IP conflict detection
IP conflicts can occur when two systems on the same network are using the same IP address. The FortiSwitch unit monitors the network for conflicts and raises a system log message and an SNMP trap when it detects a conflict.
The IP conflict detection feature provides two methods to detect a conflict. The first method relies on a remote device to send a broadcast ARP (Address Resolution Protocol) packet claiming ownership of a particular IP address. If the IP address in the source field of that ARP packet matches any of the system interfaces associated with the receiving FortiSwitch system, the system logs a message and raises an SNMP trap.
For the second method, the FortiSwitch unit actively broadcasts gratuitous ARP packets when any of the following events occurs:
- System boot-up
- Interface status changes from down to up
- IP address change
If a system is using the same IP address, the FortiSwitch unit receives a reply to the gratuitous ARP. If it receives a reply, the system logs a message.
IP conflict detection is enabled on a global basis. The default setting is enabled.
Using the GUI:
- Go to Network > Settings.
- Select Enable IP Conflict Detection.
- Select Apply.
Using the CLI:
config system global
set detect-ip-conflict <enable|disable>
If the system detects an IP conflict, the system generates the following log message:
IP Conflict: conflict detected on system interface mgmt for IP address 10.10.10.1