There's a mobile version of our website.
I was reading a book on Cisco routers in which the author says : "The router resets the ARP age counter to zero whenever it sees valid traffic from the corresponding device. This ensures that the addresses of active devices are never flushed out of the cache, no matter how long they have been known."
I am really surprised about that because I have always thought that the ARP age counter was an absolute counter and not relative to the last time a packet was seen coming from the corresponding IP. After reading this, I made some tests which tend to confirm that the ARP age counter is absolute and does not care whether we have active traffic from the corresponding IP or not.
QUESTION 1 : can somebody confirm this please ?
I am unable to find clear assertions in Cisco documentation.
QUESTION 2 : when does the router send a new ARP request ?
For example, when the ARP timeout is 4 hours or 240 minutes (Cisco default value), the router sends an ARP request when reaching 239 minutes (1 minute before the expiration time). Is this value a fixed one (we send an ARP request 1 minute before aging) or is it a relative value (x % of the timeout value) ?
Thanks for your help.
It is as you read in the book: tha ARP counter is reset to 0 when traffic is seen from/to the device. The new ARP request would be sent after 4 hours (240) minutes or after a 'clear arp' command.
I believe that Sam may be referring to a section in the IOS Cookbook which does say that the router resets the ARP timer when it sees traffic from a host. I do not agree with Matthias that this is correct. My experience with Cisco routers is that the ARP timer counts down even if it is receiving traffic from a host.
I know that Cisco routers will send an ARP request for an entry in the ARP table before that entry actually expires. I do not have anything right now that tells us how that interval is determined (fixed value or percentage). And I do not know of any command that would allow us to change the interval.
I agree with Richard when he says "I do not agree with Matthias that this is correct"
I confirm that this sentence comes from the "Cisco cookbook" and my own experience also proves that this is untrue. So I don't understand why the author stated that so clearly in the aforementionned book...
I don't understand either why Cisco does no clearly indicates in its operating documentation how the ARP aging timer works on its routers. If an ARP request is issued a short time before the timer ages, why can't they write this down in the documentation ? This is an important point and a few more words just to explain that wouldn't cost a lost...
I have some additional information that might help. I found a posting from a senior Cisco engineer that gives some information about the behavior of ARP in Cisco IOS. He says clearly (and has an example) that if Cisco receives an ARP request from a host it will use that request to refresh the ARP entry and reset the timer for that entry without doing its own ARP request. This may be the behavior that they were trying to talk about in the IOS Cookbook.
He also talks about doing a unicast ARP request 60 seconds before the entry expires so that the entry can be updated. He does not say specifically but I believe that this interval is fixed.
Here is the link if you want to see the details:
As for the error in the book, I have worked as a reviewer on a couple of books and can tell you that the authors and the reviewers work hard to get things right. But sometimes errors are not caught and appear in the publication. With the amount of detail covered in the book a few mistakes are bound to creep through.
Thanks Richard for this very good answer.
For sure the book I mentionned did not explain the behavior well...
When they say "The router resets the ARP age counter to zero whenever it sees valid traffic from the corresponding device.", they should have said instead "The router resets the ARP age counter to zero whenever it sees ARP requests from the corresponding device".
This is absolutely different and important to notice the difference.
Important also to know that the router refreshes its arp cache 60 seconds before the entry expires.
Thanks a lot !
Login to share your discussion activity with your friends on Facebook. You can control what you share and turn off sharing anytime.
Your Facebook friends can now see that you have started this discussion
Your Facebook friends can now see that you have commented on this discussion
Your Facebook friends can now see that you have read this discussion