Table of Contents
Advertisement
Foundry Switch and Router Installation and Configuration Guide
•
If the ARP cache does not contain an entry for the destination IP address, the Layer 3 Switch broadcasts an
ARP request out all its IP interfaces. The ARP request contains the IP address of the destination. If the
device with the IP address is directly attached to the Layer 3 Switch, the device sends an ARP response
containing its MAC address. The response is a unicast packet addressed directly to the Layer 3 Switch. The
Layer 3 Switch places the information from the ARP response into the ARP cache.
ARP requests contain the IP address and MAC address of the sender, so all devices that receive the request
learn the MAC address and IP address of the sender and can update their own ARP caches accordingly.
NOTE: The ARP request broadcast is a MAC broadcast, which means the broadcast goes only to devices
that are directly attached to the Layer 3 Switch. A MAC broadcast is not routed to other networks. However,
some routers, including Foundry Layer 3 Switches, can be configured to reply to ARP requests from one
network on behalf of devices on another network. See "Enabling Proxy ARP" on page 15-31.
NOTE: If the router receives an ARP request packet that it is unable to deliver to the final destination because of
the ARP timeout and no ARP response is received (the Layer 3 Switch knows of no route to the destination
address), the router sends an ICMP Host Unreachable message to the source.
Rate Limiting ARP Packets
You can limit the number of ARP packets the Foundry device accepts during each second. By default, the
software does not limit the number of ARP packets the device can receive. Since the device sends ARP packets
to the CPU for processing, if a device in a busy network receives a high number of ARP packets in a short period
of time, some CPU processing might be deferred while the CPU processes the ARP packets.
To prevent the CPU from becoming flooded by ARP packets in a busy network, you can restrict the number of
ARP packets the device will accept each second. When you configure an ARP rate limit, the device accepts up to
the maximum number of packets you specify, but drops additional ARP packets received during the one-second
interval. When a new one-second interval starts, the counter restarts at zero, so the device again accepts up to
the maximum number of ARP packets you specified, but drops additional packets received within the interval.
USING THE CLI
To limit the number of ARP packets the device will accept each second, enter a command such as the following at
the global CONFIG level of the CLI:
BigIron(config)# rate-limit-arp 100
This command configures the device to accept up to 100 ARP packets each second. If the device receives more
than 100 ARP packets during a one-second interval, the device drops the additional ARP packets during the
remainder of that one-second interval.
Syntax: [no] rate-limit-arp <num>
The <num> parameter specifies the number of ARP packets and can be from 0 – 100. If you specify 0, the device
will not accept any ARP packets.
NOTE: If you want to change a previously configured the ARP rate limiting policy, you must remove the
previously configured policy using the no rate-limit-arp <num> command before entering the new policy.
USING THE WEB MANAGEMENT INTERFACE
You cannot configure ARP rate limiting using the Web management interface.
Changing the ARP Aging Period
When the Layer 3 Switch places an entry in the ARP cache, the Layer 3 Switch also starts an aging timer for the
entry. The aging timer ensures that the ARP cache does not retain learned entries that are no longer valid. An
entry can become invalid when the device with the MAC address of the entry is no longer on the network.
15 - 30
December 2000
- Quick Links:
- Configuring Ip Addresses
Hide quick links:
Advertisement
Chapters
Table of Contents
