Strange Cisco/Foundry ARP issue

Got a real world issue here for ya'll. Here's the breakdown.

We have a 3700 series router that has a network coming off of it at a remote site. It WAS connected to a Cisco 6509, which eventually trickled down into our distribution layer. I should mention, the 6509 and 3700 are the only cisco devices we have in/near our core layer..the rest of the network minus a handful of access-layer switches are all Foundry.

That being said, we have to migrate the 3700 from the 6509 to one of the Foundry BigIron switches. Should be pretty easy..create the vlan on the BigIron, configure a virtual interface, with the IP off of the Vlan interface of the router coming off of the 6509..easy enough.

We configured it all properly (I believe), but we have a very weird issue. This has arisen with another node, although that one seemed to have come up on it's own.

The Cisco 3700 network will NOT get connectivity when connected to the Foundry BigIron. Upon some digging, I found no ARP entry for the 3700..problem fixed right? Created a static ARP entry..no-go. I checked the ARP table on the 3700, and found the MAC for the Foundry device, but under IP address "incomplete". I ran a debug on the ARP process on the 3700, and discovered it was sending our ARP requests, but never getting replies. I moved the 3700 back to the 6509, and surely enough, it got ARP replies. It seems as if the foundry is not sending ARP responses at all.

Did some homework, and the ARP table times out on foundry's at 10 mins by default, whereas the cisco is 4 hours. I can't, for the life of me get this to go, however.

I'm just looking for some input as to what to check on the foundry. CPU usage is very low, changed interfaces (incase the issue was a bad GBIC), you name it. Can't seem to crack this one.

Basically, I've narrowed it down to what device is causing the issues, but I can't find if maybe there's some strange issue with Foundry and Cisco devices. I trunk the lower end foundry switches to cisco's all day long on the access switches..and I haven't run into this issue at all.

The only thing I did notice, was the MTU on the Cisco was set at 1500, whereas the Foundry was 1518. I raised the Cisco's to 1518, but no go. Interfaces all show up/up, no errors..

Appreciate any input. I know this is a little novel here. Just wanted to bounce some ideas around so maybe when I tackle it tomorrow I'll have some new things to check.

Thanks guys.

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

khellman

If you have a VLAN tagged interface on the BI, the problem is likely that the Cisco is sending it's managment traffic on the default VLAN as untagged packets.

If you don't need multiple VLAN's, just change the interface to untagged.

If you do need multiple VLAN's, you need to set the interface on the Foundry to "dual-mode", where the untagged VLAN is the 3700's management subnet.

vlan 10 name data
tagged e 1/1
router-int ve 10

vlan 20 name management
tagged e 1/1
router-int ve 20

interface e 1/1
dual-mode 20

Mrock4

Outstanding, I never even thought of that. I'm going to try this tomorrow..it sounds like it may very well do the trick. I'll let you know how it goes. Thanks!

Mrock4

I came in to work expecting to try that, and it turns out the Foundry tech got it going. None of our VE's on the Foundry have specific OSPF statements under them (bear in mind, it's a Layer 3 switch), but for whatever reason this one requires it. It really doesn't make a lot of sense to me, as our configuration mirrors the other VE's, but I guess whatever works.