Hi,
I faced an old problem
6509 msfc--internal-switch port--(outside)FWSM module L2 trnsparentmode(inside)--Switch(same 6509)--port9/5--pc1
VLAN 10 vlan 100
there is one FWSM module installed in 6509 chassis , outside zone connected to vlan 10 then to MSFC layer 3 interface vlan 10,,FWSM is confiured as layer 2 transparent mode, inside zone connected to vlan 100, and pc1 putted into same inside vlan 100. pc1's default gateway is configured pointed to interface vlan 10.
there are two 6509, and configured hsrp on interface vlan 10.
Problem:
the problem is mac address entry timeout in vlan 100 is 5 minutes, and arp timeout for outside interface vlan 10 is 4 hours
but the traffic from interface vlan 10 to PC1 (in vlan 100,same l2 domian), the source mac address is hardware mac address and not hsrp vip virtual mac address, So in vlan 100 mac address table , the virtual mac address of hsrp gateway will be flushed after 5 minutes and disappear. so pc1 traffic send to gateway will be flooded in whole vlan 100.
there are lot of backup traffic in vlan 100 from other side of FWSM , so flooding traffic congest one low bandwidth path.
I found some solution:
1、config mac aging timeout upto 5 hour,more thank arp timeout,but I am afraid there is harmful for many other traffic
2、 config arping in vlan 100 one pc, but this is not a Scala solution
but solutuon up is not very good for customer, cutomer don't want to adjust mac aging time and run arping
my question is :
Is there any possible to config gratuitous arp on 6509 to send gratuitous arp (source mac is hsrp virtual mac) at some interval, such as 4 minutes before mac address aging out
another question:
IF arp timeout before reach last second,can switch send proactive arp request out to refresh arp table before arp entry timeout and avoid lost packet between switch clear up arp entry and request new arp.
thank you
Jere
