Worldwide [change] |Account |Register |About Cisco
Guest

Hierarchical Navigation

Cisco IOS Software Releases 12.3 Special and Early Deployments

ARP-Auto Logoff

Downloads

Table Of Contents

ARP—Auto Logoff

Contents

Information About ARP—Auto Logoff

Authorized ARP Auto—Logoff

Feature Design of ARP—Auto Logoff

How to Configure ARP—Auto Logoff

Prerequisites

Configuration Examples for ARP—Auto Logoff

ARP—Auto Logoff Configuration: Example

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Command Reference

arp probe interval

show processes cpu


ARP—Auto Logoff

The ARP—Auto Logoff feature adds finer control for probing authorized Address Resolution Protocol (ARP) peers. A new ARP command specifies when to start a probe (the timeout), how frequent a peer is probed (the interval), and the maximum number of retries (the count). The benefit of this feature is more accurate billing cycles, which are configurable, and prevention of premature logoff.

Feature History for the ARP—Auto Logoff Feature

Release
Modification

12.3(8)XX

This feature was introduced.

12.3(14)T

This feature was integrated into Cisco IOS Release 12.3(14)T.


Finding Support Information for Platforms and Cisco IOS Software Images

Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.

Contents

Information About ARP—Auto Logoff

How to Configure ARP—Auto Logoff

Configuration Examples for ARP—Auto Logoff

Additional References

Command Reference

Information About ARP—Auto Logoff

To configure the ARP—Auto Logoff feature, you should understand the following concepts:

Authorized ARP Auto—Logoff

Feature Design of ARP—Auto Logoff

Authorized ARP Auto—Logoff

The current authorized ARP auto-logoff functionality supports one-minute billing cycles only. When authorized ARP is enabled, the probing takes place every 30 seconds and allows one to two retries, 30 seconds apart. In a busy network, reply packets can be missed and a premature logoff can occur.

With this release, it is possible to have a more accurate and controlled detection of a peer by configuring the start of a probe, the interval between unsuccessful probes, and the maximum number of retries before triggering an auto logoff.

Feature Design of ARP—Auto Logoff

Once authorized ARP is configured, ARP learning is stopped and a private table is maintained. The table is populated by an authorized application, such as DHCP. Each entry in the table has a managed timer associated with it. An ARP probe monitors the expiration times of all entries in the table. When the time expires, an ARP request is sent to a peer, and the peer is probed at a specified interval for a maximum count. The ARP reply from the peer stops the current probing, and the timeout value for the entry is updated in the table. An ARP request packet is sent to the peer router, and the counter of the retries is decremented by one. If the counter is zero, the retries stop.

A notification is triggered for an authorization application, such as DHCP server, and the proper action is taken. In the meantime, the ARP entry is removed from the table.

The start time of the probe for an entry is calculated by adding the interface ARP timeout value to the entry timestamp. Once an ARP reply is received from a peer, the timestamp is updated by the ARP input process. This event triggers a message so that the ARP probing process updates its timer to reflect the new state.

In general, three activities trigger the event message:

Change of timeout configuration

Receipt of ARP reply

Authorized application request of updating or removing of the entry

When a new start time is set, the counter is also reset to the initial configured value.

How to Configure ARP—Auto Logoff

Perform the following steps to configure the ARP—Auto Logoff feature.

Prerequisites

Authorized ARP auto logoff and DHCP secure ARP should be configured and working properly.

SUMMARY STEPS

1. enable

2. configure terminal

3. interface type number [name-tag]

4. arp interface {arpa | frame-relay | snap}

5. arp timeout seconds

6. arp probe interval interval-number count seconds

7. exit

8. show processes cpu

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

interface type number [name-tag]

Example:

Router(config)# interface ethernet 2/4

Specifies an interface and enters interface configuration mode.

