Showing results for 
Search instead for 
Did you mean: 

Find out ARP for Entire Bridge Domain


Bridge Domain and EPG are created.

We would like to get ARP entries for the bridge domain (Security_VLAN).

what is the process to get ARP entries for entire Security_VLAN? Like we do "Show IP ARP VLAN #"



5 Replies 5

Jason Williams


Instead of ARP entries, the fabric will install endpoint entries. For L3 bridge domains (unicast routing enabled), the BD/EPG will learn both IP and MAC from both ARP and data plane traffic. 

To check the endpoint per EPG, you can do 2 different ways. 

1. In the GUI, go to the EPG and in the right pane click the operational tab. You will see a list of endpoints in the EPG and where they are located. 

2. Log into the CLI of a leaf node which is connected to the endpoint. Find out the VLAN ID (use 'show vlan extended' to translate the encap VLAN to the switch's local platform VLAN). Once you have the VLAN ID then run the 'show endpoint vlan X' command (X = VLAN ID). 

Example shown below for looking up endpoints in VLAN 1001 on leaf-1 CLI. 

leaf1# show vlan extended | egrep 'Encap|vlan-1001'
VLAN Type Vlan-mode Encap
17   enet CE        vlan-1001

leaf1# show endpoint vlan 17
s - arp O - peer-attached a - local-aged S - static
V - vpc-attached p - peer-aged M - span L - local
B - bounce H - vtep
VLAN/ Encap MAC Address MAC Info/ Interface
Domain VLAN IP Address IP Info
17 vlan-1001 84b2.61ef.ba8d L eth1/27
jw1:jw1 vlan-1001 L eth1/27

Endpoint Summary
Total number of Local Endpoints : 1
Total number of Remote Endpoints : 0
Total number of Peer Endpoints : 0
Total number of vPC Endpoints : 0
Total number of non-vPC Endpoints : 1
Total number of MACs : 1
Total number of VTEPs : 0
Total number of Local IPs : 1
Total number of Remote IPs : 0
Total number All EPs : 1

What if you are deploying multiple subnets per BD and multiple EPGs per BD.  Additionally, what if you have multiple EPGs statically bound to multiple ports on multiple leaf switches?  It seems that there must be an easier way to view the "ARP" table for an entire BD rather than going to each leaf switch one by one.




SSH to APIC and invoke the same commands.


Argh!  Different arguments on APIC.  Please ignore.


On APIC, try:

# show endpoints | egrep "vlan-"




Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers