04-21-2017 05:55 AM
I've encountered an issue and would like to see if anyone else has experienced something similar. I have What's up Gold monitoring a few ICX 7450 switches in our network and one day I started recieving a flow of repeating emails referencing the following:
<hosname> IPSrcSec :Error while applying Source Guard
Logging onto the switch and checking the log it includes the above message as well as the following:
Apr 20 16:49:31:C:IPSrcSec :Error while applying Source Guard
Apr 20 16:49:30:W:IPSrcSec: Dhcp Snooped Ip addr x.x.x.x binding failed.
The workstation (x.x.x.x) is not getting added to the binding table but it is arping and is pingable. Now, if say, the IP is statically assigned on the workstation, why is Source Guard not enabling? Although, the port wasn't included in the log file I know what port the workstation resides on.
Has anyone experienced this? Any recommonded course of action?
04-27-2017 01:37 PM
Are the messages always on the same port or VLAN?
What happens if you view the binding for that port?
"show ip source-guard ethernet x/x/x"
Can you post your source guard config?
What software version are you using?
With source guard the port should only intially allow DHCP traffic