Step 4 

arp interface {arpa | frame-relay | snap}

Example:

Router(config-if)# arp interface frame-relay

Controls the interface-specific handling of IP address resolution into 48-bit Ethernet, FDDI, Frame Relay, and Token Ring hardware addresses. The keywords are as follows:

arpaStandard Ethernet-style ARP (RFC 826).

frame-relay—ARP over a Frame Relay encapsulated interface.

snap—ARP packets conforming to RFC 1042.

Step 5 

arp timeout seconds

Example:

Router(config-if) arp timeout 10

Configures the timeout, in seconds, that an entry remains in the ARP cache. A value of zero means that entries are never cleared from the cache.

Step 6 

arp probe interval interval-number count count-number

Example:

Router(config-if)# arp probe interval 2 count 30

Specifies an interval, in seconds, and number of probe retries. The arguments are as follows:

interval-number—Interval after which the next probe will be sent to see if a peer is present. The range is from 1 to 10.

count-number—Number of probe retries. If there is no reply after the count has been reached, the peer has logged off. The range is from 1 to 60.

Note You must use the no form of the command to stop the probing process.

Step 7 

exit

Example:

Router(config-if)# exit

Exits to privileged EXEC mode.

Step 8 

show processes cpu

Example:

Router# show processes cpu

Displays the ARP probing process.

Configuration Examples for ARP—Auto Logoff

This section provides the following configuration example:

ARP—Auto Logoff Configuration: Example

ARP—Auto Logoff Configuration: Example

The following example shows how to configure the number of intervals at which the peer is probed and for how many seconds: 

!

interface Ethernet0

 ip address 10.0.0.1 255.255.255.0

 arp authorized

 arp probe interval 5 count 15

 arp timeout 60

Additional References

The following sections provide references related to the ARP—Auto Logoff feature.

Related Documents

Related Topic
Document Title

ARP optimization and configuration

"Configuring IP Addressing" chapter in Cisco IOS IP Configuration Guide, Release 12.3

DHCP Authorized ARP, Release 12.3(4)T

ARP commands

Cisco IOS IP Command Reference, Volume 1 of 4: Addressing and Services, Release 12.3 T


Standards

Standards
Title

No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.


MIBs

MIBs
MIBs Link

No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature.

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs


RFCs

RFCs
Title

No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.


Technical Assistance

Description
Link

Technical Assistance Center (TAC) home page, containing 30,000 pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.

http://www.cisco.com/public/support/tac/home.shtml


Command Reference

This section documents one new command and one modified command only.

arp probe interval

show processes cpu

arp probe interval

To control the the probing of authorized peers, use the arp probe interval command in interface configuration mode. To disable the probe, use the no form of this command.

arp probe interval seconds count count-number

no arp probe

Syntax Description

seconds

Interval in seconds after which the next probe will be sent to see if the peer is still present. The range is from 1 to 10.

count count-number

Number of probe retries. If no response, the peer has logged off. The range is from 1 to 60.


Defaults

Disabled

Command Modes

Interface configuration

Command History

Release
Modification

12.3(8)XX

This command was introduced.

12.3(14)T

This command was integrated into Cisco IOS Release 12.3(14)T.


Usage Guidelines

Once you configure the arp probe interval command, probing continues until you disable it using the no form of the command on all interfaces.

Examples

The following example shows a 2 second interval with a probe of the peer occurring 5 times: 

interface ethernet 0

 arp probe interval 2 count 5

Related Commands

Command
Description

arp (interface)

Controls the interface-specific handling of IP address resolution.

clear arp-cache

Deletes all dynamic entries from the ARP cache.

show interfaces

Displays statistics for all interfaces configured on the router or access server.


show processes cpu

To display detailed CPU utilization statistics (CPU use per process), use the show processes cpu command in privileged EXEC mode.

show processes cpu [history | sorted]

Syntax Description

history

(Optional) Displays CPU history in a graph format.

sorted

(Optional) Displays CPU history sorted by percentage of utilization.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.0

This command was introduced.

12.2(2)T

The history keyword was added.

12.3(8), 12.3(14)T

This command was enhanced to display ARP.


Usage Guidelines

You can use the output of this command in the Cisco.com Output Interpreter to display potential issues and fixes. Access the Output Interpreter through:

http://www.cisco.com/warp/public/63/highcpu.html

To use Output Interpreter, you must be a Cisco.com registered customer, be logged in, and have JavaScript enabled.

If you use the optional history keyword, three graphs are displayed:

CPU Utilization for the last 60 seconds

CPU Utilization for the last 60 minutes

CPU Utilization for the last 72 hours

The horizontal axis shows times (for example; 0, 5, 10, 15 minutes), the vertical axis shows total percentage of CPU utilization (0 to 100 percent).

Examples

The following is sample output from the show processes cpu command: 

Router# show processes cpu


CPU utilization for five seconds: 5%/2%; one minute: 3%; five minutes: 2%

  PID  Runtime (ms)    Invoked   uSecs   5Sec  1Min  5Min  TTY  Process

    1          1736         58   29931     0%    0%    0%  0    Check heaps

    2            68        585     116  1.00% 1.00%    0%  0    IP Input

    3             0        744       0     0%    0%    0%  0    TCP Timer

    4             0          2       0     0%    0%    0%  0    TCP Protocols

    5             0          1       0     0%    0%    0%  0    BOOTP Server

    6            16        130     123     0%    0%    0%  0    ARP Input

    7             0          1       0     0%    0%    0%  0    Probe Input

    8             0          7       0     0%    0%    0%  0    MOP Protocols

    9             0          2       0     0%    0%    0%  0    Timers

   10           692         64   10812     0%    0%    0%  0    Net Background

   11             0          5       0     0%    0%    0%  0    Logger

   12             0         38       0     0%    0%    0%  0    BGP Open

   13             0          1       0     0%    0%    0%  0    Net Input

   14           540       3466     155     0%    0%    0%  0    TTY Background

   15             0          1       0     0%    0%    0%  0    BGP I/O

   16          5100       1367    3730     0%    0%    0%  0    IGRP Router

   17            88       4232      20  0.20% 1.00%    0%  0    BGP Router

   18           152      14650      10     0%    0%    0%  0    BGP Scanner

   19           224         99    2262     0%    0% 1.00%  0    Exec

The following is sample output from the show processes cpu command that shows an ARP probe Process: 

Router# show processes cpu | include ARP


17       38140    389690         97  0.00%  0.00%  0.00%   0 ARP Input        

36           0        1           0  0.00%  0.00%  0.00%   0 IP ARP Probe     

40           0         1          0  0.00%  0.00%  0.00%   0 ATM ARP INPUT    

80           0         1          0  0.00%  0.00%  0.00%   0 RARP Input       

114          0         1          0  0.00%  0.00%  0.00%   0 FR ARP         


Table 1 describes the fields shown in the displays.

Table 1 show processes cpu Field Descriptions 

Field
Description

CPU utilization for five seconds:

CPU utilization for the last 5 seconds. The second number indicates the percent of CPU time spent at the interrupt level.

one minute:

CPU utilization for the last minute.

five minutes:

CPU utilization for the last 5 minutes.

PID

Process ID.

Runtime (ms)

CPU time the process has used (in milliseconds).

Invoked

Number of times the process has been invoked.

uSecs

Microseconds of CPU time for each process invocation.

5Sec

CPU utilization by task in the last 5 seconds.

1Min

CPU utilization by task in the last minute.

5Min

CPU utilization by task in the last 5 minutes.

TTY

Terminal that controls the process.

Process

Name of the process.


Note Because platforms have a 4- to 8-millisecond clock resolution, run times are considered reliable only after a large number of invocations or a reasonable, measured run time.

Related Commands

Command
Description

show processes memory

Displays amount of system memory used per system process.


Copyright © 2005 Cisco Systems, Inc. All rights reserved.