ARP requests sent to the specific hardware address of a secondary interface are not answered.

(Last modified: 19Jan2006)

This document (10087119) is provided subject to the disclaimer at the end of this document.

fact

Noell NetWare 6

NetWare 6.0 SP3

Servers configured for TCPIP load balancing

Novell NetWare Cluster Services 1.6

CISCO Express Forwarding (CEF)

symptom

Unicast ARP requests to secondary interface are not answered.

Workstations lose connection.

cause

When a Cisco router needs to resolve an Ethernet address to forward IP datagrams to the appropriate interface in the local Ethernet segment, it will broadcast its ARP request in case it has not resolved the Ethernet address before. If the destination IP address is of a NetWare host with Load Balancing enabled, the NetWare host replies with the Ethernet address of either the primary or a secondary interface in the Load Balancing interface group.
If a dynamic ARP entry expires at the Cisco router, the router will not broadcast its ARP request again, but, for efficiency purposes, it will unicast the ARP request to the Ethernet address mapped to the IP address in the expiring ARP entry. When this Ethernet address is of a secondary interface in the Load Balancing interface group of the Netware host, the Netware host will not respond to the ARP request. This behaviour of the NetWare ARP implementation is not consistent with the standard (see ftp://ftp.rfc-editor.org/in-notes/std/std37.txt), but, if it would reply, the Cisco router would always forward IP datagrams to the same interface, which defeats the purpose of inbound Load Balancing.

After having retried the unicast ARP request a few times, the Cisco router considers the destination host non-existent and stops forwarding IP datagrams to the destination IP address of the Netware host temporarily. It probably also returns ICMP Destination Unreachable, Host Unreachable messages to source hosts and existing IP connections through the Cisco router with the NetWare host will break. However, in case the Cisco router cannot resolve an Ethernet address per unicasted ARP request anymore, it should not consider the destination host non-existent, but it should assume the host may have moved to a different Ethernet address and hence it should delete the expired ARP entry and broadcast the ARP request again when it still has not received a reply after having retried unicasting the ARP request to the previous Ethernet address a few times. It seems that Cisco has adjusted this behaviour of their ARP implementation since at least Cisco IOS version 12.1.20.

fix

CISCO IOS version 12.1.20 will delete the former dynamic ARP entry and broadcast the ARP request after it timed out on waiting for the reply to the unicasted ARP request.

document

Document Title:	ARP requests sent to the specific hardware address of a secondary interface are not answered.
Document ID:	10087119
Solution ID:	NOVL92621
Creation Date:	19Sep2003
Modified Date:	19Jan2006
Novell Product Class:	NetWare Novell BorderManager Services

disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.