ARP cache not adding MAC address
Hi,
We have a network in the company where visitors\customers can connect their PCs to pick up a IP address & access the internet via our cluster of Checkpoint firewalls. The problem we are having is that whenever somebody with a Mac tries to use this network they cannot access the internet although it works fine for all Windows based PCs. So to investigate I got hold of a IBook & made the following observations.
The gateway provided by the DHCP servers is a IP address (192.168.48.203) on a multicast mac address that represents both of the firewalls, which in turn have a physical address of 192.168.48.201 & 192.168.48.202 respectively. This is done to provide redundancy.
What happens on the IBook is that it picks up a DHCP address as well as the DNS & gateway address as supplied by the DHCP server, but then when you try to access the internet you have no joy. If you check the arp table you will then notice that the table have not been updated with the mac address of the 192.168.48.203 gateway. If you then manualy add the mac address of 192.168.48.203, using arp -s, it works fine or if you staticaly configure the IP address settings to use either 192.168.48.201 or 202 as gateways (which have unicast mac addresses) it also solves the problem & immediately updates the arp cache with the mac addresses of either of these two interfaces depending on which one you are using.
We put a sniffer on the network & could see that the mac address for 192.168.48.203 is being passed on to the IBook but for some reason it just does not update the arp cache with this details. Also tried this on some of the other networks we are running that uses the same concept & the same thing happens. As I mentioned no Windows hosts are having this problem & immediately updates their arp details to include the mac address of the .203 address.
On a Mac after obataining a DHCP address & running "netstat -r" you get the following:
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.48.203 UGSc 5 5 en1
127 localhost UCS 0 0 lo0
localhost localhost UH 9 2477 lo0
169.254 link#5 UCS 0 0 en1
192.168.48/22 link#5 UCS 1 0 en1
192.168.48.203 link#5 UHRLW 4 30 en1
192.168.51.1 localhost UHS 0 1 lo0
Then after adding the mac address manualy it looks as follows & works fine:
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.48.203 UGSc 26 6 en1
127 localhost UCS 0 0 lo0
localhost localhost UH 9 12353 lo0
169.254 link#5 UCS 0 0 en1
192.168.48/22 link#5 UCS 0 0 en1
192.168.48.203 1:0:5e:7c:0:48 UHLS 26 28 en1
192.168.51.1 localhost UHS
Any ideas why this is happening ?
Regards
IBook G4 Mac OS X (10.4.3)
We have a network in the company where visitors\customers can connect their PCs to pick up a IP address & access the internet via our cluster of Checkpoint firewalls. The problem we are having is that whenever somebody with a Mac tries to use this network they cannot access the internet although it works fine for all Windows based PCs. So to investigate I got hold of a IBook & made the following observations.
The gateway provided by the DHCP servers is a IP address (192.168.48.203) on a multicast mac address that represents both of the firewalls, which in turn have a physical address of 192.168.48.201 & 192.168.48.202 respectively. This is done to provide redundancy.
What happens on the IBook is that it picks up a DHCP address as well as the DNS & gateway address as supplied by the DHCP server, but then when you try to access the internet you have no joy. If you check the arp table you will then notice that the table have not been updated with the mac address of the 192.168.48.203 gateway. If you then manualy add the mac address of 192.168.48.203, using arp -s, it works fine or if you staticaly configure the IP address settings to use either 192.168.48.201 or 202 as gateways (which have unicast mac addresses) it also solves the problem & immediately updates the arp cache with the mac addresses of either of these two interfaces depending on which one you are using.
We put a sniffer on the network & could see that the mac address for 192.168.48.203 is being passed on to the IBook but for some reason it just does not update the arp cache with this details. Also tried this on some of the other networks we are running that uses the same concept & the same thing happens. As I mentioned no Windows hosts are having this problem & immediately updates their arp details to include the mac address of the .203 address.
On a Mac after obataining a DHCP address & running "netstat -r" you get the following:
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.48.203 UGSc 5 5 en1
127 localhost UCS 0 0 lo0
localhost localhost UH 9 2477 lo0
169.254 link#5 UCS 0 0 en1
192.168.48/22 link#5 UCS 1 0 en1
192.168.48.203 link#5 UHRLW 4 30 en1
192.168.51.1 localhost UHS 0 1 lo0
Then after adding the mac address manualy it looks as follows & works fine:
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.48.203 UGSc 26 6 en1
127 localhost UCS 0 0 lo0
localhost localhost UH 9 12353 lo0
169.254 link#5 UCS 0 0 en1
192.168.48/22 link#5 UCS 0 0 en1
192.168.48.203 1:0:5e:7c:0:48 UHLS 26 28 en1
192.168.51.1 localhost UHS
Any ideas why this is happening ?
Regards
IBook G4 Mac OS X (10.4.3)