Knowledge Search


×
 

[SRX] ARP fails to update when gratuitous ARP reply received

  [KB24349] Show Article Properties


Summary:

ARP fails to update when a gratuitous ARP reply is received. This article explains how to enable the updating of the ARP cache for received gratuitous ARP replies.

Symptoms:

Gratuitous ARP could indicate either a gratuitous ARP request or gratuitous ARP (GARP) reply. A gratuitous ARP request is an ARP request packet, in which the source and destination IP are both set to the IP of the machine, which is issuing the packet and the destination MAC is the ff:ff:ff:ff:ff:ff broadcast address. Ordinarily, the reply packet will not occur.

Example of GARP request traffic:

Frame 1: 42 bytes on wire (336 bits), 42 bytes captured (336 bits)
Ethernet II, Src: QuantaCo_38:a3:d5 (00:c0:9f:38:a3:d5), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (request/gratuitous ARP)
    Hardware type: Ethernet (1)
    Protocol type: IP (0x0800)
    Hardware size: 6
    Protocol size: 4
    Opcode: request (1)
    [Is gratuitous: True]
    Sender MAC address: QuantaCo_38:a3:d5 (00:c0:9f:38:a3:d5)
    Sender IP address: 192.168.10.2 (192.168.10.2)
    Target MAC address: Broadcast (ff:ff:ff:ff:ff:ff)
    Target IP address: 192.168.10.2 (192.168.10.2)

0000  ff ff ff ff ff ff 00 c0 9f 38 a3 d5 08 06 00 01   .........8......
0010  08 00 06 04 00 01 00 c0 9f 38 a3 d5 c0 a8 0a 02   .........8......
0020  ff ff ff ff ff ff c0 a8 0a 02                     ..........

A gratuitous ARP reply is an ARP reply packet, in which the source and destination IP are both set to the IP of the machine, which is issuing the packet and the target MAC is the sender MAC. A gratuitous ARP reply is a reply, to which no request has been made.

Example of GARP reply traffic:

Frame 1: 42 bytes on wire (336 bits), 42 bytes captured (336 bits)
Ethernet II, Src: QuantaCo_38:a3:d5 (00:c0:9f:38:a3:d5), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (reply/gratuitous ARP)
    Hardware type: Ethernet (1)
    Protocol type: IP (0x0800)
    Hardware size: 6
    Protocol size: 4
    Opcode: reply (2)
    [Is gratuitous: True]
    Sender MAC address: QuantaCo_38:a3:d5 (00:c0:9f:38:a3:d5)
    Sender IP address: 192.168.10.2 (192.168.10.2)
    Target MAC address: QuantaCo_38:a3:d5 (00:c0:9f:38:a3:d5)
    Target IP address: 192.168.10.2 (192.168.10.2)

0000  ff ff ff ff ff ff 00 c0 9f 38 a3 d5 08 06 00 01   .........8......
0010  08 00 06 04 00 02 00 c0 9f 38 a3 d5 c0 a8 0a 02   .........8......
0020  00 c0 9f 38 a3 d5 c0 a8 0a 02                     ...8......

Gratuitous ARPs are useful for the following reasons:

  • They can help to detect IP conflicts.

  • They assist in the updating of ARP tables of other machines. Clustering solutions utilize this when they move an IP from one NIC to another or from one machine to another. Other machines maintain an ARP table, which contains the MAC address associated with an IP address.

    When the cluster needs to move the IP to a different NIC, either on the same machine or a different one, it re-configures the NICs appropriately and then broadcasts a gratuitous ARP reply to inform the neighboring machines about the change in the MAC address for the IP address. Machines that receive the ARP packet then update their ARP tables with the new MAC address.

  • They inform the switches of the MAC address of the machine on a given switch port; so that the switch knows that it should transmit packets that are sent to the MAC address on the switch port.

  • Every time an IP interface or link goes up, the driver for that interface will typically send a gratuitous ARP to preload the ARP tables of all the other local hosts.
Cause:

By default, the received gratuitous ARP reply on SRX devices will not update the ARP cache.

Solution:

To enable the updating of the ARP cache for received gratuitous ARP replies, configure gratuitous-arp-reply under the interfaces hierarchy level. For example:

[edit]
root@FW_GL_QH_SRX1400# show interfaces
ge-0/0/0 {
    gratuitous-arp-reply;
        unit 0 {
            family inet {
                address 192.168.10.1/24;
            }

        }
}

Related Links: