Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Verifying and Disabling Proxy ARP and ARP Suppression for the Edge-Routed Bridging Overlay

 

Verifying Proxy ARP and ARP Suppression for the Edge-Routed Bridging Overlay

Proxy ARP and ARP suppression are enabled by default on the QFX10000 line of switches, so there is no configuration needed to enable these features. To verify proxy ARP is working on supported devices and ARP suppression prevents other leaf devices from seeing the ARP requests, perform the following:

  1. Select a remote end system entry to verify that proxy ARP is enabled on a supported leaf device. In this example, Leaf 10 is a QFX10002 switch.
    user@leaf-10> show arp no-resolve expiration-time | match 10.1.4.201
  2. Verify that the entry was learned from a remote leaf device. In this case, the ARP entry was learned from Leaf 4 and 5.
    user@leaf-10> show evpn database mac-address 02:0c:10:04:02:01 extensive
  3. Send an ARP Request and verify that the ARP reply is generated.
    user@leaf-10> monitor traffic interface irb no-resolve
  4. Verify that ARP is suppressed in the remote leaf device. Note: There is no ARP request connecting Leaf 4 to any other leaf in the segment.
    user@leaf-4> monitor traffic interface irb no-resolve

Disabling Proxy ARP and ARP Suppression for the Edge-Routed Bridging Overlay

To override the default settings for the QFX10000 line of switches and disable proxy ARP and ARP suppression, you must configure the leaf device.

Note

When disabling ARP suppression, be aware of the following implications

  • Even though it finds the MAC-IP address binding in its database, the device floods an ARP request through the Ethernet bridging domain. Therefore, we recommend that ARP suppression remains enabled.

  • Disabling the suppression of ARP packets on a PE device essentially disables the proxy ARP functionality. Therefore, we recommend that ARP suppression remains enabled.

To disable proxy ARP and ARP suppression, and verify this change, perform the following:

  1. Configure the local leaf device (Leaf 10 in this example) to disable proxy ARP and ARP suppression.

    Leaf 10:

  2. Send an ARP Request and verify that ARP is not being suppressed.
    user@leaf-10> show arp no-resolve expiration-time | match 10.1.4.201
    user@leaf-10> monitor traffic interface irb no-resolve
    Note

    Notice that no ARP replies are being received by Leaf 10.

  3. Verify that the ARP Request is flooded to all leaf devices.
    user@leaf-4> monitor traffic interface irb no-resolve