[j-nsp] Negative ARP caching, on an MX router (again)

Clarke Morledge chmorl at wm.edu
Mon Apr 3 13:07:27 EDT 2017


I would like to revisit a question that has come up several times on the 
list:

https://lists.gt.net/nsp/juniper/57670
https://lists.gt.net/nsp/juniper/60797

I am trying to figure out a way to cut down on unnecessary ARP requests, 
being generated by MX routers, when someone comes sweeping across my L3 
space, and triggering these unnecessary ARP broadcasts, for unused 
addresses.

There is a possible solution of ARP sponging, but it would be really, 
really nice if there was something on-board with JUNOS to handle this, 
instead a rolling out a special purpose box:

https://ams-ix.net/technical/specifications-descriptions/controlling-arp-traffic-on-ams-ix-platform

Ideally, if JUNOS could do something like this:

(a) Get a request from an incoming packet that would trigger an ARP 
request to go out.

(b) If the router does not get a response back after X number of tries in 
Y number of seconds, put some type of dummy MAC address in the ARP cache 
that can be easily sinkholed.

(c) Stay in this state for Z number of seconds, before flushing that dummy 
MAC address out of the cache, and then re-enabling ARP for that particular 
address.

(d) In addition, the router would passively listen for packets coming into 
the L3 interface that would overwrite the dummy MAC address in the ARP 
cache with a (hopefully) legitimate MAC address, which would allow the 
process to exit out of the above state, without waiting for the above "Z" 
timer to expire.

Is there any way that JUNOS on an MX could configured to do this? 
Enhancement request anyone?


Clarke Morledge
College of William and Mary
Information Technology - Network Engineering
Jones Hall (Room 18)
Williamsburg VA 23187


More information about the juniper-nsp mailing list