Cisco and ARP troubles

[Warren Togami]

Eric Hagen wrote:

> If you are dealing with Cisco outside and switches inside, you should
> always be able to ping.  In most cases that is still handled on a MAC
> address to MAC. If its not; then most systems allow you to do a MAC to MAC
> test for connectivity and signal.

This worries me.  MAC to MAC should always work, but I forced a MAC match
and it still didn't work.  But then again, I've never dealt with Cisco
hardware before.

>
> I would instead try to add a new "test system" on the same ethernet subnet
> inside, running tcpdump to examine what is happening on the inside
> network.

This works even on a switched segment?

>
> With all respect to your skills and knowledge, this really sounds like a
> config problem with your internal NIC, or routing, or the firewall rules.

Internal NIC - I doubt this is the problem.  It worked fine plugged into the
same switch port but using another IP address.
Routing - Depends on what you mean by routing.  If this is on the Cisco side
then I have no clue what's going on there.
Firewall rules - My iptables chains are blank at this point.

> The easiest answer would be a sniffer on the internal LAN segment, or you
> may be able to do the same with your switches depending on their
> capabilities.  I use FORE, they suck, and it was not my choice. The same
> result could be gotten just running tcpdump on your internal NIC to see
> what it is recieving off of the LAN if you have it installed on the box.

Yeah, I'll try tcpdump next.  The entire thing is switched, so I think I
will need a reflector to that port.

>
> If you don't figure it out real soon, let me know and I can hit up some of
> my friends who will be able to give me a little more info from the
> CISCO side.
>
> Eric Hagen                  "Sometimes we get lost in the darkness,
> ehagen at Hawaii.Edu      the dreamers learn to steer by the stars..."
>     "You fight for something because it is good.
> Not because it stands to succeed."
>