Setting aging timers for ARP and CAM table in HSRP environment

Unanswered Question
Nov 1st, 2006
User Badges:

I have a new network deployed and we are running into a problem with the aging timers on the arp and CAM tables in our 6500s and 3750s. We haven't changed the default aging timers, 4 hours for ARP, 5 minutes. We've read several documents that state we should change the arp table to something equal or less than the cam table. Any recomendations on what these values should be?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
amit-singh Wed, 11/01/2006 - 09:20
User Badges:
  • Blue, 1500 points or more


I would suggest to incfrease the CAm timer to equal to the ARP timeout counter i.e 4 hrs. It should always be equal i.e CAM timeout= ARP timeout.

-amit singh

gpulos Wed, 11/01/2006 - 09:22
User Badges:
  • Blue, 1500 points or more

the concept you're talking about is for preventing unicast flooding. where the arp aging timer of 4 hours is greater than the cam aging timer of 5 minutes.

this causes entries in the cam table to age out entries. when this happens, a packet destined to the aged out cam entry must be flooded out all forwarding ports in the vlan except the port the packet was received on.

cisco states that in any HSRP environment, it is recommended that you ensure the cam and arp timers are synchronized; or at least bring the values closer together.

(really helpful when hsrp is configured for one msfc to route for, say odd vlans, and the redundant msfc is to route the even vlans)

for catOS you would use the 'set cam agingtime' command.

for IOS you would use the 'mac-address-table aging-time' command.

as far as a recommendation, it may be best to do your own trial and error with the timers to find which settings will work best for your environment.

(if you do not have much or any additions/removals of devices to your network, raising the cam aging timer close to or in sync with the arp timer should not create any adverse issues)

please see the following link for more info:

NOTE: another reason to limit flooding is the affect it has on spanning tree toplogy change notifications.

please see the following link for more info on unicast flooding:


This Discussion