No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CLI-based Configuration Guide - IP Service

AR500, AR510, AR531, AR550, AR1500, and AR2500 V200R010

This document describes the concepts and configuration procedures of IP Service features on the device, and provides the configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Optimizing Dynamic ARP

Optimizing Dynamic ARP

By default, hosts and industrial switch routers dynamically learn ARP entries. You can adjust parameters of dynamic ARP entries based on network requirements.

Pre-configuration Tasks

Before optimizing dynamic ARP, complete the following tasks:

  • Setting link layer protocol parameters for interfaces to ensure that the link layer protocol status of the interfaces is Up

Adjusting Aging Parameters of Dynamic ARP Entries

Context

Aging parameters of ARP entries include the aging time, the number of probes, detection intervals, and detection modes. Proper adjustment of aging parameters improves network reliability.

You can adjust the following parameters of dynamic ARP entries:
  • Aging time of dynamic ARP entries: After the aging time of a dynamic ARP entry is reached, the device sends an ARP Request packet to the corresponding outbound interface and starts ARP aging detection. If the value of the aging time is set too small (for example, 1 minute), the system consumes most resources on updating dynamic ARP entries and cannot process other services. If the aging time is too long (for example, 15 hours), the device may not update dynamic ARP entries in a timely manner. The default aging time (20 minutes) is recommended.

  • Number of probes to dynamic ARP entries: Before aging a dynamic ARP entry, the system first performs probes. If no answer is received after the times of probes reach the upper limit, the ARP entry is deleted.

  • Aging detection modes of dynamic ARP entries: Before an ARP entry is aged, an interface sends an ARP aging probe packet.

    NOTE:
    • If the IP address of the peer device remains the same but the MAC address changes frequently, it is recommended that you configure ARP aging probe packets to be broadcast.
    • If the MAC address of the peer device remains the same, and the network bandwidth is insufficient, it is recommended that you configure ARP aging probe packets to be unicast.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run interface interface-type interface-number

    The interface view is displayed.

  3. Run arp expire-time expire-time

    The aging time of dynamic ARP entries is set.

    By default, the aging time of dynamic ARP entries is 1200 seconds, that is, 20 minutes.

  4. Run arp detect-times detect-times

    The number of probes to dynamic ARP entries is set.

    By default, the number of ARP probes is 3.

  5. Run arp detect-mode unicast

    An interface is configured to send ARP aging probe packets in unicast mode.

    By default, an interface sends the last ARP Aging Detection packet in broadcast mode, and the rest ARP Aging Detection packets are sent in unicast mode.

Enabling Layer 2 Topology Detection

Context

Layer 2 topology detection enables the system to update all the ARP entries in the VLAN that a Layer 2 interface belongs to when the Layer 2 interface status changes from Down to Up.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run l2-topology detect enable

    Layer 2 topology detection is enabled.

    By default, Layer 2 topology detection is disabled.

Configuring Unicast ARP Probe

Background Information
To improve network security, some devices do not support broadcast packets.
  • Before an ARP entry ages out, the local device broadcasts an ARP request packet in an attempt to update the ARP entry based on the reply from a peer device. If the peer device does not support broadcast packets, it does not respond to the broadcast ARP request packet, so the local device considers the peer device offline and deletes the ARP entry. As a result, services will be interrupted between the two devices.
  • If the local device is new, it will broadcast an ARP request packet to learn the MAC addresses of other devices. If a peer device does not support broadcast packets, it will discard the ARP request packet, so the local device will not learn the peer device's MAC address. As a result, new services will not be started between the two devices.
To resolve these problems, enable the unicast ARP probe function. This function enables a local interface to send a unicast ARP request packet that carries the specified IP and MAC addresses. The unicast ARP probe function improves network security, without compromising service stability. The ARP entries learned or updated by the local device will be deleted after their aging time expires and can be updated again after the local device receives ARP request packets from the peer device.

Procedure

  • Run arp send-packet ip-address mac-address interface interface-type interface-number [ vid vid [ cevid cevid ] ]

    The unicast ARP probe function is configured.

Verifying the ARP Configuration

Procedure
  • Run the display arp [ all | brief ] command to check all ARP mapping entries.

  • Run the display arp interface interface-type interface-number [ vid vlan-id [ cevid cevlan-id ] ] command to check ARP mapping entries of a specified interface.

  • Run the display arp network net-number net-mask [ dynamic | static ] command to check ARP mapping entries of a specified network segment.

  • Run the display arp dynamic command to check dynamic ARP mapping entries.

  • Run the display arp vpn-instance vpn-instance-name static command to check static ARP mapping entries of a specified VPN instance.

Translation
Download
Updated: 2019-05-20

Document ID: EDOC1100034231

Views: 78680

Downloads: 51

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next