Showing posts with label ARP. Show all posts
Showing posts with label ARP. Show all posts

ARP table with logical and physical interfaces

In a layer-3 switching environment, the ARP table displayed with the show arp command lists the logical (L3) interfaces, for example the VLAN or BVI interface. This Tcl script displays the logical as well as physical interface associated with each IP/MAC address.

Martin Hecko gave me the idea for this script and helped to test it on a Catalyst switch. Thank you!

Posted by Ivan Pepelnjak on Wednesday, July 30, 2008 2 comments

Labels: , ,

ARP timeout resolution is implemented in minutes

Under some circumstances, you might want to tune the ARP timers on the router (for example, when using ARP as a keepalive mechanism to detect whether the host is up). Unfortunately, although you can set the per-interface arp timeout in seconds, the actual timer resolution is in minutes. For example, if you set the ARP timeout to 10 seconds, the router will age the ARP entries once per minute.Here's a sample debugging output produced on a router running IOS release 12.4(9)T with the arp timeout 10 interface configuration command. As you can see from the timestamps, the ARP entry is aged and refreshed exactly once per minute.

Jun 7 16:34:49: IP ARP: sent req src 192.168.0.1 0016.c7fe.f150, dst 192.168.0.2 000c.293a.b455 FastEthernet0/0.100
Jun 7 16:34:49: IP ARP: rcvd rep src 192.168.0.2 000c.293a.b455, dst 192.168.0.1 FastEthernet0/0.100
Jun 7 16:34:49: IP ARP: creating entry for IP address: 192.168.0.2, hw: 000c.293a.b455
Jun 7 16:35:49: IP ARP: sent req src 192.168.0.1 0016.c7fe.f150, dst 192.168.0.2 000c.293a.b455 FastEthernet0/0.100
Jun 7 16:35:49: IP ARP: rcvd rep src 192.168.0.2 000c.293a.b455, dst 192.168.0.1 FastEthernet0/0.100
Jun 7 16:35:49: IP ARP: creating entry for IP address: 192.168.0.2, hw: 000c.293a.b455
Jun 7 16:36:49: IP ARP: sent req src 192.168.0.1 0016.c7fe.f150, dst 192.168.0.2 000c.293a.b455 FastEthernet0/0.100
Jun 7 16:36:49: IP ARP: rcvd rep src 192.168.0.2 000c.293a.b455, dst 192.168.0.1 FastEthernet0/0.100
Jun 7 16:36:49: IP ARP: creating entry for IP address: 192.168.0.2, hw: 000c.293a.b455

Posted by Ivan Pepelnjak on Tuesday, June 19, 2007 Add comment

Labels:

ARP entries are periodically refreshed if you use CEF switching

In a previous post I've been writing about the inability to clean the ARP cache due to cached CEF adjacencies. As it turns out, this behavior has another side effect: the router will automatically refresh all ARP entries (and CEF adjacencies) as they expire from the ARP cache. This might become a problem on high-end devices with a lot of directly connected hosts if you set the arp timeout to a low value.
Here is a sample debugging printout verifying this behavior:

Jun 7 16:34:49: IP ARP: sent req src 192.168.0.1 0016.c7fe.f150,dst 192.168.0.2 000c.293a.b455 FastEthernet0/0.100
Jun 7 16:34:49: IP ARP: rcvd rep src 192.168.0.2 000c.293a.b455, dst 192.168.0.1 FastEthernet0/0.100
Jun 7 16:34:49: IP ARP: creating entry for IP address: 192.168.0.2, hw: 000c.293a.b455

Posted by Ivan Pepelnjak on Wednesday, June 13, 2007 Add comment

Labels: ,

What is a cached CEF adjacency?

Whenever a router running CEF switching has LAN interfaces (or any other multi-access interfaces), you'll find cached adjacencies for active directly attached IP neighbors in its CEF table. These adjacencies ensure the smooth traffic flow toward the LAN-attached next-hops (preventing the initial packet drop symptom once the next-hop becomes active).

The cached adjacencies (for individual IP hosts) are created whenever the first packet is sent toward an IP destination covered by a glean adjacency and stay in the CEF table during the changes in IP routing table (even after the complete IP routing table is cleared with the clear ip route * command). The only way to remove them from the CEF table (although I can't see a good reason to do that) is to shutdown and re-enable the interface.To display the cached adjacencies use the show ip cef destination mask longer-prefixes detail command, for example:

a2#show ip cef 10.0.0.0 255.0.0.0 longer detail
... CEF statistics deleted ...

Adjacency Table has 3 adjacencies
10.0.0.0/24, version 14, epoch 0, attached, connected
0 packets, 0 bytes
  via FastEthernet0/0, 0 dependencies
    valid glean adjacency
10.0.0.0/32, version 5, epoch 0, receive
10.0.0.5/32, version 12, epoch 0, cached adjacency 10.0.0.5
0 packets, 0 bytes
  via 10.0.0.5, FastEthernet0/0, 0 dependencies
    next hop 10.0.0.5, FastEthernet0/0
    valid cached adjacency
10.0.0.6/32, version 4, epoch 0, receive
10.0.0.10/32, version 11, epoch 0, cached adjacency 10.0.0.10
0 packets, 0 bytes
  via 10.0.0.10, FastEthernet0/0, 0 dependencies
    next hop 10.0.0.10, FastEthernet0/0
    valid cached adjacency
10.0.0.255/32, version 6, epoch 0, receive
The receive adjacencies are the ones the router is listening to (its own IP address and both variants of subnet multicast address), the glean adjacency covers the directly connected IP subnet and the cached adjacencies are created on-demand for active IP next-hops.

Posted by Ivan Pepelnjak on Wednesday, May 09, 2007 1 comments

Labels: ,

Subscribe to: Posts (Atom)