cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
14144
Views
0
Helpful
3
Replies

Clear ARP

denz_cruel
Level 1
Level 1

If a new juniper switch was connected to 3750 switch and I do CLEAR ARP on 3750 switch, do the new MAC-address of juniper will be learned by other switches and firewalls connected to 3750 switch automatically? or do i need to clear arp all devices so they can learn the new MAC-address?

1 Accepted Solution

Accepted Solutions

Hello, on Cisco the default mac table timeout is about 5mins I think, and ARP table is 4 hours. It would be so much better getting the Juniper with the new IP to G ARP instead.
Remember at layer 2 switching as soon as a frame is received on an interface with another source MAC address, the mac table is updated accordingly. With ARP it's a little different. When the arp expires after 4 hours, Cisco switches and routers will arp request again I believe.
Anyway, coming on to the Juniper discussion...

When an IP address is assigned to an interface, SRX M/T/MX sends out gARP, see below:

{primary:node1}[edit]
user@srx210# set interfaces reth0.365 family inet address 10.65.0.234/24

{primary:node1}[edit]
user@srx210# commit
node1:
configuration check succeeds
node0:
commit complete
node1:
commit complete

{primary:node1}
user@srx210> monitor traffic interface reth0.365 no-resolve size 9999 detail
Address resolution is OFF.
Listening on reth0.365, capture size 9999 bytes

17:58:58.130962 Out arp who-has 10.65.0.234 tell 10.65.0.234 <==== gARP request

So what you can do is to temporarily assign your proxy-arp address to SRX (or whichever juniper device you have) interface, commit and then remove it and commit again.
SRX normally send gARP after 1st commit. It does NOT send it second time after 2nd commit.
End result is that upstream router and other devices will have an ARP entry: SRX proxy-ip<->SRX MAC, as required.

So there would be no need to clear anything.

But obviously I don't know your environment as well as you do and there may be some things that may get missed out.. So please be sure to check.


Hope this helps

Sent from Cisco Technical Support iPhone App

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

View solution in original post

3 Replies 3

acampbell
VIP Alumni
VIP Alumni

Hi Denz,

clear arp will clear the ip addresses from the 3750 then it will relearn via the arp protocol..

clear mac address-table dynamic will force a relearn of the mac addresses

Regards,
Alex.
Please rate useful posts.

Regards, Alex. Please rate useful posts.

Hi Alex,

Thank you for the information for clear mac address-table dynamic. I want to know if I do clear ip arp and clear mac-address-table dynamic on 3750, do the firewall and other devices connected to the 3750 switch will automatically learn the new mac-address and ip address (updating other neighbor devices of new mac-address)? or do i still need do the clear command to the other devices.

Hello, on Cisco the default mac table timeout is about 5mins I think, and ARP table is 4 hours. It would be so much better getting the Juniper with the new IP to G ARP instead.
Remember at layer 2 switching as soon as a frame is received on an interface with another source MAC address, the mac table is updated accordingly. With ARP it's a little different. When the arp expires after 4 hours, Cisco switches and routers will arp request again I believe.
Anyway, coming on to the Juniper discussion...

When an IP address is assigned to an interface, SRX M/T/MX sends out gARP, see below:

{primary:node1}[edit]
user@srx210# set interfaces reth0.365 family inet address 10.65.0.234/24

{primary:node1}[edit]
user@srx210# commit
node1:
configuration check succeeds
node0:
commit complete
node1:
commit complete

{primary:node1}
user@srx210> monitor traffic interface reth0.365 no-resolve size 9999 detail
Address resolution is OFF.
Listening on reth0.365, capture size 9999 bytes

17:58:58.130962 Out arp who-has 10.65.0.234 tell 10.65.0.234 <==== gARP request

So what you can do is to temporarily assign your proxy-arp address to SRX (or whichever juniper device you have) interface, commit and then remove it and commit again.
SRX normally send gARP after 1st commit. It does NOT send it second time after 2nd commit.
End result is that upstream router and other devices will have an ARP entry: SRX proxy-ip<->SRX MAC, as required.

So there would be no need to clear anything.

But obviously I don't know your environment as well as you do and there may be some things that may get missed out.. So please be sure to check.


Hope this helps

Sent from Cisco Technical Support iPhone App

Please rate useful posts & remember to mark any solved questions as answered. Thank you.