Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

ARP entry for every destination?!

I've got a weird situation that I can't figure out. I have a 2611 with 2 ethernet interfaces. e0/0 is facing my access network via an RFC1483 bridged DSL service. e1/1 is facing my LAN. When I look at the arp table on the 2611, I see thousands of arp entries in the table and through further investigation, the router is putting every destination into the arp table with the MAC address of the far end of this DSL connection (a 7206VXR acting as the DSL concentrator).

I have no idea what's causing this or how to fix it. I updated the code on the 2611 to 12.2.11T8 and the problem persisted.

Anyone have any ideas?

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: ARP entry for every destination?!

Have not seen this before but does your default route point to e0/0 or the next hop address? If its the interface the router may be arping for anyone that can get to the destination.

10 REPLIES
Bronze

Re: ARP entry for every destination?!

Is the subnet mask on your e0/0 interface correctly set (or correctly received via dhcp or ppp)?

New Member

Re: ARP entry for every destination?!

Yeah, that netmask on e0/0 is .252. The network on that interface is statically assigned. The other end is .252 as well.

Bronze

Re: ARP entry for every destination?!

Have not seen this before but does your default route point to e0/0 or the next hop address? If its the interface the router may be arping for anyone that can get to the destination.

New Member

Re: ARP entry for every destination?!

Very interesting hypothesis. It was infact configured for e0/0. I reconfigured it to be the next-hop and I will see if this helps.

Question: Why does it matter? Are there notes on this anywhere? I'd like to understand why it makes a difference between one and the other.

Thanks again!

New Member

Re: ARP entry for every destination?!

Welp, this was exactly the problem. Thanks alot!! I'd still like to know what causes this behavior though :)

Bronze

Re: ARP entry for every destination?!

I'm confused by it myself but tried it in my lab and it does work that way. Normally it would not arp for something not on the attached network but since the default was pointed to a broadcast interface there isnt much else it can do.

Bronze

Re: ARP entry for every destination?!

This happens because for every packet out the interface, the router sends an ARP request when the routing table directs the packet to the interface instead of the next hop. Of course, the DSL device on the LAN responds with its own MAC address. This is the nature of sending a packet out an ethernet interface - basically ARP for everything. Without a specific next-hop, the router doesn't know to do anything else.

When the routing table directs the packets to a specific gateway on the connected network, the router will only ARP for that device (and this should happen very seldom since there is likely to be continuous traffic sent to that network, so the ARP entry will not age out very often) and send ethernet frames, carrying the IP packet, directly to that gateway.

I hope this clears things up.

Mark

New Member

Re: ARP entry for every destination?!

Yes, makes perfect sense. Thanks Mark, and thanks to everyone else who had feedback on this problem.

Bronze

Re: ARP entry for every destination?!

Weird indeed. First thoughts:

- sniff the e0/0 interface to see what happens (who is sending arp requests, who is replying)

- debug arp on the local router and/or the 7206 (whatch out for impact on router load)

- check if perhaps "ip proxy-arp" is configured on the 7206 interface to you

Please keep us posted, it's an interesting problem :)

cheers

Herbert

PS: I see the problem has already been solved. never mind :)

Silver

Re: ARP entry for every destination?!

Well it an interesting problem, but it goes via the way ip routing works.

Case 1. Device tries to reach another device it believes is directly connected.

In this case the device does an arp broadcast to get the device mac address. The IP packet destined to the device is then sent with the ip address and the mac address of the destined device

Case 2. Device tries to reach another device it believes is not directly connected.

The router in this case does an arp broadcast for the gateway or next hop device. It then creates the ip packet with the MAc address of the next hop device with the ip address of the destined device.

In your scenario, when a route is set on a router to point to an interface, it believes that the network is directly connected. It therefore does an arp broadcast for every host the route applies to. The default behaviour of cisco router is to do proxy arp for known routes. Hence, the 7206 replies with its MAC address, and the 2611 truly believes that its the mac address of the device. If arp proxy is disabled on the 7206, your routing will not work anymore. The behaviour is the reason why next hop address is often preferred to interface addresses.

145
Views
5
Helpful
10
Replies
CreatePlease to create content