Setup is 5x 3com SuperStack Switches, 3x HP DL 380's, 1x NetApp Filer routed through to 1x PIX 515e.
So my problem is that occasionally I lose a device off the network. It won't completely drop from the network, but my machine will lose any kind of connection to it. The same might happen from a different machine, but not at the same time. Random machines will lose connection to another random machine at random intervals!!!
The confusing thing is that when the machine 'disappears', the PIX replies to the ARP request!!!
I have Packetyzer monitoring the network traffic, and I see an ARP request going out from my machine, and then the PIX replying to this ARP request. But this only happens randomly, and as I say, with random machines.
I've removed Broadcast Storm control from the 3com's, no VLAN's are in place, and no special routing is setup on the PIX. I can setup static ARP records on the PIX, but this isn't an ideal solution, and is it going to stop the PIX replying with it's own MAC address?
In article , Chris Kranz wrote: :I have a strange thing on my network...
:Setup is 5x 3com SuperStack Switches, 3x HP DL 380's, 1x NetApp Filer :routed through to 1x PIX 515e.
:So my problem is that occasionally I lose a device off the network. It :won't completely drop from the network, but my machine will lose any :kind of connection to it.
:The confusing thing is that when the machine 'disappears', the PIX :replies to the ARP request!!!
I knew I recognized this... this is the "Losing connection" thread from comp.dcom.lans.ethernet .
formatting link
I see you took my advice there and snooped and saw the ARPs that I hypothesized then.
You didn't happen to mention then, and didn't mention now, which PIX software version you are running.
When you see the ARP reply coming from the PIX, does it have the PIX's MAC -and- IP ?
The 3Com Superstacks: as I recall those are usually layer 2 switches, but there was [I seem to recall] layer 3 extensions available for them. You have 5 of them for a network that you imply contains only 3 hosts, so are they running routing, or are they connected in an unusual topology, or are they running a redundancy protocol or the like?
Are you running any kind of routing protocol in-house? Is your PIX emitting a default route towards the inside, which is normally overridden by something with a better route but that something drops the ball?
The machines that you lose connection with, are they are the same subnet as "your machine" ?
Is this happening -only- to "your" machine, or to several machines in your network? What OS is "your" machine running? (Is it one of the Proliants?)
I had an unmanaged gigabit switch, which i've since ripped out and replaced with a superstack 3 10/100 which gives me a little more control of the traffic. i've ripped out as much of the management as i can, lowered the arp cache to 60 seconds, removed broadcast storm control and the multicast filtering. no link aggregation.
there's 4x superstack 4200's which have both gigabit ports going into a superstack 4400. originally there was an unmanaged 3com gigabit switch which these plugged into. there's no real need for 2 uplinks, other than a little redundancy and speed. i appreciate that without link aggregation or any management across these 2 ports this is pretty redundant though, and probably pointless!!!
only thing i've done, which is from today, is added static arp records onto the pix for the 4 main servers / filer, although not for my own machine.
I have 3 main servers another 3 servers, 1 file server, vpn 3000 and pix and about 50 users. all on the same subnet, all using the same default route which is the PIX. No internal routing setup, no routing protocols, dhcp on one of the servers dishes out the default route and IP's.
All clients are using Windows XP (including myself and on SP2), majority of servers are running Windows 2003. I'm hesitant to put it down to an OS problem as I've ironed out much of the problems i had with the proliant to begin with, and the same problem is occuring on the NetApp filer.
I lose the connection randomly on random machines which are plugged into any number of the 5 switches.
I've fairly new to getting into this much detail when it comes to networking, so i'm learning a lot, very quickly! so apologise for my ignorance. hope this is enough to give you more of a clue?
I'm guessing the first option here has solved my problems, things seem to be running perfectly now, I've re-plugged in the unmanaged gigabit switch, and everything seems to be great!!!
What is the proxyarp on the PIX for? And why was it causing these problems? Not sure whether the pix has stopped responding to ARP requests, or if it still is, whether it's giving a correct record now that I've added in static records. Will go through my packet logs, but I'm guessing the PIX has stopped responding.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.