > > When looking in the ARP table of the Cisco Nexus switches, the mac > address of their computer isn’t in there, however the IP address their > machine has is owned by another mac address even though both the > Controller and Prime doesn’t see that machine associated. > > I came across an article that the Arp Cache Timeout on the 6509’s was 300 > seconds, but the Nexus (7K) has bumped it to 1500-1800 seconds now. That > jives with what I’m seeing as the disassociation time of the original > machine, and the duplicate message (within 20-25 minutes). > > The Arp-Cache timeout on the Controller is set for 1800 seconds, and > was configured that way since September 2016 (Cisco WLC 8540) with no > problems. > > This problem just cropped up within the past two weeks and is gaining > steam. Out of the 30 or so devices, 38 are Mac’s and the other two > are Windows 10 or Microsoft Surface tablets. > > This is only happening on our Secure 802.1x wireless network. > > We use Microsoft NPS for Radius and Linux DHCP/DNS. > > If anyone else is experiencing these issues, or could point us in the > right direction, I would greatly appreciate it. Our Server/Radius > team is fairly sure it’s not on their end, yet after talking with > Cisco, I’m fairly positive it’s not the Controller/Wireless. Not > finger pointing, just asking for some advice. > > Thanks in advance! > Shayne > > -- > T. Shayne Ghere > Bradley University > Wireless/Lan Network Engineer > 1501 W. Bradley Ave, Jobst 224A > (309) 677-3094 > sgh...@fsmail.bradley.edu > -- > UPCOMING OUT OF OFFICE > > > ** Participation and subscription information for this > EDU
RE: [WIRELESS-LAN] MAC OSX Duplicate IP's
Hello Bruce, Thanks for the info. I read the info about the ARP Caching in FlexConnect mode and didn't never enabled it due to some issues others were having before we set everything up in September 2016. The second link was the bug on the 5500's I read about. The mac add count is only 10660, which isn't that high so we're leaning to the ARP Timeout in the Nexus switches being set at 1500 by default to 300 like they were in the 6500's before the upgrade. We made the timeout change a little over an hour ago, and so far so good, but there's still 13 hours to go. Ha ha Thanks again Shayne -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Bruce Curtis Sent: Tuesday, February 28, 2017 11:28 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] MAC OSX Duplicate IP's Importance: High Are your APs in Flexconnect mode and if so do you have flex connect arp cache enabled? If so you might want to try disabling ARP caching. http://www.cisco.com/c/en/us/td/docs/wireless/controller/8-2/config-guide/b_cg82/b_cg82_chapter_010010101.html https://quickview.cloudapps.cisco.com/quickview/bug/CSCuy29143 What model of card are the devices connected to on the Nexus 7ks? And how many MAC addresses are in the MAC address table (the layer 2 table, not the ARP table)? (check with "show mac address count”) We saw different symptoms when the MAC MAC address table was exceeded but it is still worth checking to eliminate as a possible problem. > On Feb 27, 2017, at 9:10 PM, Shayne Ghere > wrote: > > I’m reaching out since we just started having problems with users > complaining about getting messages on their Mac’s about a duplicate IP > address on the network. > > When looking in the ARP table of the Cisco Nexus switches, the mac address > of their computer isn’t in there, however the IP address their machine has > is owned by another mac address even though both the Controller and Prime > doesn’t see that machine associated. > > I came across an article that the Arp Cache Timeout on the 6509’s was 300 > seconds, but the Nexus (7K) has bumped it to 1500-1800 seconds now. That > jives with what I’m seeing as the disassociation time of the original > machine, and the duplicate message (within 20-25 minutes). > > The Arp-Cache timeout on the Controller is set for 1800 seconds, and was > configured that way since September 2016 (Cisco WLC 8540) with no > problems. > > This problem just cropped up within the past two weeks and is gaining > steam. Out of the 30 or so devices, 38 are Mac’s and the other two are > Windows 10 or Microsoft Surface tablets. > > This is only happening on our Secure 802.1x wireless network. > > We use Microsoft NPS for Radius and Linux DHCP/DNS. > > If anyone else is experiencing these issues, or could point us in the > right direction, I would greatly appreciate it. Our Server/Radius team is > fairly sure it’s not on their end, yet after talking with Cisco, I’m > fairly positive it’s not the Controller/Wireless. Not finger pointing, > just asking for some advice. > > Thanks in advance! > Shayne > > -- > T. Shayne Ghere > Bradley University > Wireless/Lan Network Engineer > 1501 W. Bradley Ave, Jobst 224A > (309) 677-3094 > sgh...@fsmail.bradley.edu > -- > UPCOMING OUT OF OFFICE > > > ** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/discuss. --- Bruce Curtis bruce.cur...@ndsu.edu Certified NetAnalyst II701-231-8527 North Dakota State University ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] MAC OSX Duplicate IP's
Are your APs in Flexconnect mode and if so do you have flex connect arp cache enabled? If so you might want to try disabling ARP caching. http://www.cisco.com/c/en/us/td/docs/wireless/controller/8-2/config-guide/b_cg82/b_cg82_chapter_010010101.html https://quickview.cloudapps.cisco.com/quickview/bug/CSCuy29143 What model of card are the devices connected to on the Nexus 7ks? And how many MAC addresses are in the MAC address table (the layer 2 table, not the ARP table)? (check with "show mac address count”) We saw different symptoms when the MAC MAC address table was exceeded but it is still worth checking to eliminate as a possible problem. > On Feb 27, 2017, at 9:10 PM, Shayne Ghere wrote: > > I’m reaching out since we just started having problems with users complaining > about getting messages on their Mac’s about a duplicate IP address on the > network. > > When looking in the ARP table of the Cisco Nexus switches, the mac address of > their computer isn’t in there, however the IP address their machine has is > owned by another mac address even though both the Controller and Prime > doesn’t see that machine associated. > > I came across an article that the Arp Cache Timeout on the 6509’s was 300 > seconds, but the Nexus (7K) has bumped it to 1500-1800 seconds now. That > jives with what I’m seeing as the disassociation time of the original > machine, and the duplicate message (within 20-25 minutes). > > The Arp-Cache timeout on the Controller is set for 1800 seconds, and was > configured that way since September 2016 (Cisco WLC 8540) with no problems. > > This problem just cropped up within the past two weeks and is gaining steam. > Out of the 30 or so devices, 38 are Mac’s and the other two are Windows 10 or > Microsoft Surface tablets. > > This is only happening on our Secure 802.1x wireless network. > > We use Microsoft NPS for Radius and Linux DHCP/DNS. > > If anyone else is experiencing these issues, or could point us in the right > direction, I would greatly appreciate it. Our Server/Radius team is fairly > sure it’s not on their end, yet after talking with Cisco, I’m fairly positive > it’s not the Controller/Wireless. Not finger pointing, just asking for some > advice. > > Thanks in advance! > Shayne > > -- > T. Shayne Ghere > Bradley University > Wireless/Lan Network Engineer > 1501 W. Bradley Ave, Jobst 224A > (309) 677-3094 > sgh...@fsmail.bradley.edu > -- > UPCOMING OUT OF OFFICE > > > ** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/discuss. --- Bruce Curtis bruce.cur...@ndsu.edu Certified NetAnalyst II701-231-8527 North Dakota State University ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] MAC OSX Duplicate IP's
Wireshark was run, and about 100 of our AP’s responded stating that there was already a device using that IP, but with a different MAC address. When I looked in the ARP table on our router(s), it showed the same wrong MAC address, but when I cleared the arp entry on the router, the machine started working right away. It looks like the 6500 series switches had an arp timeout of 300 seconds, and now the Nexus 7K’s are set by default to 1500. We also had a professor have his class install VirtualBox/Ubuntu on their laptops (which use our secure wireless network), but I do know that one student that works for me said they just installed it and didn’t set it up. I’m wondering if we have a combination of things happening.Definitely, the ARP entries in the routers are wrong. Shayne *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Kanan E Simpson *Sent:* Tuesday, February 28, 2017 8:04 AM *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject:* Re: [WIRELESS-LAN] MAC OSX Duplicate IP's Shayne, Just curious, have you confirmed it’s not a rogue DHCP or router that popped up within that time? If not already performed, run wireshark or a packet capture on the machines in question and filter out the dhcp packet and see who is offering the leases. That filter would be bootp.hw_macaddr== xx:xx:xx:xx:xx:xx. If it’s a rogue router, you may not see it in your routers arp table. *Kanan Simpson* Network Services Engineer Valdosta State University *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [ mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU ] *On Behalf Of *Shayne Ghere *Sent:* Monday, February 27, 2017 10:11 PM *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject:* [WIRELESS-LAN] MAC OSX Duplicate IP's *Importance:* High I’m reaching out since we just started having problems with users complaining about getting messages on their Mac’s about a duplicate IP address on the network. When looking in the ARP table of the Cisco Nexus switches, the mac address of their computer isn’t in there, however the IP address their machine has is owned by another mac address even though both the Controller and Prime doesn’t see that machine associated. I came across an article that the Arp