arp optimized-reply disable
Function
The arp optimized-reply disable command disables the optimized ARP reply function.
The undo arp optimized-reply disable command enables the optimized ARP reply function.
By default, the optimized ARP reply function is enabled.
Usage Guidelines
Usage Scenario
When a stack of multiple switches functions as an access gateway, the stack can receive a large number of ARP packets requesting for the stack's interface MAC address. If all these ARP Request packets are sent to the master switch, the CPU usage of the switch increases, and other services are affected.
- When receiving an ARP Request packet of which the destination IP address is the local interface address, the switch where the interface is located directly returns an ARP Reply packet.
- When a stack system receives an ARP Request packet of which the destination IP address is not the local interface address and intra-VLAN proxy ARP is enabled on the master switch, the switch where the interface is located checks whether the ARP Request packet meets the proxy condition. If so, the switch returns an ARP Reply packet. If not, the switch discards the packet.
- If there is a corresponding ARP entry, the stack performs optimized ARP reply to this ARP Request packet.
- If there is no corresponding ARP entry, the stack does not perform optimized ARP reply to this ARP Request packet.
Precautions
- The optimized ARP reply function does not take effect for ARP Request packets with double VLAN tags.
- The optimized ARP reply function takes effect for ARP Request packets sent by wireless users.
- The optimized ARP reply function takes effect only for the ARP Request packets received by VLANIF interfaces, VBDIF interfaces, Eth-Trunk sub-interfaces, and physical sub-interfaces. The optimized ARP reply function does not take effect for the ARP Request packets sent from the VLANIF interfaces of super VLANs. The optimized ARP reply function takes effect for the ARP Request packets sent from the VLANIF interfaces of MUX VLANs, but it do not take effect when the ARP request packet carries the Group VLAN or Separate VLAN.
The optimized ARP reply function takes effect only for the ARP Request packets received by the Eth-Trunk sub-interfaces and physical sub-interfaces of the S5720-HI, S5730-HI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-HI, S6730-H, S6730S-H, S6730-S, and S6730S-S.
- The optimized ARP reply function does not take effect globally or on interfaces after you run any of the following commands:
- ip address ip-address { mask | mask-length } sub: configures secondary IP addresses for interfaces.
- arp anti-attack gateway-duplicate enable: enables the ARP gateway anti-collision function.
- arp ip-conflict-detect enable: enables IP address conflict detection.
- arp anti-attack check user-bind enable: enables dynamic ARP inspection (DAI).
When DAI is enabled in the physical interface view, the optimized ARP reply function does not take effect on the device where the physical interface resides. When DAI is enabled in the Eth-Trunk view or VLAN view, the optimized ARP reply function does not take effect globally.
- dhcp snooping arp security enable: enables egress ARP inspection (EAI).
- arp over-vpls enable: enables ARP proxy on the device on a VPLS network.
- arp-proxy enable: configures the routed ARP proxy function.
- arp-proxy inter-sub-vlan-proxy enable configures inter-VLAN proxy ARP function.
- After the optimized ARP reply function is enabled, the following functions become invalid:
- ARP rate-limiting based on source MAC addresses (configured using the arp speed-limit source-mac command)
- ARP rate-limiting based on source IP addresses (configured using the arp speed-limit source-ip command)
- Global ARP rate-limiting, ARP rate-limiting in VLANs, as well as ARP rate-limiting on interfaces (configured using the arp anti-attack rate-limit enable command)