[c-nsp] glbp migration to hsrp anycast
Sascha Pollok
nsp-list at pollok.net
Tue Jun 12 04:08:20 EDT 2012
Gents and Ladies,
[...]
>> Will all servers update their arp table, if the hsrp function propagates
>> gratious arp.
>
> I've never seen this fail except on REALLY REALLY old things; Solaris 2.6 had
> a problem, IIRC.
We saw firewalls of customers not accepting ARP-Replies when no ARP
whohas was sent before. We debugged ARP and found out that it refreshes
its ARP-table every 30 minutes so we waited 2 seconds before end of the
30-minutes interval and made the switch so the new MAC was there once
the firewall expired its ARP cache.
Very annoying security feature ;-)
-Sascha
More information about the cisco-nsp
mailing list