F5 ARP "attack" Help

Steven Chen_1 · ‎12-23-2005

I hope to get some help from this resoureful forum while I can't any from vendor F5:

I have a F5 Loadbalancer and it constantly gets messages (every 2 seconds) from a windows based Symantec server that is in the same subnet:

---------------------------
F5 kernel: arp info overwritten for 172.16.100.101 by 00:0b:d
b:ac:09:e4
--------------------------

172.16.100.101 is Symantec server IP. F5 support says that the arp is from Symantec server, and F5 itself has nothing wrong.

Checking Symantec server finds nothing. Besides, all other Linux/hpux/windows servers in the same LAN do not behalve like this.

Is there anywhere I can check?

Any help is very appreciated.

Steven

Steve

John Waller · ‎12-23-2005

Is 00:0b:db:ac:09:e4 is the correct MAC address for the Symantec server and has it only one network card connected to the LAN. It could be for F5 is getting messages from 2 sources

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

F5 ARP "attack" Help

F5 ARP "attack" Help

Re: F5 ARP "attack" Help