09-11-2007 09:51 AM - edited 03-05-2019 06:24 PM
On occasion I will have to clear the ARP cache on a 6500 when a customer swapeeds out a firewall or firewall NIC. The ARP cache will show the MAC of the previous device and will not update until either the ARP table refreshes dynamically (currenty at default time) or it is cleared manually.
Sometimes I need to clear it manually and sometimes is is refreshed dynamically when the new device comes up. Inconsistant issue....
Under what circimstances will an ARP entry NOT be refreshed when a firewall or firewall NIC is swapped out.
09-11-2007 10:29 AM
If you are using private vlans , arp entries will be sticky , which means when the ip address remains same , but mac changes , arp will not be refreshed.
You can configure the following global command if you are using private vlans.
no ip sticky-arp
or you can configure it on a per vlan basis.
int vlan
ip sticky-arp ignore
If you do not have private vlans , and still the arp is not being updated , then its just the fact that the new firewall is not sending gratuitous arp.
thanks
Salman.
08-10-2012 03:57 PM
I'll have to try that on my core switches.
I've been having a similar issue in which contractors were replacing HVAC controllers at many of my sites with newer models. They used the same IP addresses on them and had the same problem...they couldn't even ping them. I would have to flush the arp-cache on the core switches to resolve the issue. I will have to try the "ip sticky-arp ignore" command...
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: