关于“clear arp”的一些问题

11 7 月, 2010,由 frank撰写

当在汇聚交换机上“clear arp”会发现arp表项会自动update，而无法删除。已经确认汇聚层交换机与接入层交换机之间没有任何流量，感觉交换机会自动发送arp信息。

经确认，发现是问题与Adj表有关。当交换机开启CEF转发后，有两个表比较重要，一个是FIB表，另一个就是Adj表。Adj表中的信息是由ARP表中提取而成，Adj表又关联了端口。当“clear arp”后，Adj表项仍然存在，所以交换机会自动发送ARP更新，如下所示：

vlan1: 1.1.1.1         vlan1: 1.1.1.2
3560-1（f0/1）---------(f0/1)3560-2

c3560-1#sh arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  1.1.1.1                 -   000f.2406.bbc0  ARPA   Vlan1
Internet  1.1.1.2                 2   000f.2406.b840  ARPA   Vlan1
c3560-1#
c3560-1#
c3560-1#sh mac add dy
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
   1    000f.2406.b803    DYNAMIC     Fa0/1
   1    000f.2406.b840    DYNAMIC     Fa0/1
Total Mac Addresses for this criterion: 2
c3560-1#
c3560-1#sh int vlan 1 | i Hard
  Hardware is EtherSVI, address is 000f.2406.bbc0 (bia 000f.2406.bbc0)
c3560-1#
c3560-1#sh ip cef 1.1.1.2 de
1.1.1.2/32, epoch 2
  Adj source: IP adj out of Vlan1, addr 1.1.1.2
  attached to Vlan1
c3560-1#
c3560-1#sh adj de
Protocol Interface                 Address
IP       Vlan1                     1.1.1.2(7)
                                   0 packets, 0 bytes
                                   epoch 5
                                   sourced in sev-epoch 11
                                   Encap length 14
                                   000F2406B840000F2406BBC00800
                                   ARP
c3560-1#
c3560-1#sh debug
ARP:
  ARP packet debugging is on
Adjacency system debugging is on
 filter: addr 1.1.1.2  (matches 46)
IP CEF:
  IP CEF events debugging is on
c3560-1#
c3560-1#
c3560-1#clear arp
c3560-1#
c3560-1#
*Mar  2 22:21:10.027: IP ARP: sent req src 1.1.1.1 000f.2406.bbc0,
                 dst 1.1.1.2 000f.2406.b840 Vlan1
*Mar  2 22:21:10.027: ADJ: IP adj out of Vlan1, addr 1.1.1.2 no src set: source ARP removed OK
*Mar  2 22:21:10.027: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) no src set: changed bundle from IPv4 no fixup adj oce to IPv4 incomplete ad
*Mar  2 22:21:10.027: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) no src set: made incomplete
*Mar  2 22:21:10.035: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) no src set: delete
*Mar  2 22:21:10.035: ADJ-ipv4 bundle changed from IPv4 no fixup adj oce to IPv4 no fixup, no redirect adjoce
*Mar  2 22:21:10.035: IP ARP: sent rep src 1.1.1.1 000f.2406.bbc0,
                 dst 1.1.1.1 ffff.ffff.ffff Vlan1
*Mar  2 22:21:10.035: IP ARP: rcvd rep src 1.1.1.2 000f.2406.b840, dst 1.1.1.1 Vlan1
*Mar  2 22:21:10.035: ADJ-ipv4 bundle changed from IPv4 no fixup, no redirect adj oce to IPv4 no fixup adj oce
*Mar  2 22:21:10.035: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) no src set: set bundle to IPv4 incomplete adj oce
*Mar  2 22:21:10.035: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) no src set: init/update from interface
*Mar  2 22:21:10.035: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) no src set: allocated, setup and inserted OK
*Mar  2 22:21:10.035: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) src ARP: source ARP added OK
*Mar  2 22:21:10.035: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) src ARP: computed macstring (len 14): OK
*Mar  2 22:21:10.035: ADJ: IP adj out of Vlan1, addr 1.1.1.2 src ARP: changed bundle from IPv4 incomplete adj oce to IPv4 no fixup adj oce
*Mar  2 22:21:10.035: ADJ: IP adj out of Vlan1, addr 1.1.1.2 src ARP: made complete (macstring len 0 to 14/0 octets)
*Mar  2 22:21:10.035: ADJ: IP adj out of Vlan1, addr 1.1.1.2 src ARP: received platform space change notification
*Mar  2 22:21:10.035: IP ARP: creating entry for IP address: 1.1.1.2, hw: 000f.2406.b840
c3560-1#
c3560-1#
