Firewall Swap-out - ARP Cache Issue

phykell

phykell

phykell

Soldato
Joined
18 Oct 2002
Posts
4,410
So, I plug a server from one firewall into another to try it and no-one can see the server externally. I plug it back into the original firewall in exactly the same socket and no-one can see the server externally on the original firewall now. What's happened? Apparently an ARP cache somewhere, now has the wrong mapping and it can take several hours for the correct mapping to be re-established. That's what I've been told anyway, does anyone know anything about this? Is there any way around it?

The obvious solution is when moving my server to a new firewall, is to change my server's public IP address but that's not really something I want to do as I'd then have to change its DNS setting which again can take several hours to propagate. Catch 22?
 
phykell said:
So, I plug a server from one firewall into another to try it and no-one can see the server externally. I plug it back into the original firewall in exactly the same socket and no-one can see the server externally on the original firewall now. What's happened? Apparently an ARP cache somewhere, now has the wrong mapping and it can take several hours for the correct mapping to be re-established. That's what I've been told anyway, does anyone know anything about this? Is there any way around it?

The obvious solution is when moving my server to a new firewall, is to change my server's public IP address but that's not really something I want to do as I'd then have to change its DNS setting which again can take several hours to propagate. Catch 22?
Click to expand...

Have you flushed the arp caches on any of the relevant servers, firewalls and routers?
 
It's a Sonicwall. The problem is that I could see the server on the LAN side of the firewall from a laptop plugged into a switch sat on the WAN side of the firewall, but nothing could see the server on the LAN side of the firewall from the other side of the switch. Unfortunately, I had no access to flush the cache of any switches or routers on the WAN side of my firewall. Looks like I'm stuck with several hours' propagation then :(
 
phykell said:
It's a Sonicwall. The problem is that I could see the server on the LAN side of the firewall from a laptop plugged into a switch sat on the WAN side of the firewall, but nothing could see the server on the LAN side of the firewall from the other side of the switch. Unfortunately, I had no access to flush the cache of any switches or routers on the WAN side of my firewall. Looks like I'm stuck with several hours' propagation then :(
Click to expand...

You dont need to worry about the switches, so much as the routers cant you accidentally knock the power off on the router late at night ;)
 
You must log in or register to reply here.
Back
Top Bottom