cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
76658
Views
48
Helpful
10
Replies

ARP Aging Time

b.petronio
Level 3
Level 3

Hi there,

Just wondering why, when i do show arp, in my WS-C4506, whith Supervisor II+ 1000BaseX, and cat4000-i9k91s-mz.122-25.EWA5.bin, it seems that i have +/- 20 % of arp entrys with the aging time of 0 sec all the time.

I think it should increment that aging time till 300 sec (by default), and then reset, but not all the entries do it.

Any ideias of what kind of "process" is causing it ?

I have all in the vlan1, and the ip's that soffer this issue are hosts and Cisco equipments.

Thank you in advance.

Petr?nio

10 Replies 10

carenas123
Level 5
Level 5

I think arp aging time of 0 sec means the entries dont have any aging time or they wont expire. It doesnt mean there is some problem.

Friend,

I think you are a little confused with the ARP aging time and the mac-address aging time (also called as CAM table)

The default ARP aging time is 4 hours but the switch hold the CAM table entires only for 5 minutes.

http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a00807347ab.shtml#troubleshoot

A permanent ARP entry does not have any timer assoiciated with it and is not shown as "0" but as "-".

The thing which you are seeing is basically the cam is being aged out after 5 mins from the switch and is not incrementing as no frames are being received on the port.

HTH, rate if it does

Narayan

Tks for ur replies,

"The thing which you are seeing is basically the cam is being aged out after 5 mins from the switch and is not incrementing as no frames are being received on the port."

I think it is not the case, cause there are many ip's in the show arp table, that still have the arp time "Age (min)" = 0, even when i know it has traffic, so it had reveiced frames.

I did really missed up the arp/cam concept, but then if the show arp "Age (min)" parameter is the cam table aging time represented, where can i see the arp aging time ?

Best Regards,

Very helpful article

Hi b.petronio

     The age column in the show arp command indicates the interval (in minutes) since the entry was entered in the table, rather than the interval since the entry was last used. The first time device receives an ARP for a particular device it will enter it in the ARP table and will start the age counter. The default arp timeout value is 4 hours. If you issue the clear arp-cache command, the device sends out ARP requests to all the devices listed in the ARP table. If it receives a reply, it keeps the entry in the table but resets the age (min) value to zero.

If it does not receive the reply then it removes the entry from the ARP table. Also, make sure that the encapsulation type between the neighboring devices matches. If it is not, hardcode the encapsulation type

Thank you for your full and informative answer!
Let me add, the entry is entered in the table upon receipt of a request from the host or when sending a request to the host.

Hello, there is no issue at all! Remember that WS-C4506 is a L3 switch, therefore it works as an ordinary switch and as a router combined. The last is important because by default, ARP aging time for routers is 240 min. Each time a packet is received/sent from those interfaces, ARP checks if IP address and MAC address match and the timer is set to "0" again. So if you permanently see "0" with show ip arp command, that means you're having traffic in that interface (just less than a minute ago)!

Deepak Kumar
VIP Alumni
VIP Alumni

Hi,

Age – by default, an entry will be removed from the ARP table if it wasn’t used in 240 minutes.  "Age Time" in this column means that the entry was last used "in this time" minutes ago. Each time an entry is used, the age will be reset back to zero. 

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

Hi,

I don't find it completely true. When I ping IP of L2 managed switch lets say, I check arp entry on core switch and timeout value for L2 switch management IP is not changed to 0 and keeps incrementing. Even tried snmpwalk from SNMP server and did get a reply but still timeout value has not changed to 0. To me it looks like value changes to 0 only when there is a traffic initiated by the machine.

That is exactly true, it does not reset the ARP entry to zero even if there is active traffic going out the interface (continuous ping being sent). 

So, to be clear, I do not know answer at this point.

Probably, by the periodic gratuitous arp being sent by the end host ????? no sure

Review Cisco Networking for a $25 gift card