c3560-1#sh arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  1.1.1.1                 -   000f.2406.bbc0  ARPA   Vlan1
Internet  1.1.1.2                 0   000f.2406.b840  ARPA   Vlan1
c3560-1#
c3560-1#
c3560-1#clear adj
!---Adj对应的端口不down，Adj表项是不会被清除的
c3560-1#
c3560-1#
*Mar  2 22:28:17.074: ADJ: IP adj out of Vlan1, addr 1.1.1.2 src ARP: found existing adj on add
*Mar  2 22:28:17.074: ADJ: IP adj out of Vlan1, addr 1.1.1.2 src ARP: computed macstring (len 14): OK
*Mar  2 22:28:17.074: ADJ-sev: request async walk @ 11 - walk [purge adjs from old HA epochs (ignore sev epoch)] filter [na/na] req [11] flags [3]
*Mar  2 22:28:17.074: ADJ-sev: start @ 11 - walk [purge adjs from old HA epochs (ignore sev epoch)] filter [na/na] req [11] flags [3]
*Mar  2 22:28:17.083: ADJ-sev: end @ 11 - walk [purge adjs from old HA epochs (ignore sev epoch)] filter [na/na] req [11] flags [3] [OK]
c3560-1#
c3560-1#sh arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  1.1.1.1                 -   000f.2406.bbc0  ARPA   Vlan1
Internet  1.1.1.2                 7   000f.2406.b840  ARPA   Vlan1
c3560-1#
c3560-1#
c3560-1#
c3560-1#
c3560-1#
!---Shutdown F0/1，使Adj绑定的vlan1 down，才能清掉ARP表项
*Mar  2 22:32:19.572: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
*Mar  2 22:32:19.589: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down
*Mar  2 22:32:19.589: ADJ-sev: request async walk @ 12 - walk [remove adjacency sources] filter [na/Vlan1] req [11] flags [15]
*Mar  2 22:32:19.589: ADJ-sev: start @ 12 - walk [remove adjacency sources] filter [na/Vlan1] req [11] flags [15]
*Mar  2 22:32:19.589: ADJ: IP adj out of Vlan1, addr 1.1.1.2 no src set: source ARP removed OK
*Mar  2 22:32:19.589: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) no src set: changed bundle from IPv4 no fixup adj oce to IPv4 incomplete ad
*Mar  2 22:32:19.589: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) no src set: made incomplete
*Mar  2 22:32:19.589: ADJ: IP adj out of Vlan1, addr 1.1.1.2 (incomplete) no src set: delete
*Mar  2 22:32:19.589: ADJ-ipv4 bundle changed from IPv4 no fixup adj oce to IPv4 no fixup, no redirect adj oce
*Mar  2 22:32:19.589: ADJ-sev: end @ 12 - walk [remove adjacency sources] filter [na/Vlan1] req [11] flags [15] [OK]
*Mar  2 22:32:19.597: IP ARP: sent req src 1.1.1.1 000f.2406.bbc0,
                 dst 1.1.1.2 000f.2406.b840 Vlan1
*Mar  2 22:32:19.597: IP ARP: sent rep src 1.1.1.1 000f.2406.bbc0,
                 dst 1.1.1.1 ffff.ffff.ffff Vlan1
*Mar  2 22:32:20.587: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to down
*Mar  2 22:32:20.587: ADJ-sev: request async walk @ 13 - walk [remove adjacency sources] filter [na/FastEthernet0/1] req [12] flags [15]
*Mar  2 22:32:20.587: ADJ-sev: start @ 13 - walk [remove adjacency sources] filter [na/FastEthernet0/1] req [12] flags [15]
*Mar  2 22:32:20.587: ADJ-sev: end @ 13 - walk [remove adjacency sources] filter [na/FastEthernet0/1] req [12] flags [15] [OK]

本文出自 Frank's Blog

本文链接：关于“clear arp”的一些问题
版权声明：本文为原创文章，仅代表个人观点，版权归 Frank Zhao 所有，转载时请注明本文出处及文章链接

Classical CASE, 学习笔记 ARP

你可以留言,或者trackback 从你的网站

IXIA流量测试进阶版«

»WAN口卡常见打环方法

留言哦

返回顶端

『无题』

I persist, therefore I am!!!

Memo

Perseverance sometimes equals genius!
There are only two creatures in the world who can surmount the pyramid:

—–the eagle and the snail.
Useful Link

1. IANA - AFI
2. IANA - SAFI
3. IANA - BGP Ex Comm
4. RPM pbone.net
5. Linux Packages Search
Useful Toots

Linux/http server:

python -m SimpleHTTPServer <port>

python -m http.server <port>

PS: only one thread, if require more threads, can replace by “caddy”.

Win10/http server:

http://www.rejetto.com/hfs/

Win10/md5:

certutil -hashfile .\xxxx MD5
分类
- CCDE (16)
- CCIE SEC (4)
- CCIE SP (55)
- CCIE VOICE (3)
- Classical CