[c-nsp] Is there sticky ARP functionality on Private VLAN in NX-OS
Stoward, Matt
Matt.Stoward at team.telstra.com
Wed Mar 21 21:14:16 EDT 2012
Hi all,
When configuring PVLANs in IOS, the L3 SVIs automatically get sticky ARP turned on and to remove it is quite simple.
In NX-OS things are a little uncertain. It is implied that the behavior is the same but I don't think it actually is. On the Cisco site in http://docwiki.cisco.com/wiki/Cisco_Nexus_7000_Series_NX-OS_Troubleshooting_Guide_--_Troubleshooting_VLANs , and to quote: "Note: We recommend that you enable sticky Address Resolution Protocol (ARP) when you configure private VLANs. ARP entries learned on Layer 3 private VLAN interfaces, or SVIs, are sticky ARP entries. For security reasons, private VLAN port sticky ARP entries do not age out. "
This is the only reference I can find to sticky ARP anywhere (except for a couple of similar looking entries for this like the 1000V). Is this quite possibly an error in documentation? Having sticky ARPs in a big virtualized environment is going to break things for the sever guys and I want to ensure I head this off before it becomes a problem.
Regards,
Matt
More information about the cisco-nsp
mailing list