Provider standard ARP Timeout?

Blake Hudson blake at ispn.net
Fri Aug 10 15:03:02 CDT 2012


Saku Ytti wrote the following on 8/10/2012 10:27 AM:
> On (2012-08-10 10:23 -0400), Jay Nakamura wrote:
>
>> Cisco default ARP timeout is 4 hours.  Do anyone change that to
>> something shorter in a provider environment for customer with Ethernet
>> connectivity?  What is a good value to set it to?
> Maximum value should be your L2 MAC timeout. Most other vendors use low
> limits these days (linux, junos come to mind).
> So 300s max really.
>
> If ARP timeout is higher than L2 MAC timeout you can cause loops in
> otherwise correctly configured network.
>

I haven't seen loops, but have seen unicast floods when the MAC address 
times out for a host that receives data, but does not transmit it (hence 
the switch often forgets the MAC for the device). On Cisco gear I found 
it simpler to increase the mac address timeout to match the ARP timeout 
because the MAC timeout is a global command and the ARP timeout was a 
per interface command. IIRC, Cisco recommends the two match under 
certain setups - VRRP/HSRP comes to mind. I would think that a matched 
setup would always be ideal, with shorter timeouts for networks that 
encounter more instability or user movement.

--Blake



More information about the NANOG mailing list