D-Link DFL-260-IPS-12 Product Manual - Page 109
Flushing the ARP Cache, The Size of the ARP Cache, 4.2. The NetDefendOS ARP Cache
View all D-Link DFL-260-IPS-12 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 109 highlights
3.4.2. The NetDefendOS ARP Cache Chapter 3. Fundamentals valid for. For example, the first entry has an expiry value of 45 which means that this entry will be rendered invalid and removed from the ARP Cache in 45 seconds. If traffic is going to be sent to the 192.168.0.10 IP address after the expiration, NetDefendOS will issue a new ARP request. The default expiration time for dynamic ARP entries is 900 seconds (15 minutes). This can be changed by modifying the advanced setting ARP Expire. The advanced setting ARP Expire Unknown specifies how long NetDefendOS will remember addresses that cannot be reached. This limit is needed to ensure that NetDefendOS does not continuously request such addresses. The default value for this setting is 3 seconds. Example 3.13. Displaying the ARP Cache The contents of the ARP Cache can be displayed from within the CLI. Command-Line Interface gw-world:/> arp -show ARP cache of iface lan Dynamic 10.4.0.1 = 1000:0000:4009 Dynamic 10.4.0.165 = 0002:a529:1f65 Expire=196 Expire=506 Flushing the ARP Cache If a host in a network is replaced with new hardware and retains the same IP address then it will probably have a new MAC address. If NetDefendOS has an old ARP entry for the host in its ARP cache then that entry will become invalid because of the changed MAC address and this will cause data to be sent to the host over Ethernet which will never reach its destination. After the ARP entry expiration time, NetDefendOS will learn the new MAC address of the host but sometimes it may be necessary to manually force the update. The easiest way to achieve this is by flushing the ARP cache. This deletes all dynamic ARP entries from the cache and forces NetDefendOS to issue new ARP queries to discover the MAC/IP address mappings for connected hosts. Flushing can be done with the CLI command arp -flush. Example 3.14. Flushing the ARP Cache This example shows how to flush the ARP Cache from within the CLI. Command-Line Interface gw-world:/> arp -flush ARP cache of all interfaces flushed. The Size of the ARP Cache By default, the ARP Cache is able to hold 4096 ARP entries at the same time. This is adequate for most scenarios but on rare occasions, such as when there are several very large LANs directly connected to the firewall, it may be necessary to adjust this value upwards. This can be done by modifying the ARP advanced setting ARP Cache Size. 109