ARP-table-overflow

mrswitch · ‎02-06-2024

Hello,
I've seen many posts about the arp-table-overflow problem, but I haven't seen any reasonable solution anywhere.
The manufacturer itself also seems to downplay the problem.
I have 2 switches "CBS350-48T-4X 48-Port Gigabit Stackable Managed Switch with 10G Uplinks" connected in a stack.
The switches have the latest available firmware, i.e. 3.4.0.17, unfortunately we have had this message from the very beginning, it does not matter the firmware version, the same thing happened on version 3.3.0.16.
We have over 200 devices on the network, users are unable to work.

Additionally, this error causes CPU load on the switch in the range of 90-100%.

I was hoping that the update would solve the problem, but it didn't.

Is it really possible that this particular model has such a small ARP table?

Need help

marce1000 · ‎02-06-2024

- First check if there are no ARP storms on the network , by basic network traffic analysis and monitoring tools ; 'have a network sanity check' ; only then for instance look if you have options as mentioned in :
https://community.cisco.com/t5/switches-small-business/cisco-sg300-switch-layer-3-mode-arp-table-overflow-errors/m-p/2281509#M9558

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

mrswitch · ‎02-08-2024

unfortunately, the problem still persists,
What is the capacity of the ARP table of this model?

marce1000 · ‎02-08-2024

- Did you already execute the tasks from the first part of my initial reply ?

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

cyberconsultants · ‎02-08-2024

if using IPv6 (with or without routing enabled i think), check the neighbor discovery cache—i.e., Advanced > IPv6 Configuration > IPv6 Neighbors. i believe we've seen this error generated on an SG350X model when the NDP table overfills due to SLAAC clients utilizing temporary GUAs (whether due to intentionally short lifetime, 'bad' clients, IPv6 misconfiguration, or otherwise). i'm not familiar with any of the other discourse surrounding this issue with the CBS350 line, so forgive this suggestion if it's totally irrelevant otherwise.

mrswitch · ‎02-09-2024

@marce1000 you mean, have I checked the arp storm issues?
I haven't found anything like this on our network.
As for the tcam parameter, because it is very often associated with this situation, the utilization of this parameter on the switch is 26%, the only thing that helps for a while is clearing the arp table.

@cyberconsultants we don't use IPv6