Comware Based
cancel
Showing results for 
Search instead for 
Did you mean: 

wrong duplicate IP error messages on A5500

 
lsaumure
Occasional Visitor

wrong duplicate IP error messages on A5500

I am setting up 3 A5500 switches to be deployed and I get duplicate IP address errors anytime I connect a device to one of the switches.

It only happens on one switch, I can clear the ARP table on all the switches and it does not make any difference. For some reason it always comes back saying that the address is already used on another port (the port is Gi1/0/52 and is the access link to the other switch)

 

All switch ports on same VLAN, and no trunk ports.

 

There is nothing else connected on these switches and there are definitelly no duplicate addresses tha would cause these errors. 

 

 

Apr 26 13:33:50:066 2000 BCC10-RM150 ARP/5/ARP_DUPLICATE_IPADDR_DETECT: Detected an IP address conflict. The device with MAC address 001b-38be-da74 connected to GigabitEthernet1/0/52 in VLAN 60 and the device with MAC address 001b-38be-da74 connected to GigabitEthernet1/0/18 in VLAN 60 are using the same IP address 132.156.60.100.

 

I have tried with 2 different devices that have different addresses and get the same result for both. Firmware was updated to the most current one an all the switches.

 

display version
HP Comware Platform Software
Comware Software, Version 5.20.99, Release 2220P02
Copyright (c) 2010-2013 Hewlett-Packard Development Company, L.P.
HP A5500-48G-PoE+ EI Switch with 2 Interface Slots uptime is 0 week, 0 day, 1 hour, 46 minutes

HP A5500-48G-PoE+ EI Switch with 2 Interface Slots with 1 Processor
256M bytes SDRAM
32768K bytes Flash Memory

Hardware Version is REV.C
CPLD Version is 002
Bootrom Version is 707
[SubSlot 0] 48GE+4SFP+POE Plus Hardware Version is REV.C
[SubSlot 1] 2 SFP+ Hardware Version is REV.A
[SubSlot 2] 2 SFP+ Hardware Version is REV.A

38 REPLIES
lsaumure
Occasional Visitor

Re: wrong duplicate IP error messages on A5500

More information in case it helps get an answer:

 

I am setting up 3 A5500 switches to be deployed and I get duplicate IP address errors anytime I connect a device (PC) to switch1 and ping the PC from it's console port.

 

Switch1 132.156.60.3 /23  (really 2 A5500 switches stacked through 10Gb ports at the back so 1 appears as 1 switch) 

 

[switch1]display irf configuration
MemberID NewID IRF-Port1 IRF-Port2
1 1 Ten-GigabitEthernet1/1/1 Ten-GigabitEthernet1/2/1
Ten-GigabitEthernet1/1/2 Ten-GigabitEthernet1/2/2
2 2 Ten-GigabitEthernet2/1/1 Ten-GigabitEthernet2/2/1
Ten-GigabitEthernet2/1/2 Ten-GigabitEthernet2/2/2


Switch2 132.156.60.13 /23
switch3 132.156.60.14 /23

 

Switch1 connected by Gi1/0/52 to switch2 Gi1/0/25, swtch2 connetced by Gi1/0/26 to switch3 Gi1/0/25 

 

PC1 (connected to switch1 Gi1/0/40) 132.156.60.200 /23
PC2 (connected to switch2 Gi1/0/12) 132.156.60.100 /23


This error only happens on switch1, I can clear the ARP table on all the switches and it does not make any difference. For some reason it always comes back saying that the address is already used on  port is Gi1/0/52 which is the access link to switch2

All switch ports on same VLAN, and no trunk ports.

There is nothing else connected on these switches and there are definitelly no duplicate addresses that would cause these errors.


I have tried with the 2  PCs that have different addresses and get the same result for both. Firmware was updated to the most current one an all the switches.

display version
HP Comware Platform Software
Comware Software, Version 5.20.99, Release 2220P02
Copyright (c) 2010-2013 Hewlett-Packard Development Company, L.P.
HP A5500-48G-PoE+ EI Switch with 2 Interface Slots uptime is 0 week, 0 day, 1 hour, 46 minutes
HP A5500-48G-PoE+ EI Switch with 2 Interface Slots with 1 Processor
256M bytes SDRAM
32768K bytes Flash Memory
Hardware Version is REV.C
CPLD Version is 002
Bootrom Version is 707
[SubSlot 0] 48GE+4SFP+POE Plus Hardware Version is REV.C
[SubSlot 1] 2 SFP+ Hardware Version is REV.A
[SubSlot 2] 2 SFP+ Hardware Version is REV.A

 


<switch1>display arp
Type: S-Static D-Dynamic
IP Address MAC Address VLAN ID Interface Aging Type
132.156.60.200 0015-609c-c17c 60 GE1/0/40 18 D
132.156.60.13 d07e-2884-0c7f 60 GE1/0/52 4 D
132.156.60.100 001b-38be-da74 60 GE1/0/52 20 D

From console on switch1, I then ping directly connetcted PC1 and immediatelly start to get duplicate IP errors


<switch1>ping 132.156.60.200
PING 132.156.60.200: 56 data bytes, press CTRL_C to break
%Apr 27 10:13:19:380 2000 BCC10-RM150 ARP/5/ARP_DUPLICATE_IPADDR_DETECT: Detected an IP address conflict. The device with MAC address 0015-609c-c17c connected to GigabitEthernet1/0/40 in VLAN 60 and the device with MAC address 0015-609c-c17c connected to GigabitEthernet1/0/52 in VLAN 60 are using the same IP address 132.156.60.200.
Request time out
Request time out
Request time out
Request time out
Request time out

--- 132.156.60.200 ping statistics ---
5 packet(s) transmitted
0 packet(s) received
100.00% packet loss

 

<switch1>display arp
Type: S-Static D-Dynamic
IP Address MAC Address VLAN ID Interface Aging Type
132.156.60.13 d07e-2884-0c7f 60 GE1/0/52 3 D
132.156.60.100 001b-38be-da74 60 GE1/0/52 20 D
132.156.60.200 0015-609c-c17c 60 GE1/0/52 20 D

 

If I disconnect Switch1 Gi1/0/52, no errors are reported. Also this error does not happen on the other 2 switches if I connect the PCs to them and ping them.

 

[switch1]display current-configuration
#
version 5.20.99, Release 2220P02
#
sysname switch1
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
#
domain default enable system
#
undo ip http enable
#
password-recovery enable
#
vlan 1
#
vlan 60
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
group-attribute allow-guest
#
cwmp
undo cwmp enable
#
interface NULL0
#
interface Vlan-interface60
ip address 132.156.60.3 255.255.254.0
#
interface GigabitEthernet1/0/1
port link-mode bridge
port access vlan 60

 

(all ports repeat same config until Gi2/0/28)

 

interface GigabitEthernet2/0/28
port link-mode bridge
port access vlan 60
shutdown
#
interface Ten-GigabitEthernet1/1/1
#
interface Ten-GigabitEthernet1/1/2
#
interface Ten-GigabitEthernet1/2/1
#
interface Ten-GigabitEthernet1/2/2
#
interface Ten-GigabitEthernet2/1/1
#
interface Ten-GigabitEthernet2/1/2
#
interface Ten-GigabitEthernet2/2/1
#
interface Ten-GigabitEthernet2/2/2
#
load xml-configuration
#
load tr069-configuration
#
user-interface aux 0 1
user-interface vty 0 15
#
irf-port 1/1
port group interface Ten-GigabitEthernet1/1/1 mode normal
port group interface Ten-GigabitEthernet1/1/2 mode normal
#
irf-port 1/2
port group interface Ten-GigabitEthernet1/2/1 mode normal
port group interface Ten-GigabitEthernet1/2/2 mode normal
#
irf-port 2/1
port group interface Ten-GigabitEthernet2/1/1 mode normal
port group interface Ten-GigabitEthernet2/1/2 mode normal
#
irf-port 2/2
port group interface Ten-GigabitEthernet2/2/1 mode normal
port group interface Ten-GigabitEthernet2/2/2 mode normal
#
return

 

Any insights?

dunipj
Occasional Contributor

Re: wrong duplicate IP error messages on A5500

Hi,

 

Did you get any solution for the problem ? I'm with the same problem here, messages ARP_DUPLICATE_IPADDR_DETECT, but i'm sure that there isn't duplicated MAC. I've two A5500 and i'm using IRF too.

 

Tks

Fredke
Occasional Visitor

Re: wrong duplicate IP error messages on A5500

Does anyone have a sollution for this problem, i have the same issue.

 

 

 

KrisVe
Visitor

Re: wrong duplicate IP error messages on A5500

Same problem here, has anyone found a solution?

 

Kind regards,

Kris

MichaelM55
Trusted Contributor

Re: wrong duplicate IP error messages on A5500

system-view
mac-address mac-roaming enable

 Let´s see whether this will help...

As alway try latest firmware (boot-loader and bootrom): R2220P10

paulgear
Esteemed Contributor

Re: wrong duplicate IP error messages on A5500

Hi Michael,

 

Which switch models would you expect that command to be available on?  I've got a 3100 EI v2 on 5203P03 reporting this message, but there's no sign of the mac-roaming option.

Regards,
Paul
paulgear
Esteemed Contributor

Re: wrong duplicate IP error messages on A5500

And a quick follow-up: this page suggests that "arp ip-conflict prompt" might be useful http://translate.google.com.au/translate?hl=en&sl=zh-CN&u=http://forum.h3c.com/forum.php%3Fmod%3Dviewthread%26action%3Dprintable%26tid%3D141911&prev=/search%3Fq%3D%2522ARP_DUPLICATE_IPADDR_DETECT%2522%26hl%3Den%26biw%3D1920%26bih%3D959

However, the manuals suggest that this is related to gratuitous ARP, not ARP in general (although in my case the ARP frame may be gratuitous).
Regards,
Paul
Bo Mathiasen
Visitor

Re: wrong duplicate IP error messages on A5500

Hi there

 

did any of you find the cause and solution to this problem. We are seeing the same error, and we are also using A5500 in IRF.

 

BR

Bo

it_ejvnior
Frequent Advisor

Re: wrong duplicate IP error messages on A5500

Hi.

I have the same issue on my environment.
The scenario is:

1 HP A5500 HI 48G as the network core.
5 HPE V1910 48G connected to the core switch through a 2GB LAG each switch.
1 Cisco ASA 5505 plugged in the GI1/0/48 (core).

Some VLANs was created in the switches.

The default gateway of the network is the switch core and they has a static route, routing all the traffic to the firewall.
The firewall has a static route, routing all the traffic to the WAN IP.

I'm quite sure about the LAN's IP addresses and every day I receive a message posted below:

Detected an IP address conflict. The device with MAC address 7081-05be-9b7e connected to Bridge-Aggregation5 in VLAN 1 and the device with MAC address 7081-05be-9b7e connected to Bridge-Aggregation7 in VLAN 1 are using the same IP address 192.168.11.23.


But this specific device is plugged in in the Switch called 7 in the network. The LAGs received the number that corresponds to the switch name to identify the traffic.

What should I do to solve this issue?

Thanks in advance.

16again
Respected Contributor

Re: wrong duplicate IP error messages on A5500

From the number of users reporting this, a loop in your networks seems unlikey.  If you're already running latest A5500 firmware, try command from google translate link above to mask this error.

it_ejvnior
Frequent Advisor

Re: wrong duplicate IP error messages on A5500

Does the commands will only mask or will solve the problem?
I'm asking this because I'm thinking that the problem perhaps can be caused by an out of date NIC driver. Or am I wrong thinking this way?
Thanks.
16again
Respected Contributor

Re: wrong duplicate IP error messages on A5500

Highly unlikely that a faulty NIC driver will loopback received packets. 
If these message are really caused by an issue on the network, the NIC with mentioned IP & MAC address isn't to blame.
Troubleshooting should focus on finding loopback on network port/segment where the duplicate address is detected

it_ejvnior
Frequent Advisor

Re: wrong duplicate IP error messages on A5500

I have two buildings interconnected by a layer 2 ISP switches. The company is in the building #1 and our datacenter is in the building #2.

In the #2 I have another HPE V1910 48G and to provide access to a video solution, another switch (Dell) is plugged in the HPE through a fibre channel.

Yesterday I powered off this uplink to the Dell switch and "magically" the duplicated IP addresses alarm stopped from appear in the core switch. So I started to think that with this topology (each switch plugged in directly to the core (LAG 2GB)) I can not plug in another switch in the network that is not plugged directly to the core switch. This is my doubt now.

I appreciate the answers and as soon as possible I will post another comments.

 

EDIT #1: In my case this is a problem related to the NETBios name too. The company has some OS X workstations.

Thanks in advance.

16again
Respected Contributor

Re: wrong duplicate IP error messages on A5500

You should be able to plug in extra switch behind 1910 without problems.....as long as you're not creating a loop anywhere. Do 1910 and dell logs show related events?

it_ejvnior
Frequent Advisor

Re: wrong duplicate IP error messages on A5500

Dell does not show nothing. HPE sometimes show the log error "gi1/0/x is up, down, up,down" but nothing more than that. I found today some machines alarming in the core switch and I discover that was the WINS server. I stopped the WINS and remove the option in the DHCP scope to distribute the wins (44 and 46 options). Now the OSx does not alarming anymore.
Another strange behaviour that happens is when I do a reboot in the server (can be the file server for an example) all other machines over the LAN loses the internet communication. In the afternoon today the building loses the electricity but the technical room has a no break to avoid this scenario because it happens almost one or two times per week. Speaking the truth, all the company loses the internet connection. I was forced to reboot the core, cleaning the arp table of all other switches. Unsatisfied I rebooted the core again and after this I was able to ping the firewall. :/
It is very strange.

