Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Source IP and/or VLAN mismatch

JonathanShapiro
Here to help
Tuesday
Tuesday

Source IP and/or VLAN mismatch

I have an SD-WAN network for about 30 locations using MX units.  All is working great, but in my two datacenters, I've noticed that I see event log entries regarding source IP and/or VLAN mismatches.  I've configured the LAN ports on these devices to run in Access mode rather than Trunk, yet the alerts persist.  The event log details list the source device, my downstream core switches.  I'm unsure why these alerts are being logged or why there is a conflict.  

 

Here's a sample entry:

 

Client: 192.168.100.3, MAC: 00:01:E8:D7:0D:28, VLAN: 1, details: sent 8895539 unexpected packets (Last seen packet IP=172.16.252.19)

 

The client is the core switch, and I would expect packets destined for that 172.16.252.19 to traverse the SD-WAN.

Labels:
0 Kudos
Subscribe
2 Replies 2
ww
Kind of a big deal
Kind of a big deal
Tuesday
Tuesday

It somehow detects 172.16.252.19 as packet on the lan side. 

You have a config with static routes? Dynamic routing? Or just vlans?

 

172.16.252.19 is a ip from a spoke?

You could try running a pakket capture of the lan side mx with filter "host 172.16.252.19"

0 Kudos
Subscribe
henrry81
Here to help
Tuesday
Tuesday

Yeah, understanding your routing config and VLAN setup will help troubleshoot this. Running a packet capture on the LAN side MX could also provide some clues.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.