Symptom

This issue was seen in case that following device tracking policy was applied to trunk interface. device-tracking policy /name/ trusted-port device-role switch no protocol udp In case that device will send unicast ARP request towards HSRP VIP address present on Cat9k and this ARP request is received on trunk port with this policy, it will be dropped, e.q. ARP will not be resolved. Broadcast ARP requests are not affected by this and they will be sucesfully resolved. Also, unicast ARP request towards physical interface address will be sucesfull. This affects only VIP addresses.

Conditions

- unicast ARP request towards HSRP VIP - trunk interface with DT policy attached

Workaround

- remove DT policy from trunk interface

Further Problem Description