Provider standard ARP Timeout?
blake at ispn.net
Fri Aug 10 15:03:02 CDT 2012
Saku Ytti wrote the following on 8/10/2012 10:27 AM:
> On (2012-08-10 10:23 -0400), Jay Nakamura wrote:
>> Cisco default ARP timeout is 4 hours. Do anyone change that to
>> something shorter in a provider environment for customer with Ethernet
>> connectivity? What is a good value to set it to?
> Maximum value should be your L2 MAC timeout. Most other vendors use low
> limits these days (linux, junos come to mind).
> So 300s max really.
> If ARP timeout is higher than L2 MAC timeout you can cause loops in
> otherwise correctly configured network.
I haven't seen loops, but have seen unicast floods when the MAC address
times out for a host that receives data, but does not transmit it (hence
the switch often forgets the MAC for the device). On Cisco gear I found
it simpler to increase the mac address timeout to match the ARP timeout
because the MAC timeout is a global command and the ARP timeout was a
per interface command. IIRC, Cisco recommends the two match under
certain setups - VRRP/HSRP comes to mind. I would think that a matched
setup would always be ideal, with shorter timeouts for networks that
encounter more instability or user movement.
More information about the NANOG