Re: ARP weirdness.
I'm guessing it was some sort of broadcast storm. Though a very confusing one -- if I unplugged the cable, it stopped. Plug it back in, and lo! Starts again. However, I finally gave up trying to supply the VLAN to the Linux box by way of a trunk, and just plugged the (still-tagged) interfaface straight in... and all was fine. So I guess I don't care (the box has, like, a zillion interfaces), but I'm still pretty darn confused by it. -Ken On 2017-11-10 18:48, Ben Scott wrote: > On Wed, Nov 8, 2017 at 4:49 PM, Ken D'Ambrosiowrote: >> Ubuntu box acting as a router for some subnets. >> >> [192.168.200.12] <-1302 VLAN->[switch]<-1302 VLAN->switch<-1302 VLAN-> >> [router @ 192.168.200.1] > > So, to clarify, the Ubuntu box is at .1? What is .12? > > Can you give a concise description of what else is on the VLAN? > >> The link is getting utterly spammed with ARP requests for >> 192.168.200.12. > > How are you determining this? Packet sniffer? If so, where? > > Are these ARP requests originating from the .1 box? You have verified > this by MAC address of the sending system? If you unplug .1 to test, > does the flood stop? > > One thought that immediately occurs to me is a broadcast loop. Any > chance of a physical loop (e.g., cable plugged into two switch ports > on the same VLAN)? Are you running spanning tree any/everywhere? > > What are the switches? Any particular config applied to the VLANs, > beyond the VLAN itself? Any weird config applied to the switch in > general? > > -- Ben > ___ > gnhlug-discuss mailing list > gnhlug-discuss@mail.gnhlug.org > http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: ARP weirdness.
On Wed, Nov 8, 2017 at 4:49 PM, Ken D'Ambrosiowrote: > Ubuntu box acting as a router for some subnets. > > [192.168.200.12] <-1302 VLAN->[switch]<-1302 VLAN->switch<-1302 VLAN-> > [router @ 192.168.200.1] So, to clarify, the Ubuntu box is at .1? What is .12? Can you give a concise description of what else is on the VLAN? > The link is getting utterly spammed with ARP requests for > 192.168.200.12. How are you determining this? Packet sniffer? If so, where? Are these ARP requests originating from the .1 box? You have verified this by MAC address of the sending system? If you unplug .1 to test, does the flood stop? One thought that immediately occurs to me is a broadcast loop. Any chance of a physical loop (e.g., cable plugged into two switch ports on the same VLAN)? Are you running spanning tree any/everywhere? What are the switches? Any particular config applied to the VLANs, beyond the VLAN itself? Any weird config applied to the switch in general? -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
ARP weirdness.
Hey, guys. Have an Ubuntu box acting as a router for some subnets. I have one VLAN, 1302, on which subnet 192.168.200.0/24 resides. The network looks a bit like this: [192.168.200.12] <-1302 VLAN->[switch]<-1302 VLAN->switch<-1302 VLAN-> [router @ 192.168.200.1] The link is getting utterly spammed with ARP requests for 192.168.200.12. Tens of thousands a second. AND it's also getting spammed (at a much reduced rate) with ARP responses. That, in-and-of itself is already pretty confusing. But what trumps it is the fact that the Linux box *already has 192.168.200.12 and the corresponding MAC in its local ARP table*. Thus precluding the need to even make ARP requests, much less tens of thousands a second. The box has been booted; it made no apparent difference. W. T. F. I'm kinda stumped on this, and would gladly accept any ideas... Thanks, -Ken ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/