Strange issues on network

  Strange issues on network

    Hello Everyone

    I am having some very strange issues on our network. I have certain IPs that can access all networks/vlans locally but cannot access anything on remote networks These IPs seem to have no relation to each other. IP has issue while .49 does not. .20 has the issue while .21 does not.

    Another thing that is very strange is that when this issue is happening they cannot ping remote gateways that are on the same network. For instance client can access all hosts and gateway of but cannot access the wan gateway at .235

    Most of this has been on clients but now we have 2 servers that are affected on a different subnet but their issue is intermittent but displaying the exact same issues.

    I ruled out this been a computer issue by changing known good machines to use the same suspect IPs and they all have the same issue. I feel like this is some sort of PBR gone crazy or possibly a windows update that is affecting the IP stack.

    Has anyone heard of these issues with 3850's or a recent update creating strange behavior? It just seems like when the issue happens the packets cannot leave the switch.


    Re: Strange issues on network

    Haven't heard about any such corruptions of IP stacks, etc., and switches tend to work unless changed. Some more info is needed, like how many subnets/vlans, comparing 'ipconfig /all' results between clients that work and clients that don't, routing table comparisons, etc.

    Got a diagram with IP ranges to look at, with gateways identified? That'd be a help, here.
      Re: Strange issues on network

      Sounds like an issue with the switch, or possibly ARP poisoning.

      When this happens, run arp -a on an affected host immediately after trying to ping a non-reachable IP address, and see if there's a valid entry in the ARP table.

      If there's no entry for the IP address in question (or it says "00-00-00-00-00-00"), you should investigate the switches and cables, especially VLAN trunks between switches. Run show mac address-table on every switch between the non-reachable target system and the host to figure out where the connection is broken.

      If there seems to be a valid ARP entry, check the MAC address against that of the NIC on the target system (or the ARP table on another, unaffected host).