Huge ARP table on 2600 12.2.(7b)

Discussion in 'Cisco' started by Mikhael47, Aug 31, 2004.

  1. Mikhael47

    Mikhael47 Guest

    I am running a 2621 connected to the internet. It's got two interfaces. I
    found out that my ARP table is absolutely huge! There is a public
    webserver, and a Mail server behind this router and the number of arp
    entries does not correspond with the number of connections. I am also
    getting CPUHOG messeges on ARP Input on a regular basis. We don't have many
    machines inside our network that use the router for outbound traffic.

    There is nat setup on it too.

    How would I go about troubleshooting this problem?

    Mike
     
    Mikhael47, Aug 31, 2004
    #1
    1. Advertising

  2. Mikhael47

    Scooby Guest

    "Mikhael47" <> wrote in message
    news:Uf%Yc.9510$...
    > I am running a 2621 connected to the internet. It's got two interfaces.

    I
    > found out that my ARP table is absolutely huge! There is a public
    > webserver, and a Mail server behind this router and the number of arp
    > entries does not correspond with the number of connections. I am also
    > getting CPUHOG messeges on ARP Input on a regular basis. We don't have

    many
    > machines inside our network that use the router for outbound traffic.
    >
    > There is nat setup on it too.
    >
    > How would I go about troubleshooting this problem?
    >
    > Mike
    >
    >


    Is this a ethernet handoff from your isp? Cable or DSL perhaps? I've seen
    this before when you use a static route to the interface rather than the
    actual next hop. Example:

    ip route 0.0.0.0 0.0.0.0 e0

    This will make an arp entry for every ip that is accessed on that interface.
    If it is not on that subnet, the mac address used will be the gateway that
    is uses for the next hop. These arp entries hang around for a long time.
     
    Scooby, Aug 31, 2004
    #2
    1. Advertising

  3. Post a show running-config so I can look at your configuration.

    Thanks
    Anthony

    Mikhael47 wrote:
    > I am running a 2621 connected to the internet. It's got two interfaces. I
    > found out that my ARP table is absolutely huge! There is a public
    > webserver, and a Mail server behind this router and the number of arp
    > entries does not correspond with the number of connections. I am also
    > getting CPUHOG messeges on ARP Input on a regular basis. We don't have many
    > machines inside our network that use the router for outbound traffic.
    >
    > There is nat setup on it too.
    >
    > How would I go about troubleshooting this problem?
    >
    > Mike
    >
    >
     
    Anthony Louis Swanson, Aug 31, 2004
    #3
  4. Mikhael47

    Mikhael47 Guest

    I think you got it. That's exactly how I am configured. I scaled back the
    arp timeout to 1 hour instead of the default of 4. I also realized that I
    had shut off fast switching and setup a hold-queue on the input. I removed
    the queue, re-enabled fast switching and the router is purring again.

    Mike

    "Scooby" <> wrote in message
    news:YL%Yc.1807$...
    > "Mikhael47" <> wrote in message
    > news:Uf%Yc.9510$...
    > > I am running a 2621 connected to the internet. It's got two interfaces.

    > I
    > > found out that my ARP table is absolutely huge! There is a public
    > > webserver, and a Mail server behind this router and the number of arp
    > > entries does not correspond with the number of connections. I am also
    > > getting CPUHOG messeges on ARP Input on a regular basis. We don't have

    > many
    > > machines inside our network that use the router for outbound traffic.
    > >
    > > There is nat setup on it too.
    > >
    > > How would I go about troubleshooting this problem?
    > >
    > > Mike
    > >
    > >

    >
    > Is this a ethernet handoff from your isp? Cable or DSL perhaps? I've

    seen
    > this before when you use a static route to the interface rather than the
    > actual next hop. Example:
    >
    > ip route 0.0.0.0 0.0.0.0 e0
    >
    > This will make an arp entry for every ip that is accessed on that

    interface.
    > If it is not on that subnet, the mac address used will be the gateway that
    > is uses for the next hop. These arp entries hang around for a long time.
    >
    >
    >
    >
    >
    >
     
    Mikhael47, Aug 31, 2004
    #4
  5. >>"Scooby" <> wrote in message
    >>news:YL%Yc.1807$...

    >On Tue, 31 Aug 2004 10:53:11 -0400, "Mikhael47" <> wrote:


    >> Is this a ethernet handoff from your isp? Cable or DSL perhaps? I've

    >seen
    >> this before when you use a static route to the interface rather than the
    >> actual next hop. Example:
    >>
    >> ip route 0.0.0.0 0.0.0.0 e0
    >>

    >I think you got it. That's exactly how I am configured. I scaled back the
    >arp timeout to 1 hour instead of the default of 4. I also realized that I
    >had shut off fast switching and setup a hold-queue on the input. I removed
    >the queue, re-enabled fast switching and the router is purring again.


    Specify a default gateway address rather than just an interface if
    possible, and your router will be even happier. ARP'ing for
    everything is inefficient, and bad etiquette when it's someone else's
    network that has to deal with the extra traffic.

    -Terry
     
    Terry Baranski, Sep 1, 2004
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. ProgDario
    Replies:
    5
    Views:
    12,355
    miskaone
    Apr 27, 2005
  2. Replies:
    21
    Views:
    8,959
    Ben Smith
    Dec 1, 2005
  3. Cisco 2950 ARP table?

    , Mar 18, 2006, in forum: Cisco
    Replies:
    3
    Views:
    9,943
  4. thejim

    ARP table

    thejim, Sep 15, 2006, in forum: Cisco
    Replies:
    3
    Views:
    3,921
    BernieM
    Sep 16, 2006
  5. Darren Green

    Arp or Proxy Arp

    Darren Green, Feb 20, 2009, in forum: Cisco
    Replies:
    0
    Views:
    627
    Darren Green
    Feb 20, 2009
Loading...

Share This Page