I had a large area LAN. There were many switch and AP on it, then somehow I couldn't ping my servers, and it's said that the IP was duplicated. I use arpwatch and found out that one of the switch flip-flop-ing the IP. I isolated that troublesome switch using his mac-address.
But, since this a large area LAN... I doubt this will be the last cases. If there any software or hardware that I can use to prevent this kind of error?
Sorry for my bad English.
If you have a very large broadcast domains then think about segmenting it either with vlan's or using a layer 3 switch. You'll be able to put all your AP's onto one vlan and associate end stations with function. You'll also cut-down on broadcast flooding on your switches, thus increasing performance and lowing the possibility that one end station can dos your entire LAN.
Vlan's are powerful stuff, if you have fairly good/modern switches they should support vlans, they just need configuring.
You'll be able to implement a better security policy too.
Was the duplicate IP a configuration problem? or a security problem ;-) .
Segment that lan, before it becomes a monster.
Once you have you vlan's up and going and have regained control of your network, you can look at technologies to prevent ip address duplication.
It may be that you have a switch loop. Are your switches configured to use STP?
Do you mean a switch took the address, or that a switch was doing something strange to a workstation on one of its ports that made it look like another user's workstation had your server's IP?
Either way, if the assigned IP's weren't working properly and a restart of the switch didn't fix it, it sounds like you have bad hardware either on that switch or at the user's workstation.