Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new blog
1236
Views
0
Helpful
2
Comments

ASR9K ARP cache - how does the IP to MAC mapping get refreshed?

Benjamin Bartsch
Level 1
Level 1
‎09-11-2020 06:12 AM

Hi - Can somebody point me to the technical details on how ASR9k refreshes the ARP cache as the cache timeout is about to expire?  We are trying to understand the exact process and timing of what happens to an IP to MAC mapping in the ARP cache when the cache timeout is reached.

 

My understanding of the ARP cache procedure:

ASR9k receives an IP / Layer 3 packet with a destination IP address within a 'connected' prefix as shown by 'show route'

ASR9k checks the ARP cache on the connected interface to see if there is an IP to MAC mapping.  If so, traffic is sent to that MAC.  If not, ASR9k sends out L2 broadcast asking 'who has' the IP that's needed.

The device with the IP responds with an L2 unicast message indicating the MAC and IP.

ASR9k installs the IP to MAC mapping in ARP table and the ARP cache timer starts counting up.  Packets are now flowing towards the MAC in the ARP table for the destination IP.

Assume there is traffic passing from the internet through the router and down to a subscriber/CPE for a time longer than the ARP cache timeout.

**As the timer approaches the configured ARP cache timeout value, ASR9k refreshes the IP to MAC**

 

I don't understand the last step.  When does the ASR9k refresh the IP to MAC mapping?  It appears the 9k sends out an ARP broadcast 'who is' at some time just before the timer expires, but I can't find this documented anywhere.

 

I have read some other posts indicating that in IOS, the device calculates some random time value that it subtracts off each individual ARP entry where the device will then ARP for the IP.  This prevents a flooding of ARP broadcasts if all the mappings expire at the same time, which could be really bad if you have huge broadcast domains across hardware with limited packet processing power.

(search for 'jitter')

https://community.cisco.com/t5/switching/arp-cache-timeout-on-cisco-routers/m-p/1868410#M204495

 

I have read ASR9k documentation that states the ARP cache timeout simply ages out the entry upon timer expiration and the 9k will simply ARP again after the timer expires.  I'm not seeing this in practice.

(ARP Cache Entries on page 38)

https://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k-r6-6/ip-addresses/configuration/guide/b-ip-addresses-cg-asr9000-66x.pdf

 

I have read that the ARP cache can be updated through other means, such as certain traffic seen on the wire that maps IP to MAC (such as from CPE when he ARPs for his gateway).

 

This is what we see on our ASR9k when things are working as expected:

The ARP table gets populated with an IP to MAC and the ARP cache timer starts counting up from 0.

L3 traffic flows between the Internet, through the 9k, to the CPE

At some time just before our 5 minute ARP cache timer expires, we see the timer associated with the IP to MAC get it's counter reset to 0.  **this is the part we are trying to understand**

 

TAC SR 689865214

ASR9006 32bit 6.6.3

Bundle-ether subinterface with IP

300s ARP cache timeout set to match downstream Calix E7-2 shelf

 

Any links to documentation that explain the ARP 'refresh' process would be appreciated.

 

Thanks in advance,

ben

0 Helpful
2 Comments
Benjamin Bartsch
Level 1
Level 1
‎09-11-2020 06:25 AM
‎09-11-2020 06:25 AM

Output of 'show arp' for an example IP address REDA.CTED.19.18

ARP cache timeout is 300s = 5min

At some time t just before 300s, one LC updates the ARP entry for REDA.CTED.19.18

At some time t+x just before 300s, the other LC updates the ARP entry for REDA.CTED.19.18

 

 

RP/0/RSP0/CPU0:9006A-GLSG-BNG#sh arp vrf INTERNET REDA.CTED.19.18
Thu Sep 10 09:13:26.788 MDT

-------------------------------------------------------------------------------
0/1/CPU0
-------------------------------------------------------------------------------
Address Age Hardware Addr State Type Interface
REDA.CTED.19.18 00:04:41 e41f.13fa.3a45 Dynamic ARPA Bundle-Ether930.2410

-------------------------------------------------------------------------------
0/0/CPU0
-------------------------------------------------------------------------------
Address Age Hardware Addr State Type Interface
REDA.CTED.19.18 00:04:41 e41f.13fa.3a45 Dynamic ARPA Bundle-Ether930.2410

 

RP/0/RSP0/CPU0:9006A-GLSG-BNG#sh arp vrf INTERNET REDA.CTED.19.18
Thu Sep 10 09:13:27.738 MDT

-------------------------------------------------------------------------------
0/1/CPU0
-------------------------------------------------------------------------------
Address Age Hardware Addr State Type Interface
REDA.CTED.19.18 00:00:01 e41f.13fa.3a45 Dynamic ARPA Bundle-Ether930.2410

-------------------------------------------------------------------------------
0/0/CPU0
-------------------------------------------------------------------------------
Address Age Hardware Addr State Type Interface
REDA.CTED.19.18 00:04:42 e41f.13fa.3a45 Dynamic ARPA Bundle-Ether930.2410

 

RP/0/RSP0/CPU0:9006A-GLSG-BNG#sh arp vrf INTERNET REDA.CTED.19.18
Thu Sep 10 09:13:39.830 MDT

-------------------------------------------------------------------------------
0/1/CPU0
-------------------------------------------------------------------------------
Address Age Hardware Addr State Type Interface
REDA.CTED.19.18 00:00:13 e41f.13fa.3a45 Dynamic ARPA Bundle-Ether930.2410

-------------------------------------------------------------------------------
0/0/CPU0
-------------------------------------------------------------------------------
Address Age Hardware Addr State Type Interface
REDA.CTED.19.18 00:04:54 e41f.13fa.3a45 Dynamic ARPA Bundle-Ether930.2410


RP/0/RSP0/CPU0:9006A-GLSG-BNG#sh arp vrf INTERNET REDA.CTED.19.18
Thu Sep 10 09:13:40.719 MDT

-------------------------------------------------------------------------------
0/1/CPU0
-------------------------------------------------------------------------------
Address Age Hardware Addr State Type Interface
REDA.CTED.19.18 00:00:01 e41f.13fa.3a45 Dynamic ARPA Bundle-Ether930.2410

-------------------------------------------------------------------------------
0/0/CPU0
-------------------------------------------------------------------------------
Address Age Hardware Addr State Type Interface
REDA.CTED.19.18 00:00:00 e41f.13fa.3a45 Dynamic ARPA Bundle-Ether930.2410

0 Helpful
Benjamin Bartsch
Level 1
Level 1
‎09-15-2020 11:57 AM
‎09-15-2020 11:57 AM

Anybody from XR / ASR9k at Cisco have any ideas on this?

My understanding of the ARP cache procedure:

ASR9k receives an IP / Layer 3 packet with a destination IP address within a 'connected' prefix as shown by 'show route'

ASR9k checks the ARP cache on the connected interface to see if there is an IP to MAC mapping.  If so, traffic is sent to that MAC.  If not, ASR9k sends out L2 broadcast asking 'who has' the IP that's needed.

The device with the IP responds with an L2 unicast message indicating the MAC and IP.

ASR9k installs the IP to MAC mapping in ARP table and the ARP cache timer starts counting up.  Packets are now flowing towards the MAC in the ARP table for the destination IP.

Assume there is traffic passing from the internet through the router and down to a subscriber/CPE for a time longer than the ARP cache timeout.

**As the timer approaches the configured ARP cache timeout value, ASR9k refreshes the IP to MAC**

 

I don't understand the last step.  When does the ASR9k refresh the IP to MAC mapping?  It appears the 9k sends out an ARP broadcast 'who is' at some time just before the timer expires, but I can't find this documented anywhere.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Popular Articles
Customers Also Viewed These Support Documents