thousands of discovers from a single MAC

[Blake Hudson]

Marc Perea:
> Unfortunately, the access shelf is Ethernet on one side, ATM on the
> other, providing ADSL service to our customer, so we can't sniff
> between the shelf and the RG in order to determine who's causing the
> problem. Additionally, when we convert the RG which is doing both
> bridging and routing/NAT into two separate boxes, so that we can have
> an ethernet sniff point between them, it doesn't seem to break anymore.
>  
> Finally, a modem reboot will fix the problem - DORA will complete when
> the RG comes back up just fine. We also encouraged the RG vendor to
> develop and implement a firmware feature whereby if the modem sees a
> down/up on it's ATM interface (ADSL retrain), it would re-DHCP, much
> like an ethernet interface would. A down/up from the access shelf side
> does indeed also fix the problem.

The swap to bridging mode makes me think that it's something at the
shelf (assuming it never happens in bridging mode and it's not a reset
between modes that temporarily fixes the problem). Is your access shelf
performing any type of DHCP secured ARP or similar IP spoofing
protection or even bridged/routing against the CPE which could be
interfering with the new DHCP transaction? Another thought would be DHCP
transaction limits (flood protection) on the access shelf, or a device
limit per access port that works via IP address instead of MAC.



Alex Bligh :
> If you just see (your side of the access shelf) DODODODO (and nothing
> else)
> this might simply be that connectivity is unidirectional (upstream
> only) between the access shelf and the customer - at least at an IP
> level. There's a million reasons why that could happen, including broken
> CPE. 

This is also very true, and is simply an eventuality as a network grows
and gains more clients. As Alex points out, there are many reasons, but
they usually boil down to bad layer1 connectivity or a broken CPE.

--Blake