BugZero | Cisco BugID CSCur30273 - 3850 duplicates pass-through ARP packets

Cisco - Defect ID: CSCur30273

3850 duplicates pass-through ARP packets

Cisco - Defect ID: CSCur30273

3850 duplicates pass-through ARP packets

Last updated on November 26th, 2025

BugZero Risk Score
6.2 Medium

Overall: 6.2

Severity: 6.4

Lifecycle: 9.1

Popularity: 6.0

What is the BugZero Risk Score?

Cisco Integration

Learn more about where this data comes from

Cisco Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Views: 1

Description

Symptom

When ARP request/Reply packets enter an access or trunk interface and its L2 switched to an another access or trunk interface in same VLAN the ARP request/Reply packets gets duplicated. This means that when one ARP packet enter the switch two identical ARP packets exit the switch. We have seen IP Packets getting duplicated. This only seems to affect ARP packets.

Conditions

L2 switching with lanbase license

Workaround

The issue is only observed with "lanbase" license. Issue is not seen with "ipbase" license. Enable IPDT 3850-STACK#sh ip device tracking all Global IP Device Tracking for clients = Disabled >>>>> IPDT is disabled by default on lanbase ----------------------------------------------------------------------------------------------- IP Address MAC Address Vlan Interface Probe-Timeout State Source ----------------------------------------------------------------------------------------------- 3850-STACK(config)#int range gig1/0/19 , gig2/0/39 3850-STACK(config-if)#ip device tracking maximum ? Maximum devices (0 means disabled) 3850-STACK(config-if-range)#ip device tracking maximum 20 3850-STACK(config-if-range)#end 3850-STACK#sh ip device tracking all Global IP Device Tracking for clients = Enabled >>>>> Make sure IPDT is enabled Global IP Device Tracking Probe Count = 3 Global IP Device Tracking Probe Interval = 30 Global IP Device Tracking Probe Delay Interval = 0 ----------------------------------------------------------------------------------------------- IP Address MAC Address Vlan Interface Probe-Timeout State Source ----------------------------------------------------------------------------------------------- Total number interfaces enabled: 2 Enabled interfaces: Gi1/0/19, Gi2/0/39

Further Problem Description

none

Change history

2025-11-26 Added: 16.3.10, 16.3.11, 16.3.9, 16.6.10, 16.6.6, 16.6.7, 16.6.7a, 16.6.8, 16.6.9, 3.10.0E_ngwc, 3.10.1E_ngwc, 3.10.2E_ngwc, 3.10.3E_ngwc, 3.11.0E_ngwc, 3.11.1E_ngwc, 3.11.2E_ngwc, 3.11.3E_ngwc, 3.11.4E_ngwc, 3.6.10E_ngwc, 3.6.4E_BinOS, 3.6.5E_ngwc, 3.6.6E_ngwc, 3.6.7E_ngwc, 3.6.8E_ngwc, 3.6.9E_ngwc, 3.7.3E_ngwc, 3.7.4E_ngwc, 3.7.5E_ngwc, 3.8.10E_ngwc, 3.8.1E_ngwc, 3.8.2E_ngwc, 3.8.3E_ngwc, 3.8.4E_ngwc, 3.8.5E_ngwc, 3.8.6E_ngwc, 3.8.7E_ngwc, 3.8.8E_ngwc, 3.8.9E_ngwc, 3.9.0E_ngwc, 3.9.1E_ngwc, 3.9.2E_ngwc

2024-10-16 Added: 16.2.2, 16.3.1, 16.3.1a, 16.3.2, 16.3.3, 16.3.3a, 16.3.4, 16.3.5, 16.3.5a, 16.3.5b, 16.3.5c, 16.3.6, 16.3.7, 16.3.8, 16.4.1, 16.4.2, 16.4.3, 16.5.1, 16.5.1a, 16.5.1b, 16.5.2, 16.5.3, 16.6.1, 16.6.1a, 16.6.2, 16.6.2s, 16.6.3, 16.6.4, 16.6.4a, 16.6.4s, 16.6.5, 16.6.5a, 16.6.5b

Relevant Products

Click on a version to see all relevant bugs

Affected versions:No known affected versions

Fixed versions: 16.2.2, 16.3.1, 16.3.10, 16.3.11, 16.3.1a, 16.3.2, 16.3.3, 16.3.3a, 16.3.4, 16.3.5, 16.3.5a, 16.3.5b, 16.3.5c, 16.3.6, 16.3.7, 16.3.8, 16.3.9, 16.4.1, 16.4.2, 16.4.3, 16.5.1, 16.5.1a, 16.5.1b, 16.5.2, 16.5.3, 16.6.1, 16.6.10, 16.6.1a, 16.6.2, 16.6.2s, 16.6.3, 16.6.4, 16.6.4a, 16.6.4s, 16.6.5, 16.6.5a, 16.6.5b, 16.6.6, 16.6.7, 16.6.7a, 16.6.8, 16.6.9, 3.10.0E_ngwc, 3.10.1E_ngwc, 3.10.2E_ngwc, 3.10.3E_ngwc, 3.11.0E_ngwc, 3.11.1E_ngwc, 3.11.2E_ngwc, 3.11.3E_ngwc, 3.11.4E_ngwc, 3.6.10E_ngwc, 3.6.4E_BinOS, 3.6.5E_ngwc, 3.6.6E_ngwc, 3.6.7E_ngwc, 3.6.8E_ngwc, 3.6.9E_ngwc, 3.7.3E_ngwc, 3.7.4E_ngwc, 3.7.5E_ngwc, 3.8.10E_ngwc, 3.8.1E_ngwc, 3.8.2E_ngwc, 3.8.3E_ngwc, 3.8.4E_ngwc, 3.8.5E_ngwc, 3.8.6E_ngwc, 3.8.7E_ngwc, 3.8.8E_ngwc, 3.8.9E_ngwc, 3.9.0E_ngwc, 3.9.1E_ngwc, 3.9.2E_ngwc

Relevant Products

Click on a version to see all relevant bugs

Affected versions:No known affected versions

Top Cisco Defects

9.7Defect ID: CSCwq31287
Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability
9.7Defect ID: CSCvx32806
Access Points stuck in bootloop due to image checksum verification failed
9.7Defect ID: CSCwa57254
C8200 Silent Reload due to CpuCatastrophicError
9.7Defect ID: CSCwa70008
Expired certs cause Security Intelligence updates to fail
9.7Defect ID: CSCvq12070
Not able to establish more than 2 simultaneous ASDM sessions

Ready to prevent the next vendor outage?

Get a demo

Cisco - Defect ID: CSCur30273

3850 duplicates pass-through ARP packets

Cisco - Defect ID: CSCur30273

3850 duplicates pass-through ARP packets

Last updated on November 26th, 2025

BugZero Risk Score6.2 Medium

Bug Details

Symptom

Conditions

Workaround

Further Problem Description

Top Cisco Defects

Ready to prevent the next vendor outage?

Links

BugZero Risk Score
6.2 Medium