cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7588
Views
5
Helpful
7
Replies

ARP Flooding

Anukalp S
Level 1
Level 1

Hello, Could you please confirm while extending EPG out where L3 gateway is out of ACI fabric, should we enable or disable the ARP flooding option, i know L2 unknown unicast and L3 unknown multicast should be set to Flood but not sure about ARP flooding.pls help.

1 Accepted Solution

Accepted Solutions

Sergiu.Daniluk
VIP Alumni
VIP Alumni

Hi @Anukalp S 

Before answering the question, let's discuss what happens in each scenario of the ARP flooding setting:

  1. ARP Flood is off, then ARP Request is handled as L3 Unicast with Target IP:
    • If IP is learned on ingress Leaf, Ingress Leaf forwards ARP Req directly to dest
    • If IP is not learned on ingress Leaf, Ingress Leaf forwards ARP Req to Spine. Spine will forward it to Leaf on which DstIP resides
    • If IP is not learned even on Spine, the ARP Req is dropped and ARP Glean (only within the BD).
  2. ARP Flood is on, then ARP Request is always flood ARP Request within the same BD.
    • Flood as broadcast if DST MAC is FFFF.FFFF.FFFF
    • EP IP Data is not used for forwarding but still Sender IP is learned if Unicast Routing is enabled.

Now, if you have the L3 GW outside of the Fabric, you most likely have the BD in L2. In this case, what you really need to configure is ARP Flood on. If, for whatever reason, you have the BD in L3, then is debatable which option might be more suitable.

Additional note: If you have silent hosts in your network, then ARP Flooding ON is a must.

 

Stay safe,

Sergiu

View solution in original post

7 Replies 7

Sergiu.Daniluk
VIP Alumni
VIP Alumni

Hi @Anukalp S 

Before answering the question, let's discuss what happens in each scenario of the ARP flooding setting:

  1. ARP Flood is off, then ARP Request is handled as L3 Unicast with Target IP:
    • If IP is learned on ingress Leaf, Ingress Leaf forwards ARP Req directly to dest
    • If IP is not learned on ingress Leaf, Ingress Leaf forwards ARP Req to Spine. Spine will forward it to Leaf on which DstIP resides
    • If IP is not learned even on Spine, the ARP Req is dropped and ARP Glean (only within the BD).
  2. ARP Flood is on, then ARP Request is always flood ARP Request within the same BD.
    • Flood as broadcast if DST MAC is FFFF.FFFF.FFFF
    • EP IP Data is not used for forwarding but still Sender IP is learned if Unicast Routing is enabled.

Now, if you have the L3 GW outside of the Fabric, you most likely have the BD in L2. In this case, what you really need to configure is ARP Flood on. If, for whatever reason, you have the BD in L3, then is debatable which option might be more suitable.

Additional note: If you have silent hosts in your network, then ARP Flooding ON is a must.

 

Stay safe,

Sergiu

Hi,Thanks for detailed information.

Pleasure all mine @Anukalp S

Feel free to the community about any other questions or concerns you have!

 

Stay safe,

Sergiu

 

a

I noticed in ACIv4 ARP Flooding is enabled by default.   Is that new with ACIv4?   Was always un-checked before.  What is the reasoning for the change?

Thanks --dan

@dkmurray55,
Yes, ARP flooding is enabled by default when you create a bridge domian, thanks

I hate flogging a dead thread - but for the record:

In early versions of ACI, ARP flooding was DISABLED by default when you selected Optimize for the Forwarding option

In later versions - until about 5.2 (from memory - may have been 5.0) ARP flooding was both DISABLED or ENABLED by default (when you selected Optimize for the Forwarding option) depending on whether you created the BD via the right-click method or used drag-and-drop from the Tenant > Networking graphic.

From about 5.2 onwards, the default when you selected Optimize for the Forwarding option has been to enable ARP flooding

In other words, Cisco has NO IDEA what Optimize means when it come to ARP flooding!!!!  This has bugged me for some time.  See my previous rants at https://community.cisco.com/t5/application-centric-infrastructure/why-the-change-of-heart-re-quot-optimized-quot-forwarding-to/m-p/4032264/highlight/true#M7831 and https://community.cisco.com/t5/application-centric-infrastructure/discussion-cisco-aci-ui-inconsistencies-please-contribute/m-p/4460787/highlight/true#M11070

 

 

 

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Save 25% on Day-2 Operations Add-On License