I would start by turning on "debug arp" on the core switch to see if you can find a message that indicates why ARP might not be working (I'd log this to buffer instead of console). What other types of features have you enabled on the switch that could be related to ARP? Have you enabled dhcp snooping, dynamic arp inspection, etc?
hmm, this is an extract of settings which mention mac or arp. Not much really
switch virtual domain 100
switch mode virtual
mac access-list extended VSL-BPDU
permit any 0180.c200.0000 0000.0000.0003
mac access-list extended VSL-CDP
permit any host 0100.0ccc.cccc
mac access-list extended VSL-DOT1x
permit any any 0x888E
mac access-list extended VSL-GARP
permit any host 0180.c200.0020
mac access-list extended VSL-LLDP
permit any host 0180.c200.000e
mac access-list extended VSL-MGMT
permit any 0022.bdcd.d200 0000.0000.00ff
permit 0022.bdcd.d200 0000.0000.00ff any
mac access-list extended VSL-SSTP
permit any host 0100.0ccc.cccd
The access lists are used in rules for dhcp forwarding, among other things, but I can't see how they would be affecting things.
This only occurs on devices on th secondary subnet. If I move a printer to the new printer vlan, it works perfectly with its new IP.
No diagram yet, we just finished connecting it all up so I have a pending job to do presentable diagrams.
The config is simple enough:
2 x 4500 core switches, stacked.
The 4500s are functioning as the core routers
Show hardware/version returns:
Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSALK9-M), Version 03.09.00.E RELEASE SOFTWARE (fc1)
2 x C2960X access switches, stacked
Cisco IOS Software, C2960X Software (C2960X-UNIVERSALK9-M), Version 15.2(2)E6, RELEASE SOFTWARE (fc1)
BOOTLDR: C2960X Boot Loader (C2960X-HBOOT-M) Version 15.2(3r)E1, RELEASE SOFTWARE (fc1)
Access switches are connected to the core via 10Gb fiber
Since making this posting I've found a number of references to a known bug with secondary IPs.
Nkwo Peter, sorry, I don't follow what is you want to say.
Nkwo Peter Akachukwu wrote:
When there is configure LAN and service core. please try to find out from the server by ping all systems, to know which one are out from core switch. so start again to given them another IP address, if the system are not access the list.
If I ping from a box on another vlan, the ping fails. If I ping from a box on the same vlan and same ip subnet range, then it works.
If I ping from the same vlan in the same (secondary) subnet, it works.
Some printers will randomly stop, start working again and then stop again.
Some printers are not affected at all.