cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
337
Views
4
Helpful
5
Replies

Layer 2 resolution

suthomas1
Level 6
Level 6

If there is a layer 3 device connected to another layer 3 device & if there is a physical unit change made on one of them..shouldnt the mac-address clear itself after the aging period & reflect the new device physical address.Do we really need to clear the mac manually from the other device.Just part of a replacement coming up next weeek, so just making sure every problem area is checked upon.

Thanks.

5 Replies 5

Jon Marshall
Hall of Fame
Hall of Fame

Yes it will age out but you may not want to wait that long to make sure the new device is functioning properly.

So you may well be better off clearing the arp caches, mac-address tables.

Jon

Jon is right.

But there are instances in which the new device that takes over the IP/MAC address for the failed one will send a gratuitous ARP to announce its presence to the network.

That ARP response will be broadcast to the entire Layer 2 segment.

HTH

Victor

if am correct the arp timeout is 360seconds...so when the takeover to new layer3/layer2 info is being done...the static unchanged device would timeout the current entries for the old device & use the new ones?

how is gratuitous different from normal learning?

Any possible reasons that would have the unchanged device unable to relearn the new entries?

Gratuitous means that the ARP announcement was made by the new device without being requested in an ARP request, as is done in "normal learning." Hence, it is gratuitous.

Keep in mind that the gratuitous ARP will also be used by inter-connecting layer 2 switches to update their CAM tables. The switches will learn that to get to the failover MAC address, it will have to forward traffic out another port. Rememeber, the switch learns new MAC addresses as it receives traffic on its ports. So, when the new L3 device sends out the grat. ARP, the switch will "learn" that the source MAC address can now be learned from a new port.

"Any possible reasons that would have the unchanged device unable to relearn the new entries?"

Sometimes security appliances do not repsond well to grat. ARPs for fear that it is part of some sort of attack. In that case, the ARP cache will have to time out or you will have to manually clear it.

HTH

Victor

That helped a lot...so if the A connects to B & i replace B with new device C..C would possibly send out grat arp & A should learn that removing the old entries.

Is the problem with all security appliance or specific ones and any peculiar reasons apart from attack that A would learn/relearn the new address for security app C even after timeout.

Thanks

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco