Shayne, Just curious, have you confirmed it’s not a rogue DHCP or router that popped up within that time? If not already performed, run wireshark or a packet capture on the machines in question and filter out the dhcp packet and see who is offering the leases. That filter would be bootp.hw_macaddr== xx:xx:xx:xx:xx:xx. If it’s a rogue router, you may not see it in your routers arp table.
Kanan Simpson Network Services Engineer Valdosta State University From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[email protected]] On Behalf Of Shayne Ghere Sent: Monday, February 27, 2017 10:11 PM To: [email protected] Subject: [WIRELESS-LAN] MAC OSX Duplicate IP's Importance: High I’m reaching out since we just started having problems with users complaining about getting messages on their Mac’s about a duplicate IP address on the network. When looking in the ARP table of the Cisco Nexus switches, the mac address of their computer isn’t in there, however the IP address their machine has is owned by another mac address even though both the Controller and Prime doesn’t see that machine associated. I came across an article that the Arp Cache Timeout on the 6509’s was 300 seconds, but the Nexus (7K) has bumped it to 1500-1800 seconds now. That jives with what I’m seeing as the disassociation time of the original machine, and the duplicate message (within 20-25 minutes). The Arp-Cache timeout on the Controller is set for 1800 seconds, and was configured that way since September 2016 (Cisco WLC 8540) with no problems. This problem just cropped up within the past two weeks and is gaining steam. Out of the 30 or so devices, 38 are Mac’s and the other two are Windows 10 or Microsoft Surface tablets. This is only happening on our Secure 802.1x wireless network. We use Microsoft NPS for Radius and Linux DHCP/DNS. If anyone else is experiencing these issues, or could point us in the right direction, I would greatly appreciate it. Our Server/Radius team is fairly sure it’s not on their end, yet after talking with Cisco, I’m fairly positive it’s not the Controller/Wireless. Not finger pointing, just asking for some advice. Thanks in advance! Shayne ---------------------------------- T. Shayne Ghere Bradley University Wireless/Lan Network Engineer 1501 W. Bradley Ave, Jobst 224A (309) 677-3094 [email protected]<mailto:[email protected]> ---------------------------------- UPCOMING OUT OF OFFICE ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
