Perhaps we have an issue of semantics, but I wonder about your statement that Cisco "does not really clear the table.". Your test shows very clearly that Cisco is clearing out all the dynamic entries in the arp cache

R1#clear arp-cache

R1#

ARP: flushing ARP entries for all interfaces

and then Cisco immediately attempts to relearn the entries that had been in the table.

If your interpretation of "clear the table" is that it should result in an empty table then we can agree that this does not happen. But my interpretation of "clear the table" is to remove all of the existing entries, and Cisco does do that. The importance of this is that if some devices have gone out of service then their arp entries will not be relearned. But for devices which are still active in the network the Cisco router is ready to forward traffic to them as it is received. If it did create an empty table then it would not be able to forward a packet to a host until its arp entry was learned since if the router does not have a MAC address to put into the destination MAC address field it can not forward the packet and will have to drop it.

Yeah, what I meant to say is that people expect the cache to be empty after clearing it and that it will populate itself when traffic is sent. However the way Cisco implemented it is to refresh the entries.

The only way of totally clearing it is to shutdown the interface I believe.

Daniel Dib
CCIE #37149

Yes I agree. I have had similar discussions with people before who get confused because the show arp after the clear command looks so similar to the content of show arp before the clear. So they tend to think that Cisco did not do anything. But your test was very clear in showing that the existing entries are flushed and then are learned over again.

Some people do expect the arp table to be empty after clearing. And that would make sense for a host in the network. But if you think about how a router works it is not able to forward traffic until it has an entry in its arp table for the destination. So it would degrade service on the network if the router had to learn the entries one at a time as traffic arrives.

Yes the only way to prevent the router from re-learning arp entries is to shut down the interface. (and if you shut down the interface then you do not need the clear command)

HTH

Rick

You can also use the command "clear ip arp" which clears the arp table without sending the gracious arp messages. You will see this has more effect as it takes longer to re-learn the arp entries.

That's just Cisco's oh-so-helpful BROKEN behavior. "clear" should remove it from the table, not "revalidate" what's there. If it did, in fact, flush the table, then there would be nothing for the subsequent steps to unicast ARP. Your argument of degrading service is as incorrect as it is lame. If that host is no longer sending/receiving traffic, there's no need for it to stay in the cache. Yet, there's no way to remove it, and IOS will revalidate it every time it expires. This means the arp-cache can grow without bounds. And that's a problem for large broadcast domains like a cablemodem. (or anywhere proxy-arp exists.) One should not have to reboot the *** **** router to clear dynamic entries. (or find yourself a path to the "right" side to be able to shut/no shut the interface(s))

[For the record, I've seen CPE routers with over 10,000 entries in the cache, because they never expire and they can't be "clear"ed.]