[c-nsp] Re-thinking (remembering) how a switch operates
Gert Doering
gert at greenie.muc.de
Tue May 10 02:50:33 EDT 2005
Hi,
On Sat, May 07, 2005 at 12:34:54AM +0200, Niels Bakker wrote:
> >On Wed, May 04, 2005 at 06:35:06PM +0200, Andre Beck wrote:
> >>End stations of today usually have ARP cache timeouts of 120s to 300s.
> >At least Linux is doing IPv4 ARP timeouting these days similar to way
> >IPv6 NUD works - "if we see no traffic from this IP/MAC combination for
> >a while, we do some ARP probing. Otherwise we assume that it's still
> >valid" - which is a good thing in large networks, avoiding unnecessary
> >ARPs...
>
> Except they do that after 30 seconds, which makes Linux boxes generate
> insane amounts of ARP traffic compared to any other host.
But isn't that probe unicasted, and thus far less harmful than hard expiring
an ARP entry and then broadcasting for it again?
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
More information about the cisco-nsp
mailing list