Thank you for detailed reply,
long story short, I am not using any IGMP snooping , IPv6 etc that means i don't need double-wide tcam for arp-ether. right?
I have following 3 counter question while we talking about arp-suppression.
1. I am trying to reduce one more 512 slice of tcam from RACL and i got following warning, I am not running any ACL or anything but its saying 1 entry is in tcam not sure what is that and how to verify if any one using any IPv4 ACL in tcam. Just wanted to make sure before i ignore this error
leaf-1-1(config)# hardware access-list tcam region racl 0
WARNING: On module 1, 1 entries are in use in the region IPV4 RACL [racl] on instance 0, but carving size is 0 [0*1].
Warning: Please save config and reload the system for the configuration to take effect
2. I have my leaf switches in Cisco vPC pair and when i am going to add or remove arp-suppression to one of my VNI and i am seeing it freezed traffic for 40sec and none of my host can ping in that VLAN (look like it bringing down whole NVE or vPC). This is what i am going, as soon as i added suppress-arp
leaf-1-1(config)# interface nve1
leaf-1-1(config-if-nve)# member vni 10100
leaf-1-1(config-if-nve-vni)# suppress-arp
My ping to host stopped and i am seeing following result on vPC (Per-vlan consistency status : failed)
leaf-1-1# show vpc
Legend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id : 2
Peer status : peer adjacency formed ok
vPC keep-alive status : peer is alive
Configuration consistency status : success
Per-vlan consistency status : failedAfter 40 to 60s after my pings come back.. This is happening when i add suppress-arp or i remove in both condition my host stop pinging for some time until Per-vlan consistency status change to success. is this normal behavior ?
3. I have some VNI which doesn't have anycast-gatway SVI in that case if i enable suppress-arp does that work or not ? (These VNI default gateway is my Cisco ASA firewall)
