ARP problem
Results 1 to 10 of 10

Thread: ARP problem

  1. #1
    Senior Member
    Join Date
    Nov 2002
    Posts
    382

    Post ARP problem

    Guys,
    I know there many talented admin in AO.
    I need help on this one :

    I would like to configure the time during an ARP is cached in a windows NT & 2K. I don't know if it is doable thanks to thge registry & how.

    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
    Some detail on why I need this info may help guys in the same situation:

    I have a private network based on 100/Eth switches.
    One VLAN is dedicated for admin. My switches allows to give a queuing priority for a specific VLAN in case of congestion.

    My problem is this priority concerns only unicast traffic there fore I may lose broadcast packet with equal chances on every VLANs. I have 2 Mib Browser watching the private net based on Windows 2000 & NT. When a MAC adress is flushed MIB browser PCs sends ARP to the equipment to watch. This ARP may be dropped because on a congestion and a false alarm will shows up. To make sure that will not happen again I'd like to parameter the ARP cache time in order to be less than the Snmp get frequency.

    Maybe you have a better idea, it coud help, thanx
    [shadow] SHARING KNOWLEDGE[/shadow]

  2. #2
    Senior Member
    Join Date
    Aug 2002
    Posts
    651
    Hey Networker. Maybe the following link will help you:

    Microsoft Knowledgebase Article .

    I hope this helps.


    t2k2
    Opinions are like holes - everybody\'s got\'em.

    Smile

  3. #3
    Senior Member
    Join Date
    Nov 2002
    Posts
    382
    Thanks t2k2,
    it seems to match perfectly, i'll test it right now!!!
    [shadow] SHARING KNOWLEDGE[/shadow]

  4. #4
    Senior Member
    Join Date
    Aug 2002
    Posts
    651
    Glad to have been able to help. Let me know how it works out for you.
    Opinions are like holes - everybody\'s got\'em.

    Smile

  5. #5
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    Let me know if that works for you, if not, I have some other suggestions, but I don't want to bother if your problem is fixed.

  6. #6
    Senior Member
    Join Date
    Nov 2002
    Posts
    382

    Smile

    Well, thanks guys I tested it & I am pretty happy with!

    There one thing that's disturbing me on that subject, it seems the ArpCacheLife parameter controls the time during a ARP is cached but even if the a flow to the distant mac address is maintained.
    I am maybe not clear on this one!

    I thought that the ArpCacheLife parameter was triggered by the last frame with the dest mac address. e.g. Host A send data to Host B, before sending the first frame A do an ARP resolution and cache the IP-to-mac association (ARP), then after a period of "ArpCacheLife" a new arp is sent even if the last frame sent to Host be had been transmited a msec before.
    Therefore To solve my problem I had to configure ArpCacheLife to ffff value, and I think this could be dangerous for the network in term of L2P attacks and reliability.

    Any idea is welcome, thanx
    [shadow] SHARING KNOWLEDGE[/shadow]

  7. #7
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    The purpose of an ARP cache is so that an ARP request does not have to be sent again if the entry already exists in it's cache, thereby improving performance by reducing network traffic. Therefore, during the lifetime of the entry in the cache, NO new ARP's will be sent, and the lifetime value will not be reset just because there is an active session with the host.

    Also, setting the value ffff is basically forcing the entry to remain in the cache infinitely. This definately could cause networking problems, especially in situations where IP addresses may change (DHCP)

  8. #8
    Member
    Join Date
    Jan 2002
    Posts
    64
    "Distant MAC address"?? I thought MAC addresses only applied to the local subnet? The MAC address will belong to your default gateway... no?
    .....Brain Failure....dumping core.... z z z

  9. #9
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    Originally posted here by krang
    "Distant MAC address"?? I thought MAC addresses only applied to the local subnet? The MAC address will belong to your default gateway... no?
    I don't think that is what he meant by distant...

  10. #10
    Senior Member
    Join Date
    Nov 2002
    Posts
    382
    "Distant MAC address"?? I thought MAC addresses only applied to the local subnet? The MAC address will belong to your default gateway... no?
    I mean by distant MAC address the destination host MAC's that' belong to the same VLAN than the source host.

    The VLAN may be limited to a single switch but may be as well distributed between a large set of switch thanks to trunks.

    Networking is not all about IP routing !!! [/color]

    Personnally, I prefer architecture relying as much as possible on ethernet switching (but it's my personnal feeling) as far ethernet wiring is doable, for the following reasons:

    - Throughput: Powerful routers are expensive (e.g. for giga ethernet ) compared to eth switching devices even more if your routers are handling a very large set of routes or performing ACLs, CBWFQ or others very interresting features.

    - Latency: CAM tables are firmware based and switch like lightning.

    For me a effective private network design is based on multiple VLANs (1 VLAN for the DMZ, 1 for the financial, 1 for sales, ....) with routers used as gateway between VLAN and external world (associated of course with firewalling, IDS & Security audit tools)
    [shadow] SHARING KNOWLEDGE[/shadow]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •