Adjusting Aging Parameters of Dynamic ARP Entries
Context
Properly adjusting aging parameters of dynamic ARP entries improves network reliability.
Aging time of dynamic ARP entries
After the aging time of a dynamic ARP entry is reached, the device starts ARP aging probing. If the aging time is too short (for example, 1 minute), the device may consume too many resources updating dynamic ARP entries. If the aging time is too long (for example, 15 hours), the device cannot efficiently update dynamic ARP entries. The default aging time (20 minutes) is recommended.
Number of aging probes to dynamic ARP entries
Before aging a dynamic ARP entry, the device sends probes to detect the status of the entry. If the device receives no response for updating the entry after the specified number of probes, the device deletes the ARP entry.
Aging detection mode of dynamic ARP entries
Before an ARP entry is aged, an interface sends an ARP aging probe packet. When the MAC address of the peer device remains the same, you can configure an interface to unicast ARP aging probe packets.
Aging and updating of dynamic ARP entries are affected if a device performs Layer 2 topology detection, responds to TC BPDUs, or deletes dynamic ARP entries after a delay.
Procedure
- Adjust aging parameters of dynamic ARP entries.You can adjust the aging parameters of dynamic ARP entries in both the system view and interface view.
- If you configure the parameters only in the system view, the configuration takes effect for the dynamic ARP entries learned on all interfaces of the device.
- If you configure the parameters in both the system and interface views, the configuration in the interface view takes effect only for the dynamic ARP entries learned on the interface specified.
- You cannot adjust the aging parameters of dynamic ARP entries on sub-interfaces. If you configure the parameters on the master interface, the configuration takes effect for the dynamic ARP entries learned on the sub-interfaces. If you do not configure the parameters on the master interface, the configuration in the system view takes effect for the dynamic ARP entries learned on the sub-interfaces.
Adjust aging parameters of dynamic ARP entries in the system view.
Run system-view
The system view is displayed.
Adjust aging parameters of dynamic ARP entries.
Run the arp expire-time expire-time command to set an aging time for dynamic ARP entries.
By default, the aging time of dynamic ARP entries is 1200 seconds (20 minutes).
Run the arp detect-times detect-times command to set the number of aging probes for dynamic ARP entries.
The default number of aging probes for dynamic ARP entries is 3.
Adjust aging parameters of dynamic ARP entries in the interface view.
Run system-view
The system view is displayed.
Run interface interface-type interface-number
The interface view is displayed.
Adjust aging parameters of dynamic ARP entries.
Run the arp expire-time expire-time command to set an aging time for dynamic ARP entries.
By default, the aging time of dynamic ARP entries is 1200 seconds (20 minutes).
Run the arp detect-times detect-times command to set the number of aging probes for dynamic ARP entries.
The default number of aging probes for dynamic ARP entries is 3.
Run the arp detect-mode unicast command to configure an interface to send ARP aging probe packets in unicast mode.
By default, an interface only broadcasts the last ARP aging probe packet, and unicasts other ARP aging probe packets.
- Configure the functions that may affect dynamic ARP entry update.
Enable Layer 2 topology detection.
If no STP protocol is configured on a ring network (for example, STP is not required if the device can determine the master and backup links), Layer 2 topology detection can be enabled to ensure real-time update of dynamic ARP entries.
Layer 2 topology detection enables the system to update all the ARP entries in the VLAN to which a Layer 2 interface belongs when the interface status changes from Down to Up.
Run system-view
The system view is displayed.
Run l2-topology detect enable
Layer 2 topology detection is enabled.
By default, Layer 2 topology detection is disabled.
Disable a device from responding to TC BPDUs.
When a network topology changes, STP sends topology change (TC) BPDUs to all devices on the network. By default, a device updates ARP entries after receiving TC BPDUs. However, if a network topology frequently changes or an interface connecting a device to user terminals is not configured as an edge interface, the large number of TC BPDUs will affect ARP entry update and maintenance as well as user services. To address these problems, disable the device from responding to TC BPDUs.
Run system-view
The system view is displayed.
Run arp topology-change disable
The device is disabled from responding to TC BPDUs.
By default, a device either ages or deletes ARP entries after receiving TC BPDUs, depending on whether they are running in the fast or normal STP convergence mode.In fast mode, the device directly deletes the mapping ARP entry after receiving a TC BPDU.
In normal mode, the device immediately ages the mapping ARP entry after receiving a TC BPDU by setting the entry's remaining life time to 0. If the number of ARP aging probes configured is greater than 0, the device detects whether the ARP entry ages.
When a device is disabled from responding to TC BPDUs, you are advised to run the mac-address update arp command to enable the MAC address-triggered ARP entry update function. This ensures real-time updates of dynamic ARP entries.
Configure a device to delete dynamic ARP entries after a delay if a VLANIF member interface goes Down.
By default, when a VLANIF member interface goes Down, the device immediately deletes the dynamic ARP entries learned by the member interface. The VLANIF interface then needs to relearn all ARP entries to forward user traffic. However, in some scenarios (for example, the ring or dual-homed networking), a VLANIF member interface going Down may mean that the outbound interface of the ARP entry is changed rather than deleted.
In this scenario, the device can be configured to delete dynamic ARP entries after a delay to ensure service continuity. When the member interface goes down, the switch will broadcast ARP probe packets and only delete (or update) ARP table entries depending on the ARP reply packets it receives.
The following figure shows an example of this.
In Figure 1, the gateway Switch_1 connects to Host_4 through IF3 that is Up. If IF3 goes Down, Switch_1 immediately deletes the dynamic ARP entry mapping Host_4 and triggers ARP entry relearning through user service traffic for traffic convergence. After relearning the entry, Switch_1 connects to Host_4 through IF2. If the gateway is connected to many users, user services are interrupted while the entries are being relearned.
However, if Switch_1 is configured to delete dynamic ARP entries after a delay, Switch_1 does not delete dynamic ARP entries immediately when a VLANIF member interface goes Down. Instead, it first sends ARP aging probe packets and then deletes or updates ARP entries depending on whether it receives ARP reply packets within the ARP aging time:- If Switch_1 does not receive ARP reply packets, it deletes the dynamic ARP entries.
- If Switch_1 receives ARP reply packets, it updates ARP entries based on information contained in the ARP reply packets.
Run system-view
The system view is displayed.
Run interface vlanif vlan-id
A VLANIF interface is created and the VLANIF interface view is displayed.
Run arp purge slowly
The interface is configured to delete dynamic ARP entries after a delay.
By default, interfaces are not configured to delete dynamic ARP entries after a delay.
On a device configured to delete dynamic ARP entries after a delay, run the mac-address update arp command to enable the MAC address-triggered ARP entry update function. This ensures real-time updates of dynamic ARP entries.
