Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

ARP Timeout Command

Hi All,

I know it's best practise to configure a static default route with the ISP IP address specified as the next hop.

If the static default route is set with an exit interface, specifically an FE port, will the ARP timeout command set on the interface help reduce the ARP table? Which interface to apply this command and how many seconds should it be? Thanks in advance!

int fx/x

arp timeout

Sent from Cisco Technical Support iPhone App

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: ARP Timeout Command

Hi John,

Happy New Year to you too!

one of our network guy set the static deault route to exit on an FE interface instead of the ISP next hop IP

That guy should be properly educated never to do such thing again.

I was just wondering if I could set the arp timeout command on both FE ports and retain the static route set earlier.

Perhaps you would save some space in the ARP table, as unused entries would expire sooner. However, by doing that, you would only force the router to send more ARP messages and update its ARP and adjacency caches with a higher frequency. You have to keep in mind that despite the ARP expiration time may be very short, the router will still, at some moment, need to know a particular IP/MAC mapping. If it does not find it in its caches, it will have to ask for it. Considering the potential need to ask for around 4 billion unique addresses in internet again and again, relying on the static default route pointing out a FastEthernet interface is just a bad idea

Best regards,

Peter

4 REPLIES
Cisco Employee

ARP Timeout Command

John,

I am afraid that the ARP timeout will not effectively help to reduce the ARP table size here. It may help to evict unused entries in less time but as soon as a new packet will be sent towards a destination whose entry expired from the ARP cache, it will need to be resolved via ARP again. You will trade the ARP cache size in exchange for possible increase in ARP traffic. In addition, this configuration puts your router at the mercy of the ProxyARP mechanism running at your ISP. Should the ISP at any time deactivate the ProxyARP on its router, your internet connection will go down.

Is there any particular reason why you need to define a static default route using egress interface only?

Best regards,

Peter

Re: ARP Timeout Command

Hi Peter,

Thanks for the quick response and happy new year!

I just had an issue earlier with one of our CE router (an 1841 in this case). It hangs at least once a month. I later found out one of our network guy set the static deault route to exit on an FE interface instead of the ISP next hop IP. I've configured it to the ISP IP address and greatly reduced the ARP table afterwards.

I was just wondering if I could set the arp timeout command on both FE ports and retain the static route set earlier.

Sent from Cisco Technical Support iPhone App

Cisco Employee

Re: ARP Timeout Command

Hi John,

Happy New Year to you too!

one of our network guy set the static deault route to exit on an FE interface instead of the ISP next hop IP

That guy should be properly educated never to do such thing again.

I was just wondering if I could set the arp timeout command on both FE ports and retain the static route set earlier.

Perhaps you would save some space in the ARP table, as unused entries would expire sooner. However, by doing that, you would only force the router to send more ARP messages and update its ARP and adjacency caches with a higher frequency. You have to keep in mind that despite the ARP expiration time may be very short, the router will still, at some moment, need to know a particular IP/MAC mapping. If it does not find it in its caches, it will have to ask for it. Considering the potential need to ask for around 4 billion unique addresses in internet again and again, relying on the static default route pointing out a FastEthernet interface is just a bad idea

Best regards,

Peter

Re: ARP Timeout Command

Peter,

Thanks and as always you've cleared my doubts.

At first I thought it was some sort of DDOS attack but after I reviewed the config and made the changes, I hope it will stablize the router's CPU and memory.

Sent from Cisco Technical Support iPhone App

622
Views
5
Helpful
4
Replies
CreatePlease to create content