Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Gratuitous ARP

I would like to understand whether/how the 'no ip gratuitous-arps' command impacts the functionality of server NIC failover.

The network is based on Cisco Catalyst 6500 runnning native IOS (single IOS) with VLANs seperating the various server and user platforms.

During packet capture investigations Sun servers with IPMP and Microsoft Exchange clusters use Gratuitous ARPs to inform the network of the change to the MAC address that is bound to the virtual IP address.

If we deploy the 'no ip gratuitous-arps' command, as noted in security recommendations, will this stop the switches from updating the change of MAC address to virtual IP address when we have a NIC failover? Therefore breaking the failover process.

Looking at the Command Reference guide, it talks about local pools and PPP connections. With this in mind, I am wondering whether this command only works with PPP connections. Hence my confusion.

Hope someone can help.

Kind regards,

Ian

1 REPLY

Re: Gratuitous ARP

""Looking at the Command Reference guide, it talks about local pools and PPP connections. With this in mind, I am wondering whether this command only works with PPP connections. Hence my confusion.""

No, gratuitous arp works with many failover situations and not just PPP, HSRP is one of them.

""If we deploy the 'no ip gratuitous-arps' command, as noted in security recommendations, will this stop the switches from updating the change of MAC address to virtual IP address when we have a NIC failover? Therefore breaking the failover process""

As per the CLI description "gratuitous-arps Generate gratuitous ARPs for PPP/SLIP peer addresses" it should only disable the switch/router from generating gratuitous ARPs. However, I believe the switch should still flush out the ARP entry when it receives a gratuitous ARP message from the server itself.

HTH

Sundar

816
Views
0
Helpful
1
Replies
CreatePlease login to create content