Hi there
I lost connectivity to one of our remote systems and when I checked the messages log I found the following:
Aug 10 23:42:34 host xntpd[296]: [ID 774427 daemon.notice] time reset (step) 1.681729 s
Aug 16 13:20:51 host ip: [ID 876157 kern.warning] WARNING: node "mac address" is using our IP address x.x.x.x on aggr1
Aug 16 13:20:51 host last message repeated 1 time
Aug 16 13:21:51 host snmpXdmid: [ID 181857 daemon.error] Error receiving PDU Decode the header of message failed: data lengths that long are not supported.
Aug 16 13:21:51 host snmpXdmid: [ID 352064 daemon.error] Error receiving packet from agent; rc = -1.
Aug 16 13:21:51 host snmpXdmid: [ID 669004 daemon.error] Will attempt to re-establish connection.
Aug 16 13:22:17 host ip: [ID 876157 kern.warning] WARNING: node "mac address" is using our IP address x.x.x.x on aggr1
Aug 16 13:22:17 host last message repeated 2 times
Aug 16 13:22:17 host ip: [ID 567813 kern.warning] WARNING: aggr1 has duplicate address x.x.x.x (claimed by "mac address"); disabled
So the messages indicate a MAC address, but is there a way I can trace that MAC address to an IP address so that I can solve where this issue could have started? I am of course assuming that someone tried to configure a duplicate IP on another system and that caused a connectivity issue.