Using the arp-limit command, you can limit the maximum number of dynamic Address Resolution Protocol (ARP) entries that an interface can learn.
Using the undo arp-limit command, you can restore the default setting.
By default, the maximum number of dynamic ARP entries that an interface can learn is 262144.
| Parameter | Description | Value |
|---|---|---|
| maximum limitnum |
Specifies the maximum number of the ARP entries that the interface can learn. |
The value is an integer ranging from 1 to 262144. The value range of this parameter is controlled by the PAF. After the PAF is loaded, the value range of this parameter is from 1 to 344064. The value is an integer that ranges from 1 to 344064. |
100ge sub-interface view, 100GE interface view, 10GE sub-interface view, 10GE interface view, 200GE sub-interface view, 25GE sub-interface view, 25GE interface view, 400GE sub-interface view, 400GE interface view, 40GE sub-interface view, 40GE interface view, 50GE sub-interface view, 50GE interface view, Eth-Trunk sub-interface view, Eth-Trunk interface view, FlexE interface view, GE optical interface view, GE sub-interface view, GE interface view, GE electrical interface view, Global VE sub-interface view, PW-VE sub-interface view, PW-VE interface view, VBDIF interface view, VE sub-interface view, VLANIF interface view, Management interface view
Usage Scenario
If an unauthorized user sends a large number of ARP messages to a device, the device learns a large number of ARP entries in a short period of time, causing the ARP buffer to overflow. As a result, normal operation of the network is affected. To address such a problem, you can set the maximum number of ARP entries that each interface can learn. The ARP entries include dynamic entries learned through ARP packets, dual-device hot backup entries, and redirection entries synchronized remotely through BGP EVPN routes.
Configuration Impact
If the number of ARP entries that an interface can learn changes, and the number of the learned ARP entries exceeds the changed value, the interface cannot learn additional ARP entries. You can delete the excess ARP entries based on the system prompt.
If this command is run more than once, all configurations take effect.Precautions
If a common sub-interface is limited in ARP entry learning and configured as a QinQ sub-interface, the ARP learning limit is deleted.
If a QinQ sub-interface is limited in ARP entry learning and the QinQ configuration is deleted from the sub-interface, the ARP learning limit is unavailable.