1. Manuals
  2. Brands
  3. D-Link Manuals
  4. Firewall
  5. DFL-210 - NetDefend - Security Appliance
  6. User manual

Static And Published Arp Entries; Displaying The Arp Cache; Flushing The Arp Cache - D-Link NetDefend DFL-210 User Manual

Network security firewall ver. 1.05
Hide thumbs Also See for NetDefend DFL-210:
Table of Contents

Advertisement

3.4.4. Static and Published ARP
Entries
cifies how long NetDefendOS is to remember addresses that cannot be reached. This is done to en-
sure that NetDefendOS does not continously request such addresses. The default value for this set-
ting is 3 seconds.

Displaying the ARP Cache

Example 3.14. Displaying the ARP Cache
The contents of the ARP Cache can be displayed from within the CLI.
CLI
gw-world:/> arp -show
ARP cache of iface lan
Dynamic 10.4.0.1
Dynamic 10.4.0.165

Flushing the ARP Cache

If a host in your network has recently been replaced with a new hardware but keeping the same IP
address, it is most likely to have a new Ethernet address. If NetDefendOS has an ARP entry for that
host, the Ethernet address of that entry will be invalid, causing data sent to the host to never reach its
destination.
Naturally, after the ARP expiration time, NetDefendOS will learn the new Ethernet address of the
requested host, but sometimes it might be necessary to manually force a re-query. This is easiest
achieved by flushing the ARP cache, an operation which will basically delete all dynamic ARP
entries from the cache, thereby forcing NetDefendOS to issue new ARP queries.
Example 3.15. Flushing the ARP Cache
This example shows how to flush the ARP Cache from within the CLI.
CLI
gw-world:/> arp -flush
ARP cache of all interfaces flushed.
Size of the ARP Cache
By default, the ARP Cache is able to hold 4096 ARP entries at the same time. This is feasible for
most deployments, but in rare occasions, such as when there are several very large LANs directly
connected to the firewall, it might be necessary to adjust this value. This can be done by by modify-
ing the Adavnced Setting ARPCacheSize.
So-called "hash tables" are used to rapidly look up entries in the ARP Cache. For maximum effi-
ciency, a hash should be twice as large as the table it is indexing, so if the largest directly-connected
LAN contains 500 IP addresses, the size of the ARP entry hash should be at least 1000 entries. The
administrator can modify the Advanced Setting ARPHashSize to reflect specific network require-
ments. The default value of this setting is 512.
The ARPHashSizeVLAN setting is similar to the ARPHashSize setting, but affects the hash size
for VLAN interfaces only. The default value is 64.

3.4.4. Static and Published ARP Entries

NetDefendOS supports defining static ARP entries (static binding of IP addresses to Ethernet ad-
= 1000:0000:4009
Expire=196
= 0002:a529:1f65
Expire=506
48
Chapter 3. Fundamentals

Advertisement

Table of Contents
loading

Related Manuals for D-Link NetDefend DFL-210

Related Content for D-Link NetDefend DFL-210

This manual is also suitable for:

Dfl-800Dfl-1600Netdefend dfl-2500Netdefend dfl-260Netdefend dfl-860Netdefend dfl-800 ... Show all

Table of Contents