Cache Timeout on the 6509’s was 300 seconds, but the Nexus (7K) has bumped it to 1500-1800 seconds now. That jives with what I’m seeing as the disassociation time of the original machine, and the duplicate message (within 20-25 minutes). The Arp-Cache timeout on the Controller is set for 1800 seconds, and was configured that way since September 2016 (Cisco WLC 8540) with no problems. This problem just cropped up within the past two weeks and is gaining steam. Out of the 30 or so devices, 38 are Mac’s and the other two are Windows 10 or Microsoft Surface tablets. This is only happening on our Secure 802.1x wireless network. We use Microsoft NPS for Radius and Linux DHCP/DNS. If anyone else is experiencing these issues, or could point us in the right direction, I would greatly appreciate it. Our Server/Radius team is fairly sure it’s not on their end, yet after talking with Cisco, I’m fairly positive it’s not the Controller/Wireless. Not finger pointing, just asking for some advice. Thanks in advance! Shayne -- T. Shayne Ghere Bradley University Wireless/Lan Network Engineer 1501 W. Bradley Ave, Jobst 224A (309) 677-3094 sgh...@fsmail.bradley.edu -- *UPCOMING OUT OF OFFICE* ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] MAC OSX Duplicate IP's
All, Would DHCP Snooping and Dynamic arp inspection address this issue? Regards, Christina Klam -- Christina Klam Network Engineer Institute for Advanced Study Email: ck...@ias.edu Einstein Drive Telephone: 609-734-8154 Princeton, NJ 08540 Fax: 609-951-4418 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] MAC OSX Duplicate IP's
Shayne, Just curious, have you confirmed it’s not a rogue DHCP or router that popped up within that time? If not already performed, run wireshark or a packet capture on the machines in question and filter out the dhcp packet and see who is offering the leases. That filter would be bootp.hw_macaddr== xx:xx:xx:xx:xx:xx. If it’s a rogue router, you may not see it in your routers arp table. Kanan Simpson Network Services Engineer Valdosta State University From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Shayne Ghere Sent: Monday, February 27, 2017 10:11 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] MAC OSX Duplicate IP's Importance: High I’m reaching out since we just started having problems with users complaining about getting messages on their Mac’s about a duplicate IP address on the network. When looking in the ARP table of the Cisco Nexus switches, the mac address of their computer isn’t in there, however the IP address their machine has is owned by another mac address even though both the Controller and Prime doesn’t see that machine associated. I came across an article that the Arp Cache Timeout on the 6509’s was 300 seconds, but the Nexus (7K) has bumped it to 1500-1800 seconds now. That jives with what I’m seeing as the disassociation time of the original machine, and the duplicate message (within 20-25 minutes). The Arp-Cache timeout on the Controller is set for 1800 seconds, and was configured that way since September 2016 (Cisco WLC 8540) with no problems. This problem just cropped up within the past two weeks and is gaining steam. Out of the 30 or so devices, 38 are Mac’s and the other two are Windows 10 or Microsoft Surface tablets. This is only happening on our Secure 802.1x wireless network. We use Microsoft NPS for Radius and Linux DHCP/DNS. If anyone else is experiencing these issues, or could point us in the right direction, I would greatly appreciate it. Our Server/Radius team is fairly sure it’s not on their end, yet after talking with Cisco, I’m fairly positive it’s not the Controller/Wireless. Not finger pointing, just asking for some advice. Thanks in advance! Shayne -- T. Shayne Ghere Bradley University Wireless/Lan Network Engineer 1501 W. Bradley Ave, Jobst 224A (309) 677-3094 sgh...@fsmail.bradley.edu<mailto:sgh...@fsmail.bradley.edu> -- UPCOMING OUT OF OFFICE ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] MAC OSX Duplicate IP's
Hi Shayne, On 28/02/17 11:23, Shayne Ghere wrote: > Last count, we have 51 Apple TV's, but they aren't on the same network we're > having problems with. The TV's are either hard-wired or registered on a > Wireless network that's not secure and doesn't require any > authentication...just registration. Just to confirm, they're on a different subnet too? So the MAC addresses that is stealing the IP address, what sort of device are they? Even just the 3 octet prefix would help. > I'm not a MAC guys at all, so do all MACs have this feature? Can a MAC > laptop that is on our secure network do the same thing the Apple TV does and > create this problem? It's happening on Iphones/Apple Laptops about 98% of > the time, but only on the secured network. A Mac (let's keep MAC for the ethernet concept) can perform this function, the list according to Wikipedia is: Apple AirPort Express with firmware version 7.4.1 or 7.4.2[3] Apple AirPort Extreme with firmware version 7.4.1 or 7.4.2[3] Apple AirPort Time Capsule[3] Apple TV (all generations) Computers running Mac OS X Snow Leopard act as a Bonjour sleep proxy server when Internet sharing is enabled Thanks, -- James Andrewartha Network & Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] MAC OSX Duplicate IP's
You name it, we have it. Last count, we have 51 Apple TV's, but they aren't on the same network we're having problems with. The TV's are either hard-wired or registered on a Wireless network that's not secure and doesn't require any authentication...just registration. I'm not a MAC guys at all, so do all MACs have this feature? Can a MAC laptop that is on our secure network do the same thing the Apple TV does and create this problem? It's happening on Iphones/Apple Laptops about 98% of the time, but only on the secured network. I asked if there was a "secret" update that Apple may have pushed out a few weeks ago when it started, but no one seems to know. Thanks again! Shayne -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of James Andrewartha Sent: Monday, February 27, 2017 9:15 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] MAC OSX Duplicate IP's Hi Shayne, On 28/02/17 11:10, Shayne Ghere wrote: > I’m reaching out since we just started having problems with users > complaining about getting messages on their Mac’s about a duplicate IP > address on the network. > > When looking in the ARP table of the Cisco Nexus switches, the mac > address of their computer isn’t in there, however the IP address their > machine has is owned by another mac address even though both the > Controller and Prime doesn’t see that machine associated. > > I came across an article that the Arp Cache Timeout on the 6509’s was > 300 seconds, but the Nexus (7K) has bumped it to 1500-1800 seconds > now. That jives with what I’m seeing as the disassociation time of the > original machine, and the duplicate message (within 20-25 minutes). > > The Arp-Cache timeout on the Controller is set for 1800 seconds, and > was configured that way since September 2016 (Cisco WLC 8540) with no > problems. > > This problem just cropped up within the past two weeks and is gaining > steam. Out of the 30 or so devices, 38 are Mac’s and the other two > are Windows 10 or Microsoft Surface tablets. > > If anyone else is experiencing these issues, or could point us in the > right direction, I would greatly appreciate it. Our Server/Radius > team is fairly sure it’s not on their end, yet after talking with > Cisco, I’m fairly positive it’s not the Controller/Wireless. Not > finger pointing, just asking for some advice. Do you have any Apple TVs on your network? Apple devices have a lovely feature called the Bonjour Sleep Proxy that will respond to mDNS queries for a device that is asleep. The visible side effect is what you are seeing, the IP address is owned by another MAC address. What sort of devices are the ones stealing the IP addresses? For us, the solution was to statically (via DHCP) assign IPs to the Apple TVs. Thanks, -- James Andrewartha Network & Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] MAC OSX Duplicate IP's
Hi Shayne, On 28/02/17 11:10, Shayne Ghere wrote: > I’m reaching out since we just started having problems with users > complaining about getting messages on their Mac’s about a duplicate IP > address on the network. > > When looking in the ARP table of the Cisco Nexus switches, the mac > address of their computer isn’t in there, however the IP address their > machine has is owned by another mac address even though both the > Controller and Prime doesn’t see that machine associated. > > I came across an article that the Arp Cache Timeout on the 6509’s was > 300 seconds, but the Nexus (7K) has bumped it to 1500-1800 seconds > now. That jives with what I’m seeing as the disassociation time of the > original machine, and the duplicate message (within 20-25 minutes). > > The Arp-Cache timeout on the Controller is set for 1800 seconds, and was > configured that way since September 2016 (Cisco WLC 8540) with no problems. > > This problem just cropped up within the past two weeks and is gaining > steam. Out of the 30 or so devices, 38 are Mac’s and the other two are > Windows 10 or Microsoft Surface tablets. > > If anyone else is experiencing these issues, or could point us in the > right direction, I would greatly appreciate it. Our Server/Radius team > is fairly sure it’s not on their end, yet after talking with Cisco, I’m > fairly positive it’s not the Controller/Wireless. Not finger pointing, > just asking for some advice. Do you have any Apple TVs on your network? Apple devices have a lovely feature called the Bonjour Sleep Proxy that will respond to mDNS queries for a device that is asleep. The visible side effect is what you are seeing, the IP address is owned by another MAC address. What sort of devices are the ones stealing the IP addresses? For us, the solution was to statically (via DHCP) assign IPs to the Apple TVs. Thanks, -- James Andrewartha Network & Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
