No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


How to understand ARP miss packet

Publication Date:  2013-08-28 Views:  369 Downloads:  0

Issue Description

<sysname>  display firewall statistic system discard all
ARP miss packets discarded
Vlanif ARP miss packets discarded

Alarm Information


Handling Process


Root Cause

ARP entries in the learning mainly will have the following two states: Fake ARP, Normal ARP.

Ethernet in IP forwarding needs to learn the next hop IP address ARP, ARP when the device does not exist, the Layer 3 forwarding packets, device need to trigger ARP learning, so that the device sends an ARP request packets out to learn ARP entries, this process is ARP MISS.

ARP request is sent to get a response this time will be the next hop is set to ARP black hole, to prevent the same IP address constantly sending packets CPU, the CPU impact, this is the ARP Fake entries, ARP Fake table items displayed on the device's Incomplete, indicates not yet have learned ARP, ARP address to this traffic did not learn until all the discarded ARP, ARP, but learned after the state becomes Normal. In breif:

ARP MISS: No ARP entries, ARP learning needs to trigger ARP Request

ARP FAKE: temporary state, indicating Incomplete ARP, discard subsequent data packets (anti attack)