Here’s my problem.

I have the following management subnet at a production site:

172.31.65.104 255.255.255.248

This means the possible host addresses are 105-110. I’m adding a second router and HSRP to this location, so I wanted to see what IPs were available in that range (to set up HSRP). I have come across one IP (172.31.65.107) that I can ping from our management domain, but I can’t ssh or telnet to it (which I know could be for a number of reasons).

When I traceroute to .107, it dies at the PE router. When I log into the CE router at this location and do a show run | i 172.31.65.10 (just .10 at the end to pick up anything from 105-109), I don’t see .107 anywhere. To add to the fun, I can NOT ping .107 from this router (even though that’s where that subnet exists and I CAN ping .107 from our management domain).

router bgp 64111
 network 172.31.65.104 mask 255.255.255.248

router#sh run | i ip route
ip route 172.31.65.104 255.255.255.248 Null0

Can anyone tell me what’s going on here? Why can I ping .107 from the management domain but not from the router (where that subnet exists)? I don’t see that .107 in the arp cache of the CE router either.
From everything I’m looking at, I do not have the .107 configured on any device (not even as a secondary IP).

Hi Andy,

That’s a nice mystery :grin

Since you get a reply, it seems something is configured to use that IP address. Did you try a port scan just to see if it listens on any port? I guess you can’t do a traceroute from the PE router?

A router with a null0 entry that matches your IP will drop the packet. A router will only reply to a ping if the IP is configured somehow.

Rene