Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

ARP Learning and Aging Options

Address Resolution Protocol (ARP) is a protocol used by IPv4 and IPv6 to map IP network addresses to MAC addresses. Use this topic to set passive ARP learning and ARP aging options for network devices. In these situations, a switch operates as a virtual router.

Configuring Passive ARP Learning for Backup VRRP Devices

By default, the backup Virtual Router Redundancy Protocol (VRRP) device drops ARP requests for the VRRP-IP to VRRP-MAC address translation. The backup device does not learn the ARP (IP-to-MAC address) mappings for the hosts sending the requests. When it detects a failure of the primary device and becomes the new primary, the backup device must learn all the entries that were present in the ARP cache of the primary device. In environments with many directly attached hosts, such as metro Ethernet environments for a router, the backup device may have to learn a large number of ARP entries. This can cause a significant transition delay, during which traffic transmitted to some of the hosts might be dropped.

Passive ARP learning enables the ARP cache in the backup device to hold approximately the same contents as the ARP cache in the primary device. When a backup device becomes the primary device, the new primary device will already know the entries in the ARP cache of what used to be the primary device, reducing the transition delay.

To enable passive ARP learning, include the passive-learning statement at the [edit system arp] hierarchy level:

While a device is operating as the primary, the passive learning configuration has no operational impact. The primary (or a standalone) device always learns ARP entries from incoming requests. The configuration takes effect only when the device is operating as a backup device.

We recommend setting passive learning on both the backup and primary VRRP device. Otherwise, you will need to remember to configure passive learning on a primary device after it becomes a backup device.

Configuring a Delay in Gratuitous ARP Requests

By default, the Junos OS sends gratuitous ARP requests immediately after you make network-related configuration changes on an interface, like a VLAN ID, MAC address, or IP address change. It also sends gratuitous ARP requests if a failover occurs and the device becomes the new primary device.

The Packet Forwarding Engine may drop some initial request packets if the IP address configuration updates have not been fully processed by the time a gratuitous ARP request is sent. To avoid dropping request packets, you can configure a delay in gratuitous ARP requests.

To configure a delay in gratuitous ARP requests, include the gratuitous-arp-delay seconds statement at the [edit system arp] hierarchy level:

We recommend that you configure a value in the range of 3 through 6 seconds.

Sending a Gratuitous ARP Request When an Interface is Online

To configure the device to automatically send a gratuitous ARP request when an interface is online, include the gratuitous-arp-on-ifup statement at the [edit system arp] hierarchy level:

Purging ARP Entries

To configure a device to purge obsolete ARP entries in the cache when an interface goes offline, include the purging statement at the [edit system arp] hierarchy level:

Purging is configured to delete ARP entries immediately after an interface that has gone offline is detected. If purging is not configured, ARP entries in the ARP table are retried after they have expired and are deleted if there is no ARP response within the default timeout value of 20 minutes. The default timeout value can be changed to other values using the aging-timer statement, as explained below.

Adjusting the ARP Aging Timer

By default, the ARP aging timer is set at 20 minutes. In environments with many directly attached hosts, such as metro Ethernet environments, increasing the amount of time between ARP updates by configuring the ARP aging timer can improve performance. Thousands of clients timing out at the same time might impact packet forwarding performance. In environments where there are devices connected with lower ARP aging timers (less than 20 minutes), decreasing the ARP aging timer can improve performance by preventing the flooding of traffic toward next hops with expired ARP entries. In most environments, the default ARP aging timer value does not need to be adjusted.

The range of the ARP aging timer is 1 through 240 minutes. To configure a system-wide ARP aging timer, include the aging-timer statement at the [edit system arp] hierarchy level:

You can also configure the ARP aging timer for each logical interface of family type inet. To configure the ARP aging timer at the logical interface level, specify the aging-timer statement and the timer value in minutes at the [edit system arp interfaces interface-name] hierarchy level:

To configure the ARP aging timer for a specific interface in a logical system, include the aging-timer statement and the timer value in minutes at the [edit logical-systems logical-system-name system arp interfaces interface-name] hierarchy level:

Note:

If the aging timer value is configured both at the system and the logical interface levels, the value configured at the logical interface level takes precedence for the specific logical interface.

The timer value you configure takes effect as ARP entries expire. Each refreshed ARP entry receives the new timer value. The new timer value does not apply to ARP entries that exist at the time you commit the configuration.

Disabling Neighbor Discovery

You can prevent the device from learning the MAC addresses of its neighbors through ARP or neighbor discovery for IPv4 and IPv6 neighbors. To disable ARP address learning by not sending ARP requests and not learning from ARP replies, use the no-neighbor-learn configuration statement.

To disable neighbor discovery for IPv4 neighbors:

To disable neighbor discovery for IPv6 neighbors: