[c-nsp] ARP behavior
Joshua Morgan
joshua.morgan at gmail.com
Fri Mar 2 00:52:22 EST 2012
CEF has ARP throttling. Essentially, it installs a drop adjacency for the
host whilst it is waiting for an ARP reply from the host. So, the first
packet should result in an ARP being sent out but subsequent packets will
just be dropped.
I'm not sure of the timing of ARP throttling. That is, how long the drop
adjacency lives for. Maybe someone else can chime in about that.
Josh
On Fri, Mar 2, 2012 at 3:30 PM, Chuck Church <chuckchurch at gmail.com> wrote:
> Hey all,
>
>
>
> I'm curious as to how ARP behaves on a LAN. After looking
> at a router with high amounts of process switched traffic, I discovered
> that it's mostly ARP traffic, both in and out. Looking at CEF statistics,
> I
> see a lot of encapsulation failed type drops. Which are tied to an
> 'Incomplete' entry in the ARP table. Nothing new there. But thinking
> about
> it:
>
>
>
> If a router gets a packet destined to a (potentially) locally connected
> Ethernet host, does it ARP for that host (if unknown) for every packet
> destined to the host?
>
>
>
> If not, does it just drop packets for a certain time frame, maybe tied into
> how long the 'incomplete' entry stays in the ARP table?
>
>
>
> Reading the RFC didn't really clarify the behavior, nor did googling 'ARP
> incomplete timeout' or other variants. It's hard to determine how long a
> router maintains that 'incomplete' entry. Anyone have an idea?
>
>
>
> Thanks,
>
>
>
> Chuck
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list