[c-nsp] cisco 3750 arp timeout

Church, Chuck cchurch at netcogov.com
Thu Jan 13 19:30:32 EST 2005 

Would disabling proxy-arp on that VLAN make a difference?  I'm thinking
that if the MAC for the required IP changes, you wouldn't want the
router still 'helping' and giving out the old MAC.  Or is the router the
only device these two servers are talking to, layer-3-wise?  Anyway, it
seems like there'd have to be a MS solution to it as well.  A Windoze
machine isn't going to have an ARP timeout of 1 second either.  Seems
like a client sitting on the same VLAN as the cluster would have the
same issue. 


Chuck Church
Lead Design Engineer
CCIE #8776, MCNE, MCSE
Netco Government Services - Design & Implementation Team
1210 N. Parker Rd.
Greenville, SC 29609
Home office: 864-335-9473
Cell: 703-819-3495
cchurch at netcogov.com
PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4371A48D 


-----Original Message-----
From: Matt Bazan [mailto:Mbazan at onelegal.com] 
Sent: Thursday, January 13, 2005 5:16 PM
To: rocrowe at cisco.com; Church, Chuck; cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] cisco 3750 arp timeout

This is what I'm seeing too Robert.  If I roll the resources I'm unable
to connect to virt servers.  If I then do a 'clear arp-cache' I'm able
to connect fine.  I'll do some more investigating on the M$ side of
things to see if they've got an easier work around than the one you
mentioned.  Thanks,

  Matt 

> -----Original Message-----
> From: Robert Crowe [mailto:rocrowe at cisco.com] 
> Sent: Thursday, January 13, 2005 2:14 PM
> To: Matt Bazan; 'Church, Chuck'; cisco-nsp at puck.nether.net
> Cc: rocrowe at cisco.com
> Subject: RE: [c-nsp] cisco 3750 arp timeout
> 
>  
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Matt,
> 
>         I believe I ran into the same issue your talking about awhile
> back when I was doing systems work. Our issue was with pairs of
> servers running Win2k Advanced Server and Microsoft clustering. The
> storage was EMC. It ended up being the way Microsoft clustering sends
> the gratuitous arp. One way to tell is to failover the services and
> immediately do "clear arp" on the switches they are plugged into. We
> ended writing a script that would snmp poll the virtual address for
> the hostname of the box. When a failover occurred the hostname would
> change and the script would telnet to the 2 switches and clear the
> arp entries.
> 
> 
> - -
> Robert Crowe
> 
> 
> 
> - -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Matt Bazan
> Sent: Thursday, January 13, 2005 4:49 PM
> To: Church, Chuck; cisco-nsp at puck.nether.net
> Subject: RE: [c-nsp] cisco 3750 arp timeout
> 
> Hi Chuck,
>         In this particular case I've got two 3750's in a stack and
> several MS clusters attached (one cluster node plugs into stack
> member 1, the other node into member 2) and I'm having communication
> problems reaching the cluster virtual servers when I 'roll' the
> resources over from one node in the cluster to the other.  One of my
> theories is that the stack could be having problems with the grat
> arps it's getting from the MS cluster.
> 
>         As these systems are in our data center I'll have to wait
> till the next time I'm over there to put a sniffer on the wire to see
> if I can glean more info.
> 
>         In the meantime, to attempt to rule out a grat arp issue, I
> was trying to get the ciscos to not cache the cluster's virt server
> IP and associated MAC. 
> 
>   Matt
> 
> > -----Original Message-----
> > From: Church, Chuck [mailto:cchurch at netcogov.com]
> > Sent: Thursday, January 13, 2005 1:19 PM
> > To: Matt Bazan; cisco-nsp at puck.nether.net
> > Subject: RE: [c-nsp] cisco 3750 arp timeout
> >
> > Matt,
> >
> >       On a side note, why are you trying to do this?  Rodney
> > mentioned the CEF issue.  Are you trying to speed up HSRP/VRRP or
> > something along those lines?  Just curious...
> >
> >
> > Chuck Church
> > Lead Design Engineer
> > CCIE #8776, MCNE, MCSE
> > Netco Government Services - Design & Implementation Team 1210 N.
> > Parker Rd.
> > Greenville, SC 29609
> > Home office: 864-335-9473
> > Cell: 703-819-3495
> > cchurch at netcogov.com
> > PGP key:
> > http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4371A48D 
> >
> >
> > -----Original Message-----
> > From: cisco-nsp-bounces at puck.nether.net
> > [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Matt Bazan
> > Sent: Thursday, January 13, 2005 3:23 PM
> > To: cisco-nsp at puck.nether.net
> > Subject: [c-nsp] cisco 3750 arp timeout
> >
> > I've got a number of interfaces on one of my 3750's (IOS 12.1(11)AX
> > SMI) that I've set the arp timeout to be one second.  However, the
> > entries in the arp cache continue to show up until the default arp
> > timeout has been reached.  It was my understanding that setting the
> > arp timeout per interface to 1 would clear these entries after 1
> > second.  Am I misunderstanding how this command works?  If so, is
> > there a command to remove entries from the arp cache after 1
> > second?  Thanks,
> >
> >   Matt
> >
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/ 
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 8.1
> 
> iQA/AwUBQebyks6DimsZpmH4EQJZxQCffOhvudUKeWLCX1HQnyLaZv0U22wAn3qm
> xT6jWknLf+Aoi9uV+5yN4Xrc
> =ym4x
> -----END PGP SIGNATURE-----
>  
>

More information about the cisco-nsp mailing list