Why can’t I ping btw different IP subnets on same VLAN!
October 21, 2008 at 6:19 pm | Posted in IP Services, Routing | 1 CommentI came accross an interesting question, where we have a two routers, on the same VLAN, but are configured with IP belonging to different subnets(e.g 101.1.1.1/24 on one router and 102.1.1.1/24 on another router). No matter we configure static routes and proxy-arp, local proxy-arp, the two routers still cannot ping each other!
Here is the reason behind it.
By default, when routing is enabled, routers will not respond to arp requests from stations whose source IP addresses are not on the IP subnet that receives the request, regardless of whether proxy arp or local proxy arp is enabled or not.
When R1 try to ARP for R2 IP address, R2 will see the ARP comes from 101.1.1.1 on the interface that has IP of 102.1.1.1/24, and will ignore it.
R2#
*Mar 1 06:39:11.166: IP ARP req filtered src 101.1.1.1 0000.1111.1111, dst 101.1.1.2 0000.0000.0000 wrong cable, interface FastEthernet0/0
To disable this sanity check, you will have to use any of the following solutions:
1. Static ARP
R2#
arp 101.1.1.1 0000.1111.1111 arpa
2. Local Area Mobility (LAM)
R2#
interface FastEthernet0/0
mac-address 0000.2222.2222
ip address 102.1.1.1 255.255.255.0
ip mobile arp
See the debug message that R2 now does not complain any more about ARP from wrong subnet!
R2#
*Mar 1 06:43:15.334: IP ARP: rcvd req src 101.1.1.1 0000.1111.1111, dst 102.1.1.1 FastEthernet0/0 *Mar 1 06:43:15.334: IP ARP: sent rep src 102.1.1.1 0000.2222.2222,
dst 101.1.1.1 0000.1111.1111 FastEthernet0/0
3. Disable routing on both routers.
4. Configure secondary IP address.
The Local Proxy Arp or Proxy Arp are not required here.
– Local proxy arp is used, so that a router can work as proxy for two hosts on the same subnet, which normally can not communicate directly (e.g. Private VLAN or on protected port).
– Proxy arp (on by default) is used so that router responds on any ARP for subnets outside LAN subnet (e.g. when you have a default static route on R1 pointing to e0/0, instead of R2 LAN IP, you will need to enable R2 proxy arp (on by default).
As said above, both these options does not work in this case, because we have different IP subnets on the two routers, and by default, routers just ignore ARP request from each other.
1 Comment »
RSS feed for comments on this post. TrackBack URI
Leave a comment
Blog at WordPress.com.
Entries and comments feeds.
Cisco Notepad 
:S i had a same question in my mind today! searched for it ! got your post on search! but as i am trying solution provided here ! non of the initial 2 solutions provided worked for me :( … any help would be appreciated
Comment by amubeen— May 3, 2011 #