Tuesday, September 25, 2012

ARP cache timeout on Cisco routers

ARP cache timeout on Cisco routers
Hello,

I was reading a book on Cisco routers in which the author says : "The router resets the ARP age counter to zero whenever it sees valid traffic from the corresponding device. This ensures that the addresses of active devices are never flushed out of the cache, no matter how long they have been known."

I am really surprised about that because I have always thought that the ARP age counter was an absolute counter and not relative to the last time a packet was seen coming from the corresponding IP. After reading this, I made some tests which tend to confirm that the ARP age counter is absolute and does not care whether we have active traffic from the corresponding IP or not.

QUESTION 1 : can somebody confirm this please ?
I am unable to find clear assertions in Cisco documentation.

QUESTION 2 : when does the router send a new ARP request ?
For example, when the ARP timeout is 4 hours or 240 minutes (Cisco default value), the router sends an ARP request when reaching 239 minutes (1 minute before the expiration time). Is this value a fixed one (we send an ARP request 1 minute before aging) or is it a relative value (x % of the timeout value) ?


Thanks for your help.
Correct Answer by Richard Burts  on Feb 13, 2012 11:35 AM
Sam

I have some additional information that might help. I found a posting from a senior Cisco engineer that gives some information about the behavior of ARP in Cisco IOS. He says clearly (and has an example) that if Cisco receives an ARP request from a host it will use that request to refresh the ARP entry and reset the timer for that entry without doing its own ARP request. This may be the behavior that they were trying to talk about in the IOS Cookbook.

He also talks about doing a unicast ARP request 60 seconds before the entry expires so that the entry can be updated. He does not say specifically but I believe that this interval is fixed.

Here is the link if you want to see the details:
http://puck.nether.net/pipermail/cisco-nsp/2005-February/017400.html

As for the error in the book, I have worked as a reviewer on a couple of books and can tell you that the authors and the reviewers work hard to get things right. But sometimes errors are not caught and appear in the publication. With the amount of detail covered in the book a few mistakes are bound to creep through.

HTH

Rick
Posted by TOF at 2:53 AM
Labels:
Related Posts Plugin for WordPress, Blogger...