So.. something weird's happening:
I just deployed a new L2 switch with a mgmt vlan12. This vlan is trunked to an uplink switch, which is the default-gateway svi for the subnet.
The issue is: all devices connected to this vlan on the new switch cannot be pinged or accessed from either the new switch, default gateway (on uplink switch) or anywhere else on the network.
Gets even weirder: I did a capture on the new switch, I see the ping requests and responses, but looking further into it, my new device on vlan12 is sending the reply ping to the wrong MAC address.
Why would this happen?
Test device: 10.0.0.59
DG: 10.0.0.1
New SW mgt SVI: 10.0.0.15 <-- I can SSH into this fine.
new-switch#sh monitor capture test buffer
Starting the packet display ........ Press Ctrl + Shift + 6 to exit
1 0.000000 10.0.0.1 -> 10.0.0.59 ICMP 118 Echo (ping) request id=0x0149, seq=0/0, ttl=255 <-- request from uplink switch
2 0.000005 10.0.0.59 -> 10.0.0.1 ICMP 114 Echo (ping) reply id=0x0149, seq=0/0, ttl=64 (request in 1) <-- reply from new device
new-switch#sh monitor capture test buffer detailed
Starting the packet display ........ Press Ctrl + Shift + 6 to exit
--Ommitted--
Ethernet II, Src: ac:bb:6b:12:3f:35 (ac:bb:6b:12:3f:35), Dst: aa:36:bb:00:a1:b7 (aa:36:bb:00:a1:b7) <-- This MAC belongs to 10.0.0.40, not 10.0.0.1
--Ommitted--
Source: 10.0.0.59
Destination: 10.0.0.1
Internet Control Message Protocol
Type: 0 (Echo (ping) reply) <-- this packet is an ICMP response from my new device
Code: 0
--Ommitted—
Before you as: Yes, I checked the subnet mask and default gateway configuration on all the new devices, they match what's on the SVIs.
TL:DR
New devices in a certain vlan seem to be arping for the default-gateway, but getting the mac address of another node on the same vlan connected to the uplink switch (which unfortunately I don't have access to), so no one is able to connect to the new devices on that vlan on the new switch. Other vlans work fine.
No comments:
Post a Comment