You should be able to inspect the ARP queries of the iLO on the new Shorewall router:
tcpdump -n -i lan.1 arp and ethernet host aa:bb:cc:dd:ee:ff Where aa:bb:cc:dd:ee:ff is the iLO's MAC. Adding the tcpdump -e parm might help. Bill On 7/14/2020 6:37 PM, Vieri Di Paola wrote:
3) first and only echo reply: src MAC is correct, dst MAC ( e8:ea:6a:0c:4c:1c ) is that of an interface on an older Shorewall router. So, that means that this particular client (an HP iLO system based on Linux) is still sending replies to an old Shorewall gateway I replaced 20 days ago. The interface to which this MAC addr belongs to isn't even online. I haven't found this MAC addr in any intermediate switch (ARP tables) so I'm guessing it must be in the client's ARP cache?
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
