Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1323
Views
5
Helpful
4
Replies

ARP Timeout Command

Go to solution
johnlloyd_13
Level 9
Level 9

‎01-10-2012 02:07 AM - edited ‎03-07-2019 04:15 AM

Hi All,

I know it's best practise to configure a static default route with the ISP IP address specified as the next hop.

If the static default route is set with an exit interface, specifically an FE port, will the ARP timeout command set on the interface help reduce the ARP table? Which interface to apply this command and how many seconds should it be? Thanks in advance!

int fx/x

arp timeout

Sent from Cisco Technical Support iPhone App

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to johnlloyd_13

‎01-10-2012 02:37 AM

Hi John,

Happy New Year to you too! 

one of our network guy set the static deault route to exit on an FE interface instead of the ISP next hop IP

That guy should be properly educated never to do such thing again.

I was just wondering if I could set the arp timeout command on both FE ports and retain the static route set earlier.

Perhaps you would save some space in the ARP table, as unused entries would expire sooner. However, by doing that, you would only force the router to send more ARP messages and update its ARP and adjacency caches with a higher frequency. You have to keep in mind that despite the ARP expiration time may be very short, the router will still, at some moment, need to know a particular IP/MAC mapping. If it does not find it in its caches, it will have to ask for it. Considering the potential need to ask for around 4 billion unique addresses in internet again and again, relying on the static default route pointing out a FastEthernet interface is just a bad idea

Best regards,

Peter

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎01-10-2012 02:16 AM

John,

I am afraid that the ARP timeout will not effectively help to reduce the ARP table size here. It may help to evict unused entries in less time but as soon as a new packet will be sent towards a destination whose entry expired from the ARP cache, it will need to be resolved via ARP again. You will trade the ARP cache size in exchange for possible increase in ARP traffic. In addition, this configuration puts your router at the mercy of the ProxyARP mechanism running at your ISP. Should the ISP at any time deactivate the ProxyARP on its router, your internet connection will go down.

Is there any particular reason why you need to define a static default route using egress interface only?

Best regards,

Peter

Go to solution
johnlloyd_13
Level 9
Level 9
In response to Peter Paluch

‎01-10-2012 02:30 AM

Hi Peter,

Thanks for the quick response and happy new year!

I just had an issue earlier with one of our CE router (an 1841 in this case). It hangs at least once a month. I later found out one of our network guy set the static deault route to exit on an FE interface instead of the ISP next hop IP. I've configured it to the ISP IP address and greatly reduced the ARP table afterwards.

I was just wondering if I could set the arp timeout command on both FE ports and retain the static route set earlier.

Sent from Cisco Technical Support iPhone App

0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to johnlloyd_13

‎01-10-2012 02:37 AM

Hi John,

Happy New Year to you too! 

one of our network guy set the static deault route to exit on an FE interface instead of the ISP next hop IP

That guy should be properly educated never to do such thing again.

I was just wondering if I could set the arp timeout command on both FE ports and retain the static route set earlier.

Perhaps you would save some space in the ARP table, as unused entries would expire sooner. However, by doing that, you would only force the router to send more ARP messages and update its ARP and adjacency caches with a higher frequency. You have to keep in mind that despite the ARP expiration time may be very short, the router will still, at some moment, need to know a particular IP/MAC mapping. If it does not find it in its caches, it will have to ask for it. Considering the potential need to ask for around 4 billion unique addresses in internet again and again, relying on the static default route pointing out a FastEthernet interface is just a bad idea

Best regards,

Peter

0 Helpful

Go to solution
johnlloyd_13
Level 9
Level 9
In response to Peter Paluch

‎01-10-2012 02:46 AM

Peter,

Thanks and as always you've cleared my doubts.

At first I thought it was some sort of DDOS attack but after I reviewed the config and made the changes, I hope it will stablize the router's CPU and memory.

Sent from Cisco Technical Support iPhone App

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card