Guest

Preview Tool

Cisco Bug: CSCuq62621 - ASA: Standby unit sends wrong GARP after shared I/F down failover

Last Modified

Aug 07, 2017

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

8.4(7.22) 9.1(5) 9.1(5.10) 9.1(7.11)

Description (partial)

Symptom:
Occasionally, wrong Gratuitous ARP(GARP) is sent from standby unit for a moment, after failover is occurred due to shared interface down on the unit. When this issue is occurred, a following message of ARP collision will be seen on the unit.

%ASA-1-105007: (Primary) Link status 'Down' on interface inside1
%ASA-1-105007: (Primary) Link status 'Down' on interface inside2
      -- snip --
%ASA-2-405001: Received ARP request collision from 10.xx.xx.xx/a223.xxxx.xxxx on interface management with existing ARP entry 10.xx.xx.xx/a223.xxx.xxxx
        Switching to Standby
%ASA-1-104002: (Primary) Switching to STANDBY - Interface check

Conditions:
- Using Multiple Context Mode
- Each context shares one interface and same network segment
- Failover is occurred due to shared interface down
- ASAs are connected to Catalyst2960
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.