Configuring ARP
CHAPTERS (CHAPTERS)
3. Appendix: Default Parameters
|
|
This guide applies to: T1600G-18TS v2 or above, T1600G-28TS v3 or above, T1600G-28PS v3 or above, T1600G-52TS v3 or above, T1600G-52PS v3 or above, T1700X-16TS v3 or above, T1700G-28TQ v3 or above, T2600G-18TS v2 or above, T2600G-28TS v3 or above, T2600G-28MPS v3 or above, T2600G-28SQ v1 or above, T2600G-52TS v3 or above. |
ARP (Address Resolution Protocol) is used to map IP addresses to MAC addresses. Taking an IP address as input, ARP learns the associated MAC address, and stores the IP-MAC address association in an ARP entry for rapid retrieval.
1.1Supported Features
ARP Table
The ARP table displays all the ARP entries, including dynamic entries and static entries.
Dynamic Entry: Automatically learned and will be deleted after aging time.
Static Entry: Added manually and will be remained unless modified or deleted manually.
Static ARP
You can manually add ARP entries by specifying the IP addresses and MAC addresses.
Gratuitous ARP
Gratuitous ARP is a special kind of ARP. Both the source and destination addresses of the gratuitous ARP packet are the sender its own IP address. It is used to detect duplicate IP address. If an interface sends a gratuitous ARP packet and no replies are received, then the sender knows its IP address is not used by other devices.
Proxy ARP
Normally, the ARP packets can only be transmitted in one broadcast domain, which means if two devices in the same network segment are connected to different Layer 3 interfaces, they cannot communicate with each other because they cannot learn each other’s MAC address using ARP packets.
Proxy ARP solves this problem. As shown below, when a host sends an ARP request to another device that is not in the same broadcast domain but on the same network segment, the Layer 3 interface with Proxy ARP enabled will respond the ARP request with its own MAC address if the destination IP is reachable. After that, the ARP request sender sends packets to the switch, and the switch forwards the packets to the intended device.
Figure 1-1 Proxy ARP Application
Local Proxy ARP
Local Proxy ARP is similar with Proxy ARP. As shown below, two hosts are in the same VLAN and connected to VLAN interface 1, but port 1/0/1 and port 1/0/2 are isolated on Layer 2. In this case, both of the hosts cannot receive each other’s ARP request. So they cannot communicate with each other because they cannot learn each other’s MAC address using ARP packets.
To solve this problem, you can enable Local Proxy ARP on the Layer 3 interface and the interface will respond the ARP request sender with its own MAC address. After that, the ARP request sender sends packets to the Layer 3 interface, and the interface forwards the packets to the intended device.
Figure 1-2 Local Proxy ARP Application
With ARP configurations, you can:
1)View dynamic and static ARP entries.
2)Add or delete static ARP entries.
To configure the Gratuitous ARP feature:
3)Configure the Gratuitous ARP globally and set the Gratuitous ARP sending interval
To configure the Proxy ARP feature:
4)Enable Proxy function for VLAN interfaces or routed ports.
To configure the Local Proxy ARP feature:
5)Enable Local Proxy function for VLAN interfaces or routed ports.
2.1Using the GUI
2.1.1Viewing the ARP Entries
The ARP table consists of two kinds of ARP entries: dynamic and static.
6)Dynamic Entry: Automatically learned and will be deleted after aging time.
7)Static Entry: Added manually and will be remained unless modified or deleted manually.
Choose the menu L3 FEATURES > ARP > ARP Table > ARP Table to load the following page.
Figure 2-1 Viewing the ARP Entries
|
Interface |
Displays the network interface of an ARP entry. |
|
IP Address |
Displays the IP address of an ARP entry. |
|
MAC Address |
Displays the MAC address of an ARP entry. |
|
Type |
Displays the type of an ARP entry. Static: The entry is added manually and will always remain the same. Dynamic: The entry that will be deleted after the aging time leased. The default aging time value is 600 seconds. If you want to change the aging time, you can use the CLI to configure it. |
2.1.2Adding Static ARP Entries Manually
You can add desired static ARP entries by mannually specifying the IP addresses and MAC addresses.
Choose the menu L3 FEATURES > ARP > Static ARP and click 
to load the following page.
Figure 2-2 Adding Static ARP Entries
Enter the IP address and MAC address, then click Create.
|
IP address |
Specify the IP address of the static ARP entry. |
|
MAC address |
Specify the MAC address.of the static ARP entry. |
2.1.3Configuring Gratuitous ARP
Choose the menu L3 FEATURES > ARP > Gratuitous ARP to load the following page.
