Wireless Access

We have a device that began having intermittent connectivity.  We noticed that when it was broken, it had an all-zeros MAC in its ARP table for the gateway.  After further investigation, we saw it receiving ARP replys for the gateway address from an all-zero MAC source saying that the gateway was at 00:00:00:00:00:00.  After extensive troubleshooting and packet captures separately on ingress and egress at each interface on the local network, we determined that the all-zero sourced replies were coming from our wireless controller's interface that is in the same LAN as the device having issues.

Short and sweet:

1.  A device is sending ARP requests to 00:00:00:00:00:00 for its gateway.

2.  Our active Aruba 3400 on the same VLAN is replying to those ARP requests from a source MAC of 00:00:00:00:00:00 with an ARP reply that says the gateway is at 00:00:00:00:00:00.

3.  In addition to this being invalid, the gateway IP is NOT even on the Aruba box.

4.  This behavior was sudden.  No changes were made on any of these devices leading up to the behavior starting.

We will put in a ticket, but has anyone else seen this before?  It's pretty baffling.

What version of ArubaOS is this?

6.4.4.16

We turned off proxy arp on the interface and it stopped sending out those ARP replys from 00:00:00:00:00:00.

We verified and the address it's sending replies for is not configured on the box other than as the next hop on the default route.

We do have a source NAT rule configured for this interface with an IP that is in the same subnet as the interface IP.  The NAT still works with proxy-arp disabled - which is interesting.

Is there a way to do a file integrity check or something similar?  We will upgrade and reboot, but we're waiting on a maintenance window.

Thanks,