Super-Networking Blog

I ran into an interesting problem today on our 7600 series router. One device on this router is unable to send traffic to anything on a particular subnet. There are lots of devices on the same VLAN that are about to access that same subnet and this device was up to the other day able to as well.

There is no access-list in between the two sites since the troublesome subnet is in another location. There doesn’t appear to be any routing issues on either router. The server that is having the issue appears to have all the right settings. We have found a weird workaround for this problem.

We are able to get the traffic to pass if we apply an access-list with a permit ip host (server ip) any and a permit ip any any in the in direction on the VLAN that the server in on. This causes the traffic to flow, if you remove the access list the traffic for this one server is once again not able to communicate to this one subnet. If I apply an access-list to this VLAN with just the permit ip any any the traffic will not flow either. All other interVLAN traffic to and from this server work just fine all the time. I have never see this before and for now have left the workaround in place.

If anyone else has run into this problem will reply to this post. I will update this will info as I get it.