Figure 2-3 Configuring Gratuitous ARP
Follow these steps to configure the Gratuitous feature for the interface.
8)In the Gratuitous ARP Global Settings section, configure the global parameters for gratuitous ARP. Then click Apply.
|
Send on IP Interface Status Up |
With this option enabled, the interface will send gratuitous ARP request packets when its status becomes up. This is used to announce the interface’s IP address to the other hosts. It is enabled by default. |
|
Send on Duplicate IP Detected |
With this option enabled, the interface will send gratuitous ARP request packets when a gratuitous ARP request packet is received for which the IP address is the same as the interface’s. In this case, the switch knows that another host is using the same IP address as its own. To claim the IP address for the correct owner, the interface sends gratuitous ARP packets. It is disabled by default. |
|
Gratuitous ARP Learning |
Normally, the switch only updates the MAC address table by learning from the ARP reply packet or normal ARP request packet. With this option enabled, the switch will also update the MAC address table by learning from the received gratuitous ARP packets. It is disabled by default. |
9)In the Gratuitous ARP Table section, configure the interval of sending gratuitous ARP request packets for the interface. Then click Apply.
|
Interface Name |
Displays the Interface ID of the Layer 3 interface. |
|
Gratuitous ARP Periodical Send Interval |
Enter the interval of sending gratuitous ARP request packets for the interface. A value of 0 means the interface will not send gratuitous ARP request packets periodically. |
2.1.4Configuring Proxy ARP
Proxy ARP is used in the situation that two devices are in the same network segment but connected to different Layer 3 interfaces.
Choose the menu L3 FEATURES> ARP > Proxy ARP > Proxy ARP to load the following page.
Figure 2-4 Configuring Proxy ARP
Select the desired interface and enable proxy ARP. Then click Apply.
|
IP Address |
Displays the IP address of the Layer 3 interface |
|
Subnet Mask |
Displays the subnet mask of the IP address. |
|
Status |
Enable proxy ARP feature on the interface. The interface will respond the ARP request sender with its own MAC address. |
2.1.5Configuring Local Proxy ARP
Local Proxy ARP is used in the situation that two devices are in the same VLAN but isolated on the layer 2 ports.
Choose the menu L3 FEATURES > ARP > Proxy ARP > Local Proxy ARP to load the following page.
Figure 2-5 Configuring Local Proxy ARP
Select the desired interface and enable local proxy ARP. Then click Apply.
|
IP Address |
Displays the IP address of the Layer 3 interface |
|
Subnet Mask |
Displays the subnet mask of the IP address. |
|
Status |
Enable local proxy ARP feature on the interface. The interface will respond the ARP request sender with its own MAC address. |
2.2Using the CLI
2.2.1Configuring the ARP Entry
Adding Static ARP Entries
Follow these steps to add static ARP entries:
|
Step 1 |
configure Enter global configuration mode. |
|
Step 2 |
arp ip mac type Add a static ARP entry. ip: Enter the IP address of the static ARP entry. mac: Enter the MAC address of the static ARP entry. type: Enter the ARP type. Configure it as 'arpa'. |
|
Step 3 |
show arp [ip] [mac] ip: Specify the IP address of your desired ARP entry. mac: Specify the MAC address of your desired ARP entry. |
|
Step 4 |
end Return to privileged EXEC mode. |
|
Step 5 |
copy running-config startup-config Save the settings in the configuration file. |
This example shows how to create a static ARP entry with the IP as 192.168.0.1 and the MAC as 00:11:22:33:44:55:
Switch#configure
Switch(config)#arp 192.168.0.1 00:11:22:33:44:55 arpa
Switch(config)#show arp 192.168.0.1
Interface Address Hardware Addr Type
Vlan1 192.168.0.1 00:11:22:33:44:55 STATIC
Switch(config)#end
Switch#copy running-config startup-config
Configuring the Aging Time of Dynamic ARP Entries
Follow these steps to configure the aging time of dynamic ARP entries for Lay 3 interfaces:
|
Step 1 |
configure Enter global configuration mode. |
|
Step 2 |
Enter the Layer 3 configuration mode. interface { fastEthernet port | range fastEthernet port-list | gigabitEthernet port | range gigabitEthernet port-list | ten-gigabitEthernet port | ten-range gigabitEthernet port-list | port-channel port-channel | range port-channel port-channel-list |} no switchport Enter interface configuration mode. port | port-list | port-channel | port-channel-list: The number or the list of the Ethernet port or port channel that you want to configure. interface vlan vlan-id Enter interafce VLAN mode. vlan-id: Specify a vlan interface ID. |
|
Step 3 |
arp timeout timeout Configure the ARP aging time of the VLAN interface or routed port . timeout: Specify the value of aging time, which ranges from 1 to 3000 in seconds. The default value is 600 seconds. |
|
Step 4 |
end Return to privileged EXEC mode. |
|
Step 5 |
copy running-config startup-config Save the settings in the configuration file. |
This example shows how to configure the aging time of dynamic ARP entries as 1000 seconds for VLAN interface 2 :
Switch#configure
Switch(config)#interface vlan 2
Switch(config-if)#arp timeout 1000
Switch(config-if)#end
Switch#copy running-config startup-config
Clearing Dynamic Entries
|
Step 1 |
configure Enter global configuration mode. |
|
Step 2 |
clear arp-cache Clear all the dynamic ARP entries. |
|
Step 3 |
copy running-config startup-config Save the settings in the configuration file. |
Viewing ARP Entries
On privileged EXEC mode or any other configuration mode, you can use the following command to view ARP entries:
|
show arp [ip] [mac] ip: Specify the IP address of your desired ARP entry. mac: Specify the MAC address of your desired ARP entry. |
|
show ip arp { fastEthernet port | gigabitEthernet port | ten-gigabitEthernet port | port-channel lagid | vlan vid } Verify the active ARP entries associated with a Layer 3 interface. port: Specify the number of the routed port. lagid: Specify the ID of the LAG. vid: Specify the VLAN interface ID. |
2.2.2Configuring the Gratuitous ARP
Configuring Gratuitous ARP Globally
Follow these steps to add static ARP entries:
|
Step 1 |
configure Enter global configuration mode. |
|
Step 2 |
gratuitous-arp intf-status-up enable Enable the Layer 3 interface to send a gratuitous ARP packet to detect if its IP address is used by other devices. It is enabled by default |
|
Step 3 |
gratuitous-arp dup-ip-detected enable (Optional) Enable the Layer 3 interface to send a gratuitous packet when the interface received a gratuitous ARP packet with the same IP address with its own. It is disabled by default. |
|
Step 4 |
gratuitous-arp learning enable (Optional) Enable the switch to learn MAC address entries from gratuitous ARP packets. Generally, the switch only learn MAC address entries form normal ARP packets. With this option enabled, the switch will also learn MAC address entries from gratuitous ARP packets. By default, it is disabled. |
|
Step 5 |
show gratuitous-arp Show the gratuitous ARP configuration. |
|
Step 6 |
end Return to privileged EXEC mode. |
|
Step 7 |
copy running-config startup-config Save the settings in the configuration file. |
This example shows how to enable Send on IP Interface Status Up, Send on Duplicate IP Detected and Gratuitous ARP Learning features:
Switch#configure
Switch(config)#gratuitous-arp dup-ip-detected enable
Switch(config)#gratuitous-arp intf-status-up enable
Switch(config)#gratuitous-arp learning enable
Switch(config)#show gratuitous-arp
Send on IP interface Status up : Enabled
Send on Duplicate IP Detected : Enabled
Gratuitous ARP Learning : Enabled
Interface Gratuitous ARP Periodical Send Interval
--------- ------------------------------------------
Gi1/0/18 0
VLAN1 0
Switch(config)#end
Switch#copy running-config startup-config
Configuring Interval of Sending Gratuitous ARP Packets
Follow these steps to configure gratuitous ARP packets for Layer 3 interfaces:
|
Step 1 |
configure Enter global configuration mode. |
|
Step 2 |
There are three types of Layer 3 interface that are able to send gratuitous ARP packets: routed port, port-channel and VLAN interface. interface { fastEthernet port | range fastEthernet port-list | gigabitEthernet port | range gigabitEthernet port-list | ten-gigabitEthernet port | ten-range gigabitEthernet port-list | port-channel port-channel | range port-channel port-channel-list |} no switch port Enter interface configuration mode and change the port or port-channel to be a Layer 3 interface. |
|
Interface vlan vlan-id Enter the vlan interface configuration mode. vlan-id: Enter the interface VLAN ID. |
|
|
Step 3 |
gratuitous-arp send-interval interval Specify the periodical interval at which the interface sends the gratuitous ARP packet. interval: Specify the interval in seconds. The valid value ranges from 0 to 65535. Value 0 means the interface does not periodically send gratuitous ARP packets. |
|
Step 4 |
show gratuitous-arp Show the gratuitous ARP configuration. |
|
Step 5 |
end Return to privileged EXEC mode. |
|
Step 6 |
copy running-config startup-config Save the settings in the configuration file. |
This example shows how to configure the interval of sending gratuitous ARP packets for VLAN interface 1 as 10 seconds:
Switch#configure
Switch(config)#interface vlan 1
Switch(config-if)#gratuitous-arp send-interval 10
Switch(config-if)#show gratuitous-arp
...
Interface Gratuitous ARP Periodical Send Interval
--------- ------------------------------------------
VLAN1 10
Switch(config-if)#end
Switch#copy running-config startup-config
2.2.3Configuring Proxy ARP
You can configure proxy ARP and local proxy ARP.
Configuring Proxy ARP
Follow these steps to Proxy ARP on the VLAN interface, routed port or port channel.
|
Step 1 |
configure Enter global configuration mode. |
|
Step 2 |
There are three types of Layer 3 interface can be enabled with Proxy ARP: routed port, port-channel and VLAN interface. interface { fastEthernet port | range fastEthernet port-list | gigabitEthernet port | range gigabitEthernet port-list | ten-gigabitEthernet port | ten-range gigabitEthernet port-list | port-channel port-channel | range port-channel port-channel-list |} no switch port Enter interface configuration mode and change the port or port-channel to be a Layer 3 interface. |
|
Interface vlan vlan-id Enter the vlan interface configuration mode. vlan-id: Enter the interface VLAN ID. |
|
|
Step 3 |
ip proxy-arp Enable Proxy ARP function on the specified Layer 3 interface. |
|
Step 4 |
show ip proxy-arp Show the Proxy ARP configuration.. |
|
Step 5 |
end Return to privileged EXEC mode. |
|
Step 6 |
copy running-config startup-config Save the settings in the configuration file. |
This example shows how to enable Proxy ARP function for VLAN interface 1:
Switch#configure
Switch(config)#interface vlan 1
Switch(config-if)#ip proxy-arp
Switch(config-if)#show ip proxy-arp
Interface IP Address IP Mask Status
----------- --------------- --------------- --------
vlan 1 192.168.0.1 255.255.255.0 Enabled
Switch(config-if)#end
Switch#copy running-config startup-config
Configuring Local Proxy ARP
Follow these steps to Local Proxy ARP on the VLAN interface, routed port or port channel.
|
Step 1 |
configure Enter global configuration mode. |
|
Step 2 |
There are three types of Layer 3 interface can be enabled with Local Proxy ARP: routed port, port-channel and VLAN interface. interface { fastEthernet port | range fastEthernet port-list | gigabitEthernet port | range gigabitEthernet port-list | ten-gigabitEthernet port | ten-range gigabitEthernet port-list | port-channel port-channel | range port-channel port-channel-list |} no switch port Enter interface configuration mode and change the port or port-channel to be a Layer 3 interface. |
|
Interface vlan vlan-id Enter the vlan interface configuration mode. vlan-id: Enter the interface VLAN ID. |
|
|
Step 3 |
ip local-proxy-arp Enable Local Proxy ARP function on the specified Layer 3 interface. |
|
Step 4 |
show ip local-proxy-arp Show the Local Proxy ARP configuration. |
|
Step 5 |
end Return to privileged EXEC mode. |
|
Step 6 |
copy running-config startup-config Save the settings in the configuration file. |
This example shows how to enable Local Proxy ARP function for VLAN interface 1:
Switch#configure
Switch(config)#interface vlan 1
Switch(config-if)#ip local-proxy-arp
Switch(config-if)#show ip local-proxy-arp
Interface IP Address IP Mask Status
----------- --------------- --------------- --------
vlan 1 192.168.0.1 255.255.255.0 Enabled
Switch(config-if)#end
Switch#copy running-config startup-config
Default ARP settings are listed in the following tables.
Table 3-1Default Gratuitous ARP Settings
|
Parameter |
Default Setting |
|
Send on IP Interface Status Up |
Enable |
|
Send on Duplicate IP Detected |
Disable |
|
Gratuitous ARP Learning |
Disable |
|
Gratuitous ARP Periodical Send Interval |
0 second |