Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
11792
Views
20
Helpful
3
Replies

Nexus 7000 Arp age probem

Go to solution
engahmed1975
Level 1
Level 1

‎11-30-2017 10:55 PM - edited ‎03-08-2019 12:57 PM

Hi all,
I wish that some one can give an explanation for this issue. The issue is I have in my data center a two Nexus 7009 as a distribution (Aggregation) layer, which have a HSRP L3 VLAN, and I noticed that the arp cache entries have an age less than the configured age, here are an output of the commands:

 

# show ip arp | i 117.36
172.16.117.36 00:18:28 1402.ec37.370a Vlan1

 

after a while,
# show ip arp | i 117.36
172.16.117.36 00:18:44 1402.ec37.370a Vlan1
# show ip arp | i 117.36
172.16.117.36 0.296763 1402.ec37.370a Vlan1

 

a piece of the configuration:
# sh running-config arp all

!Command: show running-config arp all
!Time: Fri Dec 1 07:50:42 2017

version 6.2(16)
vpc domain 20
ip arp synchronize
ip arp timeout 1500
ip arp off-list timeout 180
ip arp event-history cli size small
ip arp event-history snmp size small
ip arp event-history client-errors size small
ip arp event-history client-event size small
ip arp event-history lcache-errors size small
ip arp event-history lcache size small
ip arp event-history errors size small
ip arp event-history ha size small
ip arp event-history control size small
ip arp event-history event size small
ip arp event-history packet size small
ip arp fast-path
hardware ip glean throttle maximum 1000
hardware ip glean throttle timeout 300
hardware ip glean throttle syslog 10000
ip arp cache limit 131072

interface Vlan1
ip arp timeout 1500
ip arp gratuitous update
ip arp gratuitous request
ip arp gratuitous hsrp duplicate


We didn't change the default value and I know that the default is 1500 seconds (that's mean 25 minutes), could someone give an explanation, why the arp cache entry is flushed before its age timeout.


Thank you very much.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Andrea Testino
Cisco Employee
Cisco Employee

‎12-05-2017 07:49 AM

Hi there,

 

It is expected behavior for any Nexus device to send a Unicast ARP Request to refresh an entry in its ARP Table. It does this exactly at 18 minutes and 45 seconds, 75% of the ARP Aging time. This behavior is documented here under the ARP Caching section: "To maintain the ARP entry, active MAC address-table entries and host routing adjacencies, Cisco NX-OS sends up to 3 unicast ARP request messages to devices that are present in the ARP cache. The first message is sent at 75% of the configured ARP timeout value, followed by two retries 30 and 60 seconds later if the cached entry has not already been refreshed."

 

In short - what you are seeing is NX-OS expected behavior and nothing to worry about.

 

Hope that helps!

 

- Andrea

- Andrea, CCIE #56739 R&S

View solution in original post

3 Replies 3

Go to solution
Jeroen Huysmans
Level 1
Level 1

‎11-30-2017 11:47 PM

What is actually the issue? Is there something that isn't working properly?

 

when using sh ip arp x.x.x.x it will show you how long the entry exists in the arp-cache table.

Once this age exceed the configured maximum (1500 sec default on nx-os, which is 25 minutes) it will be refreshed if needed or expire.

 

This is what I've found in IOS documentation:

To maintain the validity of dynamically learned routes, the ARP subsystem refreshes dynamic ARP entries periodically (as configured or every four hours by default) so that the ARP table reflects any changed, aged-out, or removed dynamic routes.

To maintain the validity of statically configured routes, the ARP subsystem updates static ARP entries and alias ARP entries once per minute so that the ARP table reflects any changed or removed statically configured routes.

https://www.cisco.com/c/en/us/td/docs/ios/12_4t/ip_addr/configuration/guide/htarpmon.html

 

Jeroen

0 Helpful

Go to solution
Andrea Testino
Cisco Employee
Cisco Employee

‎12-05-2017 07:49 AM

Hi there,

 

It is expected behavior for any Nexus device to send a Unicast ARP Request to refresh an entry in its ARP Table. It does this exactly at 18 minutes and 45 seconds, 75% of the ARP Aging time. This behavior is documented here under the ARP Caching section: "To maintain the ARP entry, active MAC address-table entries and host routing adjacencies, Cisco NX-OS sends up to 3 unicast ARP request messages to devices that are present in the ARP cache. The first message is sent at 75% of the configured ARP timeout value, followed by two retries 30 and 60 seconds later if the cached entry has not already been refreshed."

 

In short - what you are seeing is NX-OS expected behavior and nothing to worry about.

 

Hope that helps!

 

- Andrea

- Andrea, CCIE #56739 R&S

Go to solution
engahmed1975
Level 1
Level 1
In response to Andrea Testino

‎12-07-2017 05:45 AM

Thank you Andrea and Jeroen,
The Andrea's reply is what I was looking for, I know it's not a problem but just a curious thing that I was thinking.
Thank you again.
Ahmed
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card