Bad arp entry help

Posted on 2014-09-09
Last Modified: 2014-09-15
Hello EE,

One server "storage" gets a bad arp entry in the local arp cache for all users on the network and therefore users cannot connect . Once I delete the arp entry locally on a client pc for "storage" , then receive the correct ip to mac entry it works . The "bad mac" entry for storage  appears to be the cisco pix, I cleared the arp cache there as it did have a bad entry for "storage" . The pix arp cache is correct, however, users still receive a bad arp entry for "storage" , again, it is the cisco pix mac address. So again , have to use arp -d and the storage ip to get it to work again .

Any ideas?
Question by:davesnb
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 32

Expert Comment

ID: 40314388
Do they share the same IP address? By bad you mean its not the mac of the storage device but the MAC of the PIX.

harbor235 ;}

Author Comment

ID: 40314408
There is no ip conflicts on the network . There is an incorrect arp entry that occurs locally on al client pcs , the mac address is the mac address which is  the pix , when it should be the mac address of storage box. This results in users unable to connect to storage box.
LVL 32

Accepted Solution

harbor235 earned 500 total points
ID: 40314566
So I assume the default gateway is the PIX? in that case your arp tables should have an entry for the PIX. That being said
is the default GW IP associated with the bad entry?

Can you post your arp table (arp -a) and the result of "netstat -rn" for UNIX or route print on windows

harbor235 ;}
SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

LVL 32

Expert Comment

ID: 40314580
The other possibility is malicious code being executed by some system on your network to redirect traffic. I would put a sniffer on the network and locate the source of the bad arp entries if my other questions are not applicable.

harbor235 ;}
LVL 79

Expert Comment

ID: 40320815
Disable proxyarp in the pix inside interface

Author Comment

ID: 40321033
Ok will try those suggestions thanks

Author Comment

ID: 40323207
By unteaming the nics on the "storage" box and using the good nic as per the arp table when connections were successful , this seems to have resolved the issue.

Author Closing Comment

ID: 40323210
Arp table was useful in tracking down the  problematic nic card .

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
PIM sparse mode question 1 28
Internet browsers time-out but can ping and connect remotely 19 95
domain and forest trust 1 55
Reasons for disabling SMB signing? 5 50
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question