Cisco SG300-20 Duplicate IP Address

I have a SG300-20 Switch in Layer 3 mode.
The switch IP, which is the gateway for VLAN 5 is 192.168.5.1

On Gi 3, a server on VLAN 5 is present.  It has an IP of 192.168.5.241

On the switch, I receive the log entries of:

%IPADTBL-N-IPDUPLICATE: Duplicate IP address 192.168.5.1 from MAC a0:b3:cc:eb:f2:2d was detected on VLAN 5, port gi3  

On Gi3 is a HP ML150 server.  Only one of the two nic's connected.  The MAC address of the NIC is A0-B3-CC-EB-F2-2A

It almost suggests to me that a sub address of the nic has the same ip as the default gateway.  (MAC 2A instead of 2D)

I cannot find anywhere on the server to change or remove an ip configured for that MAC address.   This is what I have done to troubleshoot:

I moved the connection to a different port on the switch, the dup went with the port change
I switched the physical connection from LAN 1 to LAN 2 on the server.  Gave the second NIC the same IP Settings as the first (it is a production server after all so an IP change isn't so easy).  Even changing the NIC didn't get rid of the duplicate message, the MAC did however change in the log on the duplicate to be the same as the new physical NIC, except once again changing the final character by a few.

So, i am at a loss.  I have absolutely no issues on the network, everything works great.  Everything finds the gateway properly.  I just have a concern with this duplicate IP error message.   It doesn't seem right to just accept such a logged note.

Anyone have any ideas how I can get rid of this message?

Thank you

Paul
LVL 5
TheMetalicOneAsked:
Who is Participating?
 
Hassan BesherConnect With a Mentor Commented:
why you don't try to hardcode you mac address with your sever interface, and i mean write it manually ,

i guess there are a lot of ways to do it, one of them to check you NIC driver advanced tab at device manager, check attached PIC

and restart you server as well as clear arp table in your switch, and see how it will go!
Change-Mac-manually.png
0
 
Greg HejlPrincipal ConsultantCommented:
what does the server do?  do you have any network monitoring software on it? Remote desktop software? VNC or such?
Could you post up an ipconfig /all on it?

Also run arp -a and post that, also please include the arp table from the switch
0
 
TheMetalicOneAuthor Commented:
Server handles file and print sharing.   It is a member server on a domain.

Remote Desktop Administration is enabled.
No VNC
No Network Monitoring Software either.

The info you requested below:  Thank you


**********
C:\Users\timothy>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : ADMINSERVER
   Primary Dns Suffix  . . . . . . . : domainname.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domainname.local

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . : domainname.local
   Description . . . . . . . . . . . : HP NC112i 1-port Ethernet Server Adapter
#2
   Physical Address. . . . . . . . . : A0-B3-CC-EB-F2-2A
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::7035:6842:368b:6950%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.5.241(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.5.1
   DHCPv6 IAID . . . . . . . . . . . : 312521676
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-B7-57-41-A0-B3-CC-EB-F2-2B

   DNS Servers . . . . . . . . . . . : 192.168.5.240
                                       192.168.2.235
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : HP NC112i 1-port Ethernet Server Adapter
   Physical Address. . . . . . . . . : A0-B3-CC-EB-F2-2B
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.tcsadmin.local:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : domainname.local
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{A20B867E-693E-40C8-9AB6-B971035B36B1}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

**************

C:\Users\timothy>arp -a

Interface: 192.168.5.241 --- 0xd
  Internet Address      Physical Address      Type
  192.168.5.1           64-d8-14-61-bc-4c     dynamic
  192.168.5.20          00-25-11-6a-7d-45     dynamic
  192.168.5.150         00-d0-b8-24-81-1f     dynamic
  192.168.5.240         d8-d3-85-ae-17-bc     dynamic
  192.168.5.255         ff-ff-ff-ff-ff-ff     static
  224.0.0.22            01-00-5e-00-00-16     static
  224.0.0.252           01-00-5e-00-00-fc     static

************

VLAN 1   00:00:85:8a:af:b0    GE18    
  VLAN 1   00:00:85:8b:53:45    GE19    
  VLAN 1   00:04:00:89:a0:f3    GE20    
  VLAN 1   00:09:6b:f2:87:d6    GE18    
  VLAN 1   00:0d:60:94:e3:3c    GE19    
  VLAN 1   00:0d:60:ee:15:d9    GE18    
  VLAN 1   00:0e:84:1c:d3:18    GE18    
  VLAN 1   00:11:85:39:58:00    GE19    
  VLAN 1   00:11:85:39:58:4f    GE19    
  VLAN 1   54:78:1a:49:fc:99    GE20    
  VLAN 1   54:78:1a:49:fc:ca    GE20    
  VLAN 1   5c:f9:38:c8:ec:87    GE19    
  VLAN 1   68:5b:35:af:d2:50    GE20    
  VLAN 5   00:d0:b8:24:81:1f    GE11    
  VLAN 5   a0:b3:cc:eb:f2:2a    GE3    
  VLAN 5   a0:b3:cc:eb:f2:2d    GE3    
  VLAN 5   d8:d3:85:ae:17:bc    GE6    
  VLAN 10   00:1c:10:f5:ed:a4    GE17    
  VLAN 99   00:0d:60:ef:81:f9    GE19    
  VLAN 99   00:0e:84:1c:d3:18    GE18    
  VLAN 99   00:21:29:ca:44:58    GE18    
  VLAN 99   00:21:29:ca:48:33    GE18    
  VLAN 99   c8:be:19:6e:10:eb    GE18    
  VLAN 99   c8:be:19:6e:11:21    GE19    
  VLAN 99   c8:be:19:6e:11:8d    GE19    
  VLAN 99   c8:be:19:6e:14:e9    GE19    
  VLAN 99   c8:be:19:6e:18:81    GE19    
  VLAN 99   c8:be:19:6e:18:89    GE19    
  VLAN 99   c8:be:19:6e:29:61    GE18    
  VLAN 99   c8:be:19:6e:2b:a9    GE19    
  VLAN 99   c8:be:19:6e:2e:05    GE19
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
TheMetalicOneAuthor Commented:
Is there anything you may be able to suggest for my issue?
0
 
Greg HejlPrincipal ConsultantCommented:
Please review all the installed programs and running processes for unrecognized instances.  
Also try Netmon3 to analyze traffic - looking for the rogue Mac Address.  This looks loke Bot behavior to me
0
 
TheMetalicOneAuthor Commented:
Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.