Static DHCP Table entries - potential issue with USG / Zywall

imaohw · May 2020

I use the Static DHCP Table entries on the "Edit VLAN" screen to assign specific IP addresses to specific MAC address in that VLAN. This has been working well.

I now have the need to provide a specific IP address to a switch for each VLAN defined on the switch. All of the IP addresses are associated with the same MAC address but in a different VLAN. For example:

Switch IP for vlan 1 - 192.168.1.1
Switch IP for vlan 2 - 192.168.2.1
Switch IP for vlan 3 - 192.168.3.1

All of the above IO addresses are associated with the same MAC Address.

I can set this up thru the "Edit VLAN" screen for each VLAN and it seems to work fine. However if I use the "Edit IP/MAC Binding" screen for any of the VLANs and try to add or edit an entry which contains the switch's MAC address I get a "Duplicate MAC Address!" error.

It appears as if the system is checking for any other entry with the same MAC Address but not considering the VLAN.

Zyxel_Charlie · May 2020

@imaohw
Regarding to this case,
can I confirm the situation that if you configure the same MAC address with different IP address on IP/MAC binding of each Vlan interface, you will get "Duplicate MAC Address"?

imaohw · May 2020

That is correct. When using the “Edit IP/MAC Binding” screen I get the Duplicate MAC error using the same MAC Address with a different IP address in each VLAN.

But it works fine if I do the same thing using the Static DHCP Table section of the “Edit VLAN” screen.

imaohw · May 2020

@Zyxel_Charlie - while I was able to add the static IP assignment for the same MAC address in two different Vlans using the Vlan screen today when I tried to add a LAG to the USG I got a Duplicate MAC Address error.

The only way I could add the LAG to the USG was to first remove the entry in the Static IP address table for the second Vlan.

Zyxel_Charlie · May 2020

@imaohw
Thanks for your information.
We have confirmed this behavior internally, so any modification will keep you post.

imaohw · June 2020

@Zyxel_Charlie - any update on a fix for this issue?

Zyxel_Charlie · July 2020

@imaohw
Regarding to this case, the solution will be released by next Friday.

Zyxel_Charlie · July 2020

@imaohw
Regarding to this case,
I have private message the firmware to you. Please have a check.

imaohw · November 2020

@Zyxel_Charlie - I thought this issue had been resolved with the date code firmware you had provided. However, today I needed to make a change to a LAG on my USG1100 and I got the Duplicate MAC Address error. The USG1100 was running the date code firmware.

Let me know if there is information I can provide.

Zyxel_Charlie · November 2020

@imaohw
Is it that when you create the two same IP/MAC on different Lag interface, and face the message that"Duplicate MAC Address error"?

imaohw · November 2020

@Zyxel_Charlie - No. the same MAC address had been assigned an IP address in two different vLans using IP/MAC tables several months ago. Everything had been working fine.

The error message appeared when I was defining a LAG on the USG1100. The only way to get the LAG created was to remove the IP address from one of the IP/MAC tables.

it appeared that the process of adding a LAG (no vlans assigned to it) is causing other things on the USG1100 to be incorrectly validated.

Static DHCP Table entries - potential issue with USG / Zywall

Comments

Categories

Security Highlight

Security Help Center