RSTP is active only in the core switch with BPDU protection. All other switches are disable even the Dell that I disable RSTP today.

I am starting to think to left this area.

Thanks a lot.
16again
Respected Contributor

Re: wrong duplicate IP error messages on A5500

Why not use STP on other switches too?  It's designed to break loops, and maybe a loop is causing this

it_ejvnior
Frequent Advisor

Re: wrong duplicate IP error messages on A5500

Should I enable rstp on all other boxes even if the rstp is enable on the core switch? I think if the core is the default gateway and the network core (routing everything) and all other switches are plugged in in the core, I don't need to enable in other switches, because the root of the network is controlling this. But I'm seeing that I'm wrong to think that. There's at least 8 vlans created in the switches, all 1910 has only the VID and the 5500 has the VID with the ip which is the gateway of that vlan. Can I assume the rstp default values in a port based vlan? Thank you.
16again
Respected Contributor

Re: wrong duplicate IP error messages on A5500

On a routed network, there's still a place for STP on the access switches.  You will get multiple stp  domains.   Use bpdu guard on access ports, so if you do interconnect access switches by accident, this link will block so packets can't leak to wrong core interface

it_ejvnior
Frequent Advisor

Re: wrong duplicate IP error messages on A5500

Ok. Do I use the default values when enable rstp in the access switches? Enabling rstp can cause a loss of connectivity?
Sorry for the number of questions.
I let you know about the procedure.

Thanks.
16again
Respected Contributor

Re: wrong duplicate IP error messages on A5500

at least, make sure STP root priority on root is superior (=lower).

If somehow a single STP domain is created , instead of multiple domains across L3 links, ports from core will never be blocked by STP

it_ejvnior
Frequent Advisor

Re: wrong duplicate IP error messages on A5500

I did not realize this procedure yet and I have the follow situation.

When I shutdown the core switch port (GI1/0/2 - L2 through ISP switches to the building #2 for an example) I loss the conectivity with the machines inside the building #1.

Through LLDP neighborhood I am unable to discover the building #2 leg.

I have a VPN tunnel from Equinix Data Center to the environment #1, so I log in in the core through this VPN and reboot the device. After this the machines appear online again and I am able to ping some specific devices through this tunnel.

This is a very strange behaviour. Yesterday I reboot the domain controller and the same situation happen, loss of conectivity obligating me to reboot the device.

Do you think that RSTP can solve this breaks?

Again, thanks in advance.

16again
Respected Contributor

Re: wrong duplicate IP error messages on A5500

Normally after STP changes, the network should converge .  After rebooting a switch, the network should converge....to the same situation.
However if some port protection mechanisms (like port security , bpdu guard) has kicked in, and no auto-recovery is configured, a reboot is a way to get connectivity back.   (a crude way I might add)
Prior to reboot, review switch log files



it_ejvnior
Frequent Advisor

Re: wrong duplicate IP error messages on A5500

Well, what I did last friday I will list below. All procedures are did on the core switch.

Through ssh connection I list the stp brief.

All ports was listed as "forwarding" and BPDU protection are disabled.

So, in the ports that are connected the servers I did the command enable stp edge-port. After this the BPDU protection is enable listing in stp brief.

A doubt appear after. The GI1/0/48 is the firewall ASA 5505 port. Should I enable stp edge-port in this port too?

After this procedure I did the command undo shutdown on the GI1/0/2 which is a trunk port to the building #2. The convergence time was the loss of 8 pings to the firewall and it starts to ping again but I think the convergence time could be more faster or am I wrong?

Thanks in advance 16again.

EDIT #1: About auto recovery. Where I can enable this feature?

16again
Respected Contributor

Re: wrong duplicate IP error messages on A5500

The ASA5505 doesn't run STP, so you can use edge port settings.
Port recovery is configured with "shutdown-interval <number of seconds>" command.
Default recovery =30 seconds, don't set to 0 (=no recovery)

On the ISP L2 link, you might consider blocking all incoming/outgoing BPDUs on attached ports. There's only one path between building so loops can't be formed there.

Are you running a routing protocol? If the 5500 route table is messed up, you'll also lose connectivity. (what's 5500 config?)