Guest

IP Addressing Services

ARP FAQ: Why are some dynamic ARP entries still present in the ARP table after the respective ARP timeout has expired?

  • Viewing Options

  • PDF (8.0 KB)
  • Feedback

Document ID: 117398

Updated: Jan 28, 2014

Contributed by Michal Stanczyk, Cisco TAC Engineer.

   Print

Introduction

This document describes dynamic Address Resolution Protocol (ARP) entry aging.

Why are some dynamic ARP entries still present in the ARP table after the respective ARP timeout has expired?

In Cisco IOS® software, the ARP cache timeout is set to four hours (240 minutes) by default, but can be modified in the interface configuration mode.

Enter the show interfaces command in order to display the ARP cache timeout:

ASR1k#show interfaces gi0/0/2 | include ARP
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00

The ARP entry is actually stored in the ARP cache even after its timeout has expired. In this example, the dynamic ARP entry for IP address 10.2.2.2 has been present in the ARP cache for 253 minutes:

ASR1k#show arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.2.2.1 - 30e4.dbb7.7e02 ARPA GigabitEthernet0/0/2
Internet 10.2.2.2 253 0004.c01d.7c1a ARPA GigabitEthernet0/0/2

The extra time is the jitter added to each dynamic ARP entry when it is created. Random jitter is added to the ARP cache timeout in order to avoid synchronous expiration of the ARP entries, which might trigger an ARP storm. Jitter should be a random number between 0 seconds and 30 minutes, with a maximum jitter of 30 minutes.

This procedure describes how to confirm that jitter is random:

  1. Enter the show arp IP address detail command in order to check the ARP entry details:

    ASR1k#show arp 10.2.2.2 detail
    ARP entry for 10.2.2.2, link type IP.
    Dynamic, via GigabitEthernet0/0/2, last updated 253 minutes ago.
    Encap type is ARPA, hardware address is 0004.c01d.7c1a, 6 bytes long.
    ARP subblocks:
    * Dynamic ARP Subblock
    Entry will be refreshed in 9 minutes and 4 seconds.
    It has 2 chances to be refreshed before it is purged.
    Entry is complete.
    * ARP HA
    ARP entry is a new entry and has not been synchronized to standby RP.
    * IP ARP Adjacency
    Adjacency (for 10.2.2.2 on GigabitEthernet0/0/2) was installed.
    Connection ID: 0
  2. Clear the ARP entry, and capture output from the show arp IP address detail command again:

    ASR1k#clear arp 10.2.2.2
    ASR1k#show arp 10.2.2.2 detail
    ARP entry for 10.2.2.2, link type IP.
    Dynamic, via GigabitEthernet0/0/2, last updated 0 minute ago.
    Encap type is ARPA, hardware address is 0004.c01d.7c1a, 6 bytes long.
    ARP subblocks:
    * Dynamic ARP Subblock
    Entry will be refreshed in 261 minutes and 42 seconds.
    It has 2 chances to be refreshed before it is purged.
    Entry is complete.
    Notice that the timer has been reset.

  3. Repeat Step 2, and note that the outcome is different:

    ASR1k #clear arp 10.2.2.2
    ASR1k #show arp 10.2.2.2 det
    ARP entry for 10.2.2.2, link type IP.
    Dynamic, via GigabitEthernet0/0/2, last updated 0 minute ago.
    Encap type is ARPA, hardware address is 0004.c01d.7c1a, 6 bytes long.
    ARP subblocks:
    * Dynamic ARP Subblock
    Entry will be refreshed in 263 minutes and 58 seconds.
    It has 2 chances to be refreshed before it is purged.
    Entry is complete.

Related Information

Updated: Jan 28, 2014
Document ID: 117398