Solved: when does arp entry disapper in L2 switch?

Sanghee Han · ‎08-07-2008

I operate L2 switch(cat2950).

5 hosts connect above switch

every host communicate other network server or hosts.

I think in this environmnet every hosts are appeared in output of "show arp".

but just some hosts are appeared although they continues to communicate with.

as i known, ARP timeout is 4 hours in fast-ehternet interface.

why above hosts are unvisible in show arp?

anyone knows the standard disapearing in show (ip) arp table?

I can't find the relative page in cisco.com.

Richard Burts · ‎08-07-2008

Ray

To answer your question I believe that we need to start by clarifying the relationship between the mac-address-table and the arp table in a layer 2 switch such as the 2950. The mac-address-table is used for layer 2 forwarding by the switch. When a device is connected to a port of the switch then the switch learns the MAC address of the device and puts it into the mac-address-table. When devices connected to the switch (in the same VLAN and in the same subnet) want to communicte with each other the switch only needs the mac-address-table and the arp table does not come into play.

The switch also maintains an arp table. The switch puts entries into its arp table only for any device which the management interface of the switch has communicated with (and times it out in 4 hours - as you mention).

so it is very possible that a device could not be in the arp table of the switch (because the layer 3 management interface of the switch has not communicated with it) but it will be in the mac-address-table and will communicate successfully with other devices because the 2950 is doing layer 2 forwarding for the device.

HTH

Rick

HTH

Rick

View solution in original post

Richard Burts · ‎08-07-2008

Ray

To answer your question I believe that we need to start by clarifying the relationship between the mac-address-table and the arp table in a layer 2 switch such as the 2950. The mac-address-table is used for layer 2 forwarding by the switch. When a device is connected to a port of the switch then the switch learns the MAC address of the device and puts it into the mac-address-table. When devices connected to the switch (in the same VLAN and in the same subnet) want to communicte with each other the switch only needs the mac-address-table and the arp table does not come into play.

The switch also maintains an arp table. The switch puts entries into its arp table only for any device which the management interface of the switch has communicated with (and times it out in 4 hours - as you mention).

so it is very possible that a device could not be in the arp table of the switch (because the layer 3 management interface of the switch has not communicated with it) but it will be in the mac-address-table and will communicate successfully with other devices because the 2950 is doing layer 2 forwarding for the device.

HTH

Rick

HTH

Rick

Sanghee Han · ‎08-07-2008

thanks for your help.

I have not known about your mention.

I know now arp table is relative with communication of switch's management ip and hosts.

then L3 interface for example, router's fa interface may keep all host's arp table in the same subnet.

right?

thanks your kindly explanation.

keeleym · ‎08-07-2008

Hi Rick

Excellent clear and concise explanation as usual. Many thanks.

Well worth the rating :)

Best Regards

Michael

nourelrayes · ‎08-07-2008

In flat network ARP for all hosts is shown on the router only as it's the device which performs the ARP request.

On the switch only hosts configured with static IP addresses are shown.