Follow

How do I update the ARP cache on neighboring devices?

When installing an Ecessa device in your network the Ecessa will need to assume the public IP addresses that were formerly associated with the MAC of your firewall. Until neighboring devices in that Ethernet segment refresh their ARP cache -- either due to expiration or the cache is manually cleared -- traffic to that layer 3 endpoint will come to a standstill.

Of course you can always manually clear the ARP cache, but more commonly one does not have access to the equipment in question. For example an ISP's gateway modem. Rebooting the modem can work some of the time, but it is usually quicker to do a gratuitous ARP on the Ecessa.

A gratuitous ARP is an ARP request or reply that is not normally required. From the Ecessa perspective the gratuitous ARP includes both the request and reply. As an example and a point of comparison the following is a normal ARP request and reply as captured by tcpdump.


00:90:0b:1d:ff:41 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.1.10 tell 192.168.1.1, length 46
00:90:0b:20:db:7c > 00:90:0b:1d:ff:41, ethertype ARP (0x0806), length 42: Reply 192.168.1.10 is-at 00:90:0b:20:db:7c, length 28


In this example the device addressed 192.168.1.1 at layer 3 wants to find out the physical address for the device addressed at layer 3 192.168.1.10. An ARP request is generated and sent.

This request comes from the MAC 00:90:0b:1d:ff:41 and is sent to the layer 2 broadcast address ff:ff:ff:ff:ff:ff. Because the layer 2 address is broadcast, all nodes in that Ethernet segment receive this packet. The reply for a normal ARP exchange comes from the MAC 00:90:0b:20:7c and is sent layer 2 unicast to the original requester's MAC. The content of the ARP packet also includes its layer 3 address and MAC.

The following is an example of a gratuitous ARP.


00:90:0b:20:db:7c > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.1.10 tell 192.168.1.10, length 28
00:90:0b:20:db:7c > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Reply 192.168.1.10 is-at 00:90:0b:20:db:7c, length 28


Here the request varies slightly as it is 192.168.1.10 that is asking for the physical address of itself 192.168.1.10. It is the reply that is most different in a gratuitous ARP. Rather than sending the reply unicast at layer 2 the requester, the reply is also sent to the layer 2 broadcast. This means that all nodes on the Ethernet segment will receive this response. Not all devices will update their ARP cache when they receive this packet, some will simply discard, but most devices will update their caches.

To do a gratuitous ARP simply navigate in the web GUI to Diagnostics->ARP, then click on the "Update" button. The Ecessa will update its neighbors of all IP addresses that it is currently responsible for, not just configured on the device. This includes addresses that are being answered through proxy arp as well.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.