When installing an Ecessa appliance into an existing network, it is important to consider the effects to the neighboring devices. The most common cause of connectivity loss is MAC address mismatches in the ARP table. If a router was previously connected directly to a firewall, it cached the firewall's MAC address in its ARP table while the firewall cached the router's MAC address in its ARP table. However, by installing the Ecessa appliance between these devices the Layer 2 addresses will change and packets dropped.
To determine if this is the cause of the issue, please take these steps:
1. Ensure the cabling is good and all devices are configured correctly.
2. If logged into the Ecessa appliance, check the ARP table by going to Diagnostics -> ARP Table in the web interface. Look for the router and/or firewall entry and confirm the IP and MAC addresses are correct. If working properly, the "State" will be REACHABLE. If not working properly, the "State" will say FAILED. The Ecessa provides the ability to send a gratuitous ARP to update the ARP cache of neighboring devices by clicking the Update button. Please refer the article "How do I update the ARP cache on neighboring devices?" for more information.
3. If logged into the Ecessa appliance, run a traffic capture to determine if ARP is being sent or responded to by going to Diagnostics -> Traffic Dump in the web interface. Choose the "Interface Port for" as the port to listen for traffic then click the Start button. Is there traffic on the port? If so, what MAC addresses are being sent from/to? To find out, hover the mouse over the Source or Destination IP address to display the MAC address. Please refer to the article "How to use the Traffic Dump Utility" for more information. Typically, traffic will show the router and/or firewall sending to the cached MAC address instead of the Ecessa appliance's MAC address.
4. Clear the ARP cache on the neighboring devices. Although the Ecessa appliance provides the ability to send a gratuitous ARP, not all devices will accept these types of packets at which point the ARP cache will need to be flushed so new entries are accepted. This can be done manually by logging into the router/modem or rebooting the device.
0 Comments