ARP Timeout Value for Cisco 3750, Linux and Windows

The ARP timeouts are vendor dependent and can very drastically from one vendor to another. Here is some information about ARP timeouts.

Cisco 3750 switch

# show interfaces vlan 1
Vlan1 is up, line protocol is down
Hardware is EtherSVI, address is 5897.1ec9.1040 (bia 5897.1ec9.1040)
Internet address is 192.168.100.1/24
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not supported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:10:09, output 00:10:07, output hang never
Last clearing of “show interface” counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
60274 packets input, 5100402 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
66629 packets output, 52011719 bytes, 0 underruns
0 output errors, 3 interface resets
0 output buffer failures, 0 output buffers swapped out

The default ARP timeout for cisco switch is 4 hrs.
It can be changed using following command :

#configure terminal
cisco(config)#interface vlan 1
cisco(config-if)#arp timeout ?
<0-2147483>  Seconds
cisco(config-if)#arp timeout 600

The ARP timeout must be less than the MAC-Address-Table aging-timer.We have set the ARP = 1hr and MAC = 2hrs, so when the ARP entry times out before the MAC entry, the forced update of the ARP entry before the MAC timeout causes the MAC entry age to reset.

#show mac address-table aging-time
Global Aging Time:  300
Vlan    Aging Time
—-    ———-

Default aging time is 300 and you can change it globally or by VLAN

#configure terminal
cisco(config)#
  mac address-table aging-time 600 vlan 40

Linux

Default ARP timeout value in Linux is 60 sec and can be changed at  /proc/sys/net/ipv4/neigh/eth1/gc_stale_time

gc_stale_time (since Linux 2.2)
Determines how often to check for stale neighbor entries. When a neighbor entry is considered stale, it is resolved again before sending data to it. Defaults to 60 seconds.

gc_thresh1 (since Linux 2.2)
The minimum number of entries to keep in the ARP cache. The garbage collector will not run if there are fewer than this number of entries in the cache. Defaults to 128.

gc_thresh2 (since Linux 2.2)
The soft maximum number of entries to keep in the ARP cache. The garbage collector will allow the number of entries to exceed this for 5 seconds before collection will be performed. Defaults to 512.

gc_thresh3 (since Linux 2.2)
The hard maximum number of entries to keep in the ARP cache. The garbage collector will always run if there are more than this number of entries in the cache. Defaults to 1024.

To flush arp table on Linux server you need to run this:

#ip -s -s neigh flush all

Windows

It was difficult to find about XP. For windows 2000 i got following lines from the link given at reference.

Windows 2000 adjusts the size of the ARP cache automatically to meet the needs of
the system. If an entry is not used by any outgoing datagram for two minutes, the entry is
removed from the ARP cache.Entries that are being referenced are given additional time, in two minute increments,
up to a maximum lifetime of 10 minutes.After 10 minutes, the ARP cache entry is removed and must be rediscovered using
an ARP Request frame. To adjust the time an unreferenced entry can remain in the ARP cache, change the
value of the ArpCacheLife and ArpCacheMinReferencedLife registry entries.
(HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters).

So the default value looks like is 2 min.

5) For brocade switch the default value is 10 min.

command to enable aging time

ip arp-aging-timeout value
no ip arp-aging-timeout

The ARP ageing time is different from the MAC bridge learning time or the MAC table time . If there is mismatch between the MAC bridge learning table and ARP ageing time , it can result in unicast flood. So normally , its better if the ARP aging time is less than the bridge learning table time ( in Linux this value is 300 sec or 5 min can be seen using brctl command)

One Reply to “ARP Timeout Value for Cisco 3750, Linux and Windows”

Leave a Reply

Your email address will not be published. Required fields are marked *

*