ASA GARP

Unanswered Question
Feb 23rd, 2010
User Badges:
  • Silver, 250 points or more

Hi All,


Just wondering is any knows how to have an ASA process a GARP (gratuitous ARP)?


It appears that ASAs ignore them, therefore i have Linux HA that does not work beacuse the

ASA retains the original arp and ages out after four hours.


Thanks for your help


Stephen

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
Panos Kampanakis Tue, 02/23/2010 - 14:46
User Badges:
  • Cisco Employee,

The ASA should honor the GARPs. In the arp debugs you will see something like


arp-in: updating gratuitous ARP 172.16.256.78 - xxxx.xxxx.xxxx


If the asa has an arp entry, and then sees a conflicting gratuitous arp reply with a different MAC for that same IP, we will replace the arp entry we have with the new entry. We will also log a syslog at level 4 stating that there was a collision. I would suggest you to check the asa syslogs and debugs to see if we see evidence of these collision syslogs.


I hope it helps.


PK

Kureli Sankar Tue, 02/23/2010 - 17:07
User Badges:
  • Cisco Employee,

See if you have a static arp configured.


Check the ASA's talbe "sh arp | i aaa.bbb.ccc and see if the mac shows and if it appears correct.


Issue "sh run arp" to make sure you don't have any conflicting entries added statically.


-KS

stephen.stack Thu, 02/25/2010 - 00:57
User Badges:
  • Silver, 250 points or more

Thanks very much for the replies guys, I am taking that is not working on second hand info.

I need to see this happening for myself, but at least i know that the ASAs accept GARPS.


I will update once i know more.


Regards


Stephen

Actions

This Discussion