[c-nsp] unknown unicast flooding - particularly regarding fhrp's

Randy randy_94108 at yahoo.com
Mon Jan 21 17:55:44 EST 2013 

IIRC, Cisco attempts a unicast refreash 60 seconds prior to expiration and again at-expiration if former fails.

I can't quiet remember but I think Rodney Dunn from Cisco had provided a very good explanation of the internals. Look for "ARP strangeness" or something like that in the archives from about a year ago.

./Randy

--- On Mon, 1/21/13, Aaron <aaron1 at gvtc.com> wrote:

> From: Aaron <aaron1 at gvtc.com>
> Subject: Re: [c-nsp] unknown unicast flooding - particularly regarding fhrp's
> To: "'Lee'" <ler762 at gmail.com>, cisco-nsp at puck.nether.net
> Date: Monday, January 21, 2013, 2:04 PM
> No arp entry, means router arps out
> to resolve l2 mac address of course
> 
> No answer to first ping is common and I recently read that
> it has something
> to do with CEF throttling while it builds adjacency table
> entry
> 
> about the 5 minute arp timeout scenario....i believe that
> there is something
> within cisco ios that when the arp timeout period elapses,
> (and I believe it
> might be at half-life of timeout perios or something like
> that) that the
> router itself actually proactively arp's out even before
> real traffic is
> coming for that destination....in other words I think the
> router tries to
> reach out to the pre-existing arp entries to see if they
> still exist at arp
> timer halflife or something like that.  I think I saw
> that while doing
> "debug arp" or something like that one day a while back
> 
> aaron
> 
> 
> 
>  
> 
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net]
> On Behalf Of Lee
> Sent: Monday, January 21, 2013 12:23 PM
> To: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] unknown unicast flooding - particularly
> regarding
> fhrp's
> 
> On 1/21/13, Aaron <aaron1 at gvtc.com>
> wrote:
> > Arp timers are central, bridge timers are more
> distributed
> >
> > Arp timers I believe are specific to svi/bvi/routed
> interfaces, bridge 
> > timers I believe are more global and may not be vlan
> specific
> >
> > Those 2 items would lead me to think arp timers would
> be the best 
> > place to adjust
> 
> What happens when the router doesn't have an arp
> entry?  When I ping an idle
> host I don't get an answer to the first ping.  So if
> you set the arp timeout
> to 5 minutes does that mean the 1st packet to a host that's
> been idle >= 5
> minutes is dropped?
> 
> Thanks,
> Lee
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list