Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Stop ARP requests on router

Hi,

We have a router (7206) which connected to client device in /30 IP segment, but this device is a switch which connected to many more devices.

Doing packet capture on our router interface unravel many ARP requests whcih comes from the client switch.

Is there any feature or command which we can stop this?

Thanks ahead.

Tal M.

Everyone's tags (7)
4 REPLIES
Silver

Stop ARP requests on router

try using the command below in interface config mode:

switchport port-security maximum xx vlan x

where xx is max number of arp enteries you want and x is vlan id.

---

Posted by WebUser Neeraj Jagga from Cisco Support Community App

Bronze

Stop ARP requests on router

Is your switch is ARP requests source itself or these requests are users-generated?

Which IP these ARPs are requesting for?

New Member

Stop ARP requests on router

On my side there is a router which connected to the customer end device - a switch, the customer probably connected a router and some more devices to his switch. Now I'm getting an ARP requests frames on my router interface which doesn't belong to my router (MAC address) and I guess that they belong to the other devices which connected to the customer switch.

is there any way to stop these ARP request frames?

Bronze

Stop ARP requests on router

OK. Short answer is - NO, you can not stop your customer's switch send ARPs. Because you are recieving side and may only block requests. There is no such signalling that allows you manage remote switch or make something alike.

But... ARPs are broadcasts and therefore your router needs to receive them and make something before throwing away. There are a number of tools you may use to optimize this behavior:

- ARP authorize - allows you to ignore ARPs that received not from known entities (known are static and DHCP-based)

- use MQC (match protocol ARP with some add-ons) to drop unneccessary ARPs inbound

- may be something else...

Of course, the best way to resolve the task is to use your customer switch's capabilities if it is possible.

1809
Views
0
Helpful
4
Replies