关于“clear arp”的一些问题

当在汇聚交换机上“clear arp”会发现arp表项会自动update,而无法删除。已经确认汇聚层交换机与接入层交换机之间没有任何流量,感觉交换机会自动发送arp信息。

经确认,发现是问题与Adj表有关。当交换机开启CEF转发后,有两个表比较重要,一个是FIB表,另一个就是Adj表。Adj表中的信息是由ARP表中提取而成,Adj表又关联了端口。当“clear arp”后,Adj表项仍然存在,所以交换机会自动发送ARP更新,如下所示:

vlan1: 1.1.1.1         vlan1: 1.1.1.2
3560-1(f0/1)---------(f0/1)3560-2

c3560-1#sh arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  1.1.1.1                 -   000f.2406.bbc0  ARPA   Vlan1
Internet  1.1.1.2                 2   000f.2406.b840  ARPA   Vlan1
c3560-1#
c3560-1#
c3560-1#sh mac add dy
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
   1    000f.2406.b803    DYNAMIC     Fa0/1
   1    000f.2406.b840    DYNAMIC     Fa0/1
Total Mac Addresses for this criterion: 2
c3560-1#
c3560-1#sh int vlan 1 | i Hard
  Hardware is EtherSVI, address is 000f.2406.bbc0 (bia 000f.2406.bbc0)
c3560-1#
c3560-1#sh ip cef 1.1.1.2 de
1.1.1.2/32, epoch 2
  Adj source: IP adj out of Vlan1, addr 1.1.1.2
  attached to Vlan1
c3560-1#
c3560-1#sh adj de
Protocol Interface                 Address
IP       Vlan1                     1.1.1.2(7)
                                   0 packets, 0 bytes
                                   epoch 5
                                   sourced in sev-epoch 11
                                   Encap length 14
                                   000F2406B840000F2406BBC00800
                                   ARP
c3560-1#
c3560-1#sh debug
ARP:
  ARP packet debugging is on
Adjacency system debugging is on
 filter: addr 1.1.1.2  (matches 46)
IP CEF:
  IP CEF events debugging is on
c3560-1#
c3560-1#
c3560-1#clear arp
c3560-1#
c3560-1#
*Mar  2 22:21:10.027: IP ARP: sent req src 1.1.1.1 000f.2406.bbc0,
                 dst 1.1.1.2 000f.2406.b840 Vlan1
*Mar  2 22:21:10.027: ADJ: IP adj out of Vlan1, addr 1.1.1.2 no src set: source ARP removed OK
*Mar  2 22:21:10.027: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) no src set: changed bundle from IPv4 no fixup adj oce to IPv4 incomplete ad
*Mar  2 22:21:10.027: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) no src set: made incomplete
*Mar  2 22:21:10.035: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) no src set: delete
*Mar  2 22:21:10.035: ADJ-ipv4 bundle changed from IPv4 no fixup adj oce to IPv4 no fixup, no redirect adjoce
*Mar  2 22:21:10.035: IP ARP: sent rep src 1.1.1.1 000f.2406.bbc0,
                 dst 1.1.1.1 ffff.ffff.ffff Vlan1
*Mar  2 22:21:10.035: IP ARP: rcvd rep src 1.1.1.2 000f.2406.b840, dst 1.1.1.1 Vlan1
*Mar  2 22:21:10.035: ADJ-ipv4 bundle changed from IPv4 no fixup, no redirect adj oce to IPv4 no fixup adj oce
*Mar  2 22:21:10.035: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) no src set: set bundle to IPv4 incomplete adj oce
*Mar  2 22:21:10.035: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) no src set: init/update from interface
*Mar  2 22:21:10.035: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) no src set: allocated, setup and inserted OK
*Mar  2 22:21:10.035: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) src ARP: source ARP added OK
*Mar  2 22:21:10.035: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) src ARP: computed macstring (len 14): OK
*Mar  2 22:21:10.035: ADJ: IP adj out of Vlan1, addr 1.1.1.2 src ARP: changed bundle from IPv4 incomplete adj oce to IPv4 no fixup adj oce
*Mar  2 22:21:10.035: ADJ: IP adj out of Vlan1, addr 1.1.1.2 src ARP: made complete (macstring len 0 to 14/0 octets)
*Mar  2 22:21:10.035: ADJ: IP adj out of Vlan1, addr 1.1.1.2 src ARP: received platform space change notification
*Mar  2 22:21:10.035: IP ARP: creating entry for IP address: 1.1.1.2, hw: 000f.2406.b840
c3560-1#
c3560-1#
c3560-1#sh arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  1.1.1.1                 -   000f.2406.bbc0  ARPA   Vlan1
Internet  1.1.1.2                 0   000f.2406.b840  ARPA   Vlan1
c3560-1#
c3560-1#
c3560-1#clear adj
!---Adj对应的端口不down,Adj表项是不会被清除的
c3560-1#
c3560-1#
*Mar  2 22:28:17.074: ADJ: IP adj out of Vlan1, addr 1.1.1.2 src ARP: found existing adj on add
*Mar  2 22:28:17.074: ADJ: IP adj out of Vlan1, addr 1.1.1.2 src ARP: computed macstring (len 14): OK
*Mar  2 22:28:17.074: ADJ-sev: request async walk @ 11 - walk [purge adjs from old HA epochs (ignore sev epoch)] filter [na/na] req [11] flags [3]
*Mar  2 22:28:17.074: ADJ-sev: start @ 11 - walk [purge adjs from old HA epochs (ignore sev epoch)] filter [na/na] req [11] flags [3]
*Mar  2 22:28:17.083: ADJ-sev: end @ 11 - walk [purge adjs from old HA epochs (ignore sev epoch)] filter [na/na] req [11] flags [3] [OK]
c3560-1#
c3560-1#sh arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  1.1.1.1                 -   000f.2406.bbc0  ARPA   Vlan1
Internet  1.1.1.2                 7   000f.2406.b840  ARPA   Vlan1
c3560-1#
c3560-1#
c3560-1#
c3560-1#
c3560-1#
!---Shutdown F0/1,使Adj绑定的vlan1 down,才能清掉ARP表项
*Mar  2 22:32:19.572: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
*Mar  2 22:32:19.589: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down
*Mar  2 22:32:19.589: ADJ-sev: request async walk @ 12 - walk [remove adjacency sources] filter [na/Vlan1] req [11] flags [15]
*Mar  2 22:32:19.589: ADJ-sev: start @ 12 - walk [remove adjacency sources] filter [na/Vlan1] req [11] flags [15]
*Mar  2 22:32:19.589: ADJ: IP adj out of Vlan1, addr 1.1.1.2 no src set: source ARP removed OK
*Mar  2 22:32:19.589: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) no src set: changed bundle from IPv4 no fixup adj oce to IPv4 incomplete ad
*Mar  2 22:32:19.589: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) no src set: made incomplete
*Mar  2 22:32:19.589: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) no src set: delete
*Mar  2 22:32:19.589: ADJ-ipv4 bundle changed from IPv4 no fixup adj oce to IPv4 no fixup, no redirect adj oce
*Mar  2 22:32:19.589: ADJ-sev: end @ 12 - walk [remove adjacency sources] filter [na/Vlan1] req [11] flags [15] [OK]
*Mar  2 22:32:19.597: IP ARP: sent req src 1.1.1.1 000f.2406.bbc0,
                 dst 1.1.1.2 000f.2406.b840 Vlan1
*Mar  2 22:32:19.597: IP ARP: sent rep src 1.1.1.1 000f.2406.bbc0,
                 dst 1.1.1.1 ffff.ffff.ffff Vlan1
*Mar  2 22:32:20.587: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to down
*Mar  2 22:32:20.587: ADJ-sev: request async walk @ 13 - walk [remove adjacency sources] filter [na/FastEthernet0/1] req [12] flags [15]
*Mar  2 22:32:20.587: ADJ-sev: start @ 13 - walk [remove adjacency sources] filter [na/FastEthernet0/1] req [12] flags [15]
*Mar  2 22:32:20.587: ADJ-sev: end @ 13 - walk [remove adjacency sources] filter [na/FastEthernet0/1] req [12] flags [15] [OK]
0
你可以留言,或者trackback 从你的网站

留言哦