Address Resolution Protocol (ARP) cache is a table where router or computer is keeping Layer 2 MAC addresses to Layer 3 IP addresses mappings which hw resolved lately. Without MAC to IP mapping the device would not be able to build and send IP packets.
Device discovers the MAC to IP mapping using ARP protocol Broadcast requests on the local subnet and saves the mapping in the ARP cache. If a device wants to send a packet to a neighbour, and it doesn’t have a corresponding MAC address, it sends out a broadcast ARP request packet. This broadcast packet reaches every device on the local subnet. Everybody will receive that ARP request packet but only the one device with the IP address mentioned in ARP broadcast request packet responds back with an ARP response packet to complete the process.
Some devices are also sending a gratuitous ARP packet when they first connect to the network. With a gratuitous ARP every device on the LAN segment will know that there is a new device on LAN segment before asking for his presence. Every PC will receive this packet so it can update its ARP cache in case there is ever a need to talk to this new device.
The ARP request and response process are delaying packet processing. ARP request packets go to all device on the subnet and in that way they spend unnecessary CPU cycles for packet processing of packets not destined to those hosts. If there are too many ARP broadcasts on the segment, it can cause traffic congestion and CPU load on devices.
So to keep the ARP traffic low, IP devices maintain a cache of ARP entries resolved lately. Old entries that are not used for some time will eventually get cleared out of the table.
Configurations of ARP cache timeout for Cisco and Juniper device:
Cisco router use an ARP cache timeout period of four hours. This means that if the router hasn’t sent or received any packets with a particular address for the last four hours, it will flush the ARP entry from its cache. This period usually works well on Ethernet networks but there are special situations when you can improve network performance by changing this period.
To set different ARP timeout value from default one, use the arp timeout configuration command:
Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#interface Ethernet0 Router1(config-if)#arp timeout 900 Router1(config-if)#end Router1#
Reduction of the ARP timeout period to 900 seconds – 15 minutes:
Router1(config-if)#arp timeout 900
Show ip arp command shows router’s ARP cache:
Router1#show ip arp Protocol Address Age (min) Hardware Addr Type Interface Internet 172.16.1.5 8 0001.9670.b780 ARPA Ethernet0 Internet 172.16.1.7 - 0000.0c92.bc6a ARPA Ethernet0 Internet 172.16.1.1 9 0010.4b09.5700 ARPA Ethernet0 Internet 172.16.1.3 2 0010.4b09.5715 ARPA Ethernet0 Router1#
This output includes the IP address, Age in minutes, MAC address, and the Interface information for each ARP entry. You can also show particular IP address mapping with the show ip arp command when you are only interested in particular entries:
Router1#show ip arp 172.16.1.5 Protocol Address Age (min) Hardware Addr Type Interface Internet 172.16.1.5 2 0001.9670.b780 ARPA Ethernet0 Router1#
The same command works with MAC address, as follows:
Router1#show ip arp 0010.4b09.5715 Protocol Address Age (min) Hardware Addr Type Interface Internet 172.16.1.3 3 0010.4b09.5715 ARPA Ethernet0 Router1#
Or you can get a listing of ARP information for a particular router interface:
Router1#show ip arp Ethernet0 Protocol Address Age (min) Hardware Addr Type Interface Internet 172.16.1.5 4 0001.9670.b780 ARPA Ethernet0 Internet 172.16.1.7 - 0000.0c92.bc6a ARPA Ethernet0 Internet 172.16.1.1 2 0010.4b09.5700 ARPA Ethernet0 Internet 172.16.1.3 4 0010.4b09.5715 ARPA Ethernet0 Router1#
To manually clear the router’s entire ARP cache, use the clear arp command:
Router1#clear arp Router1#
Show interface command shows ARP timeout setting for a particular interface:
Router1#show interface Ethernet0 Ethernet0 is up, line protocol is up Hardware is Lance, address is 0000.0c92.bc6a (bia 0000.0c92.bc6a) Internet address is 172.16.1.7/24 MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, rely 255/255, load 1/255 Encapsulation ARPA, loopback not set, keepalive set (10 sec) ARP type: ARPA, ARP Timeout 00:10:00 ...
Normal ARP ageing timer on Juniper devices is set to 20 minutes. In enterprise network with many directly attached hosts, such as metro Ethernet, increasing the time between ARP updates can improve performance. However, in other cases is better to lower the ARP ageing timer value to prevent the flooding of traffic and improve performance.
In JUNOS the range of the ARP ageing timer is from 1 through 240 minutes.
To configure a system-wide ARP ageing timer, include the ageing-timer statement at the [edit system arp] hierarchy level:
[edit system arp] ageing-timer minutes;
You can configure the ARP ageing timer for each logical interface of family type inet. To configure the ARP ageing timer on the logical interface level, we must go at the [edit system arp ageing-timer interface interface-name] hierarchy level:
[edit system arp ageing-timer interface interface-name] ageing-timer ageing-timer-minutes;