Foundry Configuration Guide for the FESX, FSX, and FWSX
16 - 26 © Foundry Networks, Inc. December 2005
To obtain the MAC address required for forwarding a datagram, the Layer 3 Switch does the following:
• First, the Layer 3 Switch looks in the ARP cache (not the static ARP table) for an entry that lists the MAC
address for the IP address. The ARP cache maps IP addresses to MAC addresses. The cache also lists the
port attached to the device and, if the entry is dynamic, the age of the entry. A dynamic ARP entry enters the
cache when the Layer 3 Switch receives an ARP reply or receives an ARP request (which contains the
sender’s IP address and MAC address). A static entry enters the ARP cache from the static ARP table (which
is a separate table) when the interface for the entry comes up.
To ensure the accuracy of the ARP cache, each dynamic entry has its own age timer. The timer is reset to
zero each time the Layer 3 Switch receives an ARP reply or ARP request containing the IP address and MAC
address of the entry. If a dynamic entry reaches its maximum allowable age, the entry times out and the
software removes the entry from the table. Static entries do not age out and can be removed only by you.
• If the ARP cache does not contain an entry for the destination IP address, the Layer 3 Switch broadcasts an
ARP request out all its IP interfaces. The ARP request contains the IP address of the destination. If the
device with the IP address is directly attached to the Layer 3 Switch, the device sends an ARP response
containing its MAC address. The response is a unicast packet addressed directly to the Layer 3 Switch. The
Layer 3 Switch places the information from the ARP response into the ARP cache.
ARP requests contain the IP address and MAC address of the sender, so all devices that receive the request
learn the MAC address and IP address of the sender and can update their own ARP caches accordingly.
NOTE: The ARP request broadcast is a MAC broadcast, which means the broadcast goes only to devices
that are directly attached to the Layer 3 Switch. A MAC broadcast is not routed to other networks. However,
some routers, including Foundry Layer 3 Switches, can be configured to reply to ARP requests from one
network on behalf of devices on another network. See “Enabling Proxy ARP” on page 16-27.
NOTE: If the router receives an ARP request packet that it is unable to deliver to the final destination because of
the ARP timeout and no ARP response is received (the Layer 3 Switch knows of no route to the destination
address), the router sends an ICMP Host Unreachable message to the source.
Rate Limiting ARP Packets
You can limit the number of ARP packets the Foundry device accepts during each second. By default, the
software does not limit the number of ARP packets the device can receive. Since the device sends ARP packets
to the CPU for processing, if a device in a busy network receives a high number of ARP packets in a short period
of time, some CPU processing might be deferred while the CPU processes the ARP packets.
To prevent the CPU from becoming flooded by ARP packets in a busy network, you can restrict the number of ARP
packets the device will accept each second. When you configure an ARP rate limit, the device accepts up to the
maximum number of packets you specify, but drops additional ARP packets received during the one-second
interval. When a new one-second interval starts, the counter restarts at zero, so the device again accepts up to
the maximum number of ARP packets you specified, but drops additional packets received within the interval.
To limit the number of ARP packets the device will accept each second, enter a command such as the following at
the global CONFIG level of the CLI:
FESX424 Router(config)# rate-limit-arp 100
This command configures the device to accept up to 100 ARP packets each second. If the device receives more
than 100 ARP packets during a one-second interval, the device drops the additional ARP packets during the
remainder of that one-second interval.
Syntax: [no] rate-limit-arp <num>
The <num> parameter specifies the number of ARP packets and can be from 0 – 100. If you specify 0, the device
will not accept any ARP packets.
To Next Page
Loading...
Need help?
General
