Carl Johnson on 3 Aug 2011 12:39:49 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Traffic tracking trouble

Can't you just console into the router and clear the arp table? Maybe power cycle it?

Sent from my Motorola DynaTAC 8000x

Adam Zion <> wrote:

>We've had poor performance on the network at my location, and it
>occurred to me that the reason could be a chatty host on the network.
>So, I fired up Wireshark (formerly known as Ethereal, a packet
>sniffer) and took a look.
>I found that our AdTran router was blasting out constant ARP
>broadcasts trying to find various equipment which was no longer
>present. One bit was easy to fix: an NTP server which my predecessor
>at this location had removed. I switched my linux box over to the IP
>formerly used by the missing server, and all the ARPs looking for it
>vanished (well, to be more accurate, the AdTran would send an ARP or
>two, get a response, and then shut up).
>However, we also found a number of ARPs related to the former IP for
>one specific network printer, and we can't find what PC is out there
>that's trying to connect to the old IP. To my way of thinking, we can
>address this in 3 ways: track down the computer(s) making the requests
>for the old IP, somehow prevent the AdTran from responding to requests
>for said by IP by blasting out ARPs, or just set up a host on the IP
>to respond to the requests.
>Is there some sort of tool that can track the host that's looking for
>the old IP, and thereby spawning the ARPs? Bear in mind that this may
>well be a host that's at a remote site, since I've checked every
>system over here that could be looking for it, and not found it.
>This may seem minor, but my Wireshark logs find that these ARP
>requests- looking for this single absent IP- make up anywhere from
>10-20% of total network traffic here. So, if we could get rid of them,
>I rather think it would be a big help on performance.
>Adam+Zion, MCSE+I, Registered Linux User #471910
>Philadelphia Linux Users Group         --       
>Announcements -
>General Discussion  --  

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --