Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
463
Views
4
Helpful
4
Replies

why my switch clients keep ARP for gateway address?

paulnigel
Level 1
Level 1

‎10-19-2006 06:44 PM - edited ‎03-05-2019 12:21 PM

Hi Forum,

I have hsrp running on my 2 core switches. I cannot understand why when I run ethereal to capture the traffic, I see my switch clients keep ARP for the virtual IP(my gateway for each vlan) mac address. my arp aging time is default 5 mins. Is there anything wrong with my configuration?

Thank you,

paul

Labels:
0 Helpful
4 Replies 4

andrew.burns
Level 7
Level 7

‎10-20-2006 01:01 AM

Hi,

It doesn't sound like anything is wrong - but remember that whether your clients arp or not depends on that clients arp timeout (not the switch arp timeout).

For example, say a client has an arp timeout of 5 mins (I think NT had a default of 2 minutes, Solaris 5 minutes and W2K had 10 mins - or something like that) anyway, whenever the client stops sending data to the default gateway the local arp entry will timeout and be removed from the local cache after 5 mins. Then, as soon as the client needs to send some more data the first thing it will do is arp for the default gateway again. (or arp for the actual destination if it's on the local lan.)

So, it's probably nothing to worry about unless you are having specific problems.

HTH

Andrew.

0 Helpful

paulnigel
Level 1
Level 1
In response to andrew.burns

‎10-20-2006 01:14 AM

Thank you. Andrew. Coz my boss is asking me to look for unwanted traffic/protocols in the network and remove them.:>

0 Helpful

andrew.burns
Level 7
Level 7
In response to paulnigel

‎10-20-2006 02:29 AM

Hi,

ARP is a core protocol so unless it's causing real problems it's best to let it quietly carry on in the background. (A common cause of unwanted protocols/traffic are network printers which often have all protocols on by default, i.e. novell, appletalk, etc.)

Also, instead of spending a lot of time looking for traffic which may not be causing problems a better investment of time might be to set up traffic monitoring (see www.mrtg.org for eample) - graphs are always good for impressing managers and are an indispensable trouble-shooting tool.

HTH - plz rate useful posts

Andrew.

paulnigel
Level 1
Level 1
In response to andrew.burns

‎10-22-2006 03:45 PM

Hi Andrew,

We just got a copy of the PRTG, it is impressive.

you are right, most of the unwanted noise are from printers. However, I do have older PCs with unwanted protocols turned on. How do I pin-point PCs or how do I scan the network for PCs that has unwanted protocols turn on and produce a list of that?

Thanks much,

paul

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card