Guest

Preview Tool

Cisco Bug: CSCtb29243 - ARP storm on inter-controller NAC scenario for quarantined client

Last Modified

Mar 01, 2018

Products (1)

  • Cisco 5500 Series Wireless Controllers

Known Affected Releases

5.1(163.0)

Description (partial)

Symptom:
 On NAC scenario using multiple controllers, ARP flood spikes are observed
(around 2500-5000 requests) on regular basis
 
 
 Conditions:
Later root cause analysis showed that the problem is caused by anchor
controller, looping ARP requests back into the quarantine vlan, when the
clients on quarantine status, are on mobile state. It is not related to any
security policy
.
 
 Client was on quarantine all the time.
 
 The anchor controller shows messages indicating that there is a mismatch on
vlan used to client forwarding:
 *Aug 10 08:29:12.084: %DHCP-4-INVALID_VLANID_ARP: dhcp_proxy.c:1035 ARP table
stores invalid vlan id 340, for the IP Addr 0x17e. Expected vlan id for this ip
address is 169238529
 *Aug 10 08:29:06.328: %DHCP-4-INVALID_VLANID_ARP: dhcp_proxy.c:1035 ARP table
stores invalid vlan id 340, for the IP Addr 0x17e. Expected vlan id for this ip
address is 169238529
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.