Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5469
Views
0
Helpful
5
Replies

ARP broadcast

Go to solution
s.aliyarukunju
Level 1
Level 1

‎10-16-2012 01:16 AM - edited ‎03-07-2019 09:29 AM

Hi experts,

I am here using L3 Cisco Switch as gateway device and disabled proxy ARP on gateway interface as shown below

interface vlan 100

ip address 192.168.100.1 255.255.255.0

no ip redirects

no ip unreachables

no ip proxy-arp

But when i debug for ARP message in this device i am getting messages as shown below.

Oct 16 10:32:35.105 IND: IP ARP: sent req src 192.168.100.1 0024.50da.23c1, dst 192.168.100.214 0000.0000.0000 Vlan100

Oct 16 10:32:36.179 IND: IP ARP: sent req src 192.168.100.1 0024.50da.23c1, dst 192.168.100.11 0000.0000.0000 Vlan100

Oct 16 10:32:37.429 IND: IP ARP: sent req src 192.168.100.1 0024.50da.23c1, dst 192.168.100.12 0000.0000.0000 Vlan100

Oct 16 10:32:39.417 IND: IP ARP: sent rep src 192.168.100.1 0024.50da.23c1, dst 192.168.100.168 0024.81c2.1800 Vlan100

Oct 16 10:32:35.105 IND: IP ARP: creating incomplete entry for IP address: 192.168.100.214 interface Vlan100

Oct 16 10:32:39.769 IND: IP ARP: creating incomplete entry for IP address: 192.168.100.117 interface Vlan100

Oct 16 10:32:35.675 IND: IP ARP: rcvd req src 192.168.100.77 e411.5bfb.f8c2, dst 192.168.100.12 Vlan100

Oct 16 10:32:35.675 IND: IP ARP: rcvd req src 192.168.100.77 e411.5bfb.f8c2, dst 192.168.100.12 Vlan100

Oct 16 10:32:35.742 IND: IP ARP: rcvd req src 192.168.100.13 009c.0207.46e9, dst 192.168.100.151 Vlan100

Oct 16 10:32:35.742 IND: IP ARP: rcvd req src 192.168.100.13 009c.0207.46e9, dst 192.168.100.151 Vlan100

Oct 16 10:32:36.070 IND: IP ARP: rcvd req src 192.168.100.196 e411.5bf3.8e0f, dst 192.168.100.12 Vlan100

Oct 16 10:32:36.070 IND: IP ARP: rcvd req src 192.168.100.196 e411.5bf3.8e0f, dst 192.168.100.12 Vlan100

In all these messages we can see that the gateway is sending ARP request to host as shown in bold. Could you please clarify , eventhough we disabled the proxy-arp feature on this gateway , why it is still sending the ARP request message to hosts with MAC 0000.0000.0000.

Please advice..

Best Regards

shiji

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to s.aliyarukunju

‎10-16-2012 03:49 AM

Hi,

if it is the default-gateway for hosts in vlan 100 then when these hosts communicate with their default-gateway which is int vlan 100 then they'll do arp requests and the switch will do the same to be able to reply to the hosts.

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
cadet alain
VIP Alumni
VIP Alumni

‎10-16-2012 01:33 AM

Hi,

disabling proxy-arp will only prevent the router from replying with its own MAC address  when it receives a request for an IP address that it knows of and that is not on same subnet as the requesting device.

If it has to communicate at L3 with hosts in VLAN 100 it still need to arp request for their MAC addresses if they are not in the cache.

Regards.

Alain.

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
0 Helpful

Go to solution
paolo bevilacqua
Hall of Fame
Hall of Fame

‎10-16-2012 01:54 AM

That is normal. In an ARP request, the destinationMAC address) is zero-filled, because it is not know yet.

0 Helpful

Go to solution
ciscoamit_497
Level 1
Level 1

‎10-16-2012 02:16 AM

Hi Aliya,

As Alain said, if you are disabling the ip proxy arp then this is not mean to filtering the arp request completely, ip rpoxy arp used by the router or L3 switch if u r using as an router..to process ur packets to outside of ur local subnet by giving u mac address of its own gateway local port (that is being used as a gateway for all hosts). But in case of your log msghs..i can see the request is only for local subnet ip addresses and in this case, it wont discard that packet and reply to the requested arp.

And also we are disabling the proxy arp because we are used to configure the hosts with gateway of router, so whenever packets need to be send to other network then it will put the mac-address of the default gateway itself. No need to further arp resolution in that case. Hence it saves memory and processor cycle of the router.

Hope this would be helpful to u...

Thanks & Regards,

Amit

***********Please rate helpful posts*******

0 Helpful

Go to solution
s.aliyarukunju
Level 1
Level 1
In response to ciscoamit_497

‎10-16-2012 03:42 AM

Hi All,

Many thanks for all of you replies...

I totally understand that disabling proxy-arp will prevent the router/switch gateway by responding with their MAC address to those who want to go outside of local subnet.

But here my confusion is , why the gateway IP ( 192.168.100.1) is sending ARP request to hosts that is sitting inside the same network.

Best Regards

0 Helpful

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to s.aliyarukunju

‎10-16-2012 03:49 AM

Hi,

if it is the default-gateway for hosts in vlan 100 then when these hosts communicate with their default-gateway which is int vlan 100 then they'll do arp requests and the switch will do the same to be able to reply to the hosts.

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card