have you ever seen this ? From a switch (on the same VLAN etc), I send ping to a target server. The ICMP reply comes back (I can see it in the wireshark trace file). Unfortunately in the CLI of the switch, this is like it gets no Echo reply !! And of course I take the PCAP on the switch itself, so I'm sure the Echo reply gets back to the switch. Have tried everything : - change the target IP address of the server - change the network adapater of the target server - change the port on which the server is connected I only have this problem with this particular server. All other servers work perfectly in the same network environment. The switch is a Cisco Nexus switch. any idea ? asked 17 Oct '16, 03:47  thierryn |
One Answer:
Well, the IP and ICMP contents of the Ethernet frames is fine, but look at the MAC addresses. The echo request from IP address Have a look at your IP address assignments and MAC addresses of different pieces of your equipment. Maybe there is a static record in that particular server's ARP table? answered 17 Oct '16, 05:02  sindy ohhh, stupid am I. Was only focused on the ICMP part. Thanks !! (17 Oct '16, 05:08) thierryn |
The idea would be that you can see the response packet in the capture but the switch does not recognize it as a response to its particular echo request due to mismatch of some field.
Can you publish the trace file?
Yes sure, but how can I upload a tracefile ? (sorry for this stupid question but I do not see any file upload possibility).
Correct, there is none. You have to upload your file to Cloudshark or to any plain file publishing service (Dropbox, Google Drive, Microsoft Onedrive, ...) and edit your question with a login-free link to it.
OK, thanks.
there it is : https://www.dropbox.com/s/aoeydiup6cbovh8/5_fresenius2.pcap?dl=0