Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[MX] "ARP nh cache limit" messages seen despite Max Public ARP nh cache limit not being reached

0

0

Article ID: KB35465 KB Last Updated: 12 Feb 2020Version: 1.0
Summary:

This article explains why "cache limit reached" messages are seen on MX Series routers even though the ARP cache limit threshold value may not have been reached.

 

Symptoms:

The default ARP cache limit is as follows:

show system statistics arp     
        75000 Max System ARP nh cache limit
        59840 Max Public ARP nh cache limit
        200 Max IRI ARP nh cache limit
        14960 Max Management intf ARP nh cache limit

Now let's say that we change the default value to 200000.

set system arp-system-cache-limit 2000000
commit
show system statistics arp
 
         2000000 Max System ARP nh cache limit
         1599840 Max Public ARP nh cache limit >>> 80% of the Maximum System ARP nh cache limit is given for the user (approx 160k).
         200 Max IRI ARP nh cache limit
         399960 Max Management intf ARP nh cache limit

lab@MX> show arp | count
Count: 134231 lines >>>>>>> Current ARP entries

However, the following log messages are seen even when the ARP entry is seen to be below the Max Public ARP nh cache limit.

Feb  4 06:19:12.361 2020  router kernel: Public intf soft (80%) arp nh cache limit reached
Feb  4 06:24:12.362 2020  router kernel: Public intf soft (80%) arp nh cache limit reached.
Feb  4 06:29:12.369 2020  router kernel: Public intf soft (80%) arp nh cache limit reached.
Feb  4 06:34:12.545 2020  router kernel: Public intf soft (80%) arp nh cache limit reached.

 

Cause:

Max Public ARP nh cache limit is the ARP limit for users. When ARP entries cross 80% of 160K (128K) in the above example, the log messages shown above will be observed.

 

Solution:

arp-system-cache-limit can be set as per user requirement. However, users need to remember that the system starts logging "cache limit reached" messages when 80% of the Max Public ARP nh cache limit is reached.

For more information about configuring ARP cache limit, see Example: Configuring ARP Cache Protection.

 

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search