Guest

Preview Tool

Cisco Bug: CSCvv25978 - Duplicate ARP replies for IPv4 management address on FTD

Last Modified

Oct 24, 2020

Products (1)

  • Cisco Firepower 9300 Series

Known Affected Releases

2.9(1.88)

Description (partial)

Symptom:
Connected Switch is learning Two MAC Address for the same management ipv4 address from FTD.

Upon further checking in the FTDv found that one MAC address belongs to the physical interface(eth0) which is a valid one and the other MAC address belongs to the Bridge Interface (br1) .

root@firepower:/home/admin# ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:50:56:98:38:92
          inet addr:10.83.183.247  Bcast:10.83.183.255  Mask:255.255.255.0

root@firepower:/home/admin# ifconfig br1
br1       Link encap:Ethernet  HWaddr 00:50:56:98:a5:26
          inet6 addr: fe80::250:56ff:fe98:a526/64 Scope:Link

root@firepower:/home/admin# tcpdump -enn -r br1.pcap
reading from file br1.pcap, link-type EN10MB (Ethernet)
20:08:54.586594 00:50:56:98:66:c0 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 10.83.183.247 tell 10.83.183.226, length 46
20:08:54.586613 00:50:56:98:a5:26 > 00:50:56:98:66:c0, ethertype ARP (0x0806), length 42: Reply 10.83.183.247 is-at 00:50:56:98:a5:26, length 28
 
 
root@firepower:/home/admin# tcpdump -enn -r eth0.pcap
reading from file eth0.pcap, link-type EN10MB (Ethernet)
20:08:54.586161 00:50:56:98:66:c0 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 10.83.183.247 tell 10.83.183.226, length 46
20:08:54.586193 00:50:56:98:38:92 > 00:50:56:98:66:c0, ethertype ARP (0x0806), length 42: Reply 10.83.183.247 is-at 00:50:56:98:38:92, length 28 
20:08:54.586859 00:50:56:98:a5:26 > 00:50:56:98:66:c0, ethertype ARP (0x0806), length 60: Reply 10.83.183.247 is-at 00:50:56:98:a5:26, length 46  ß Same packet as above

Conditions:
FTD configured with management ipv4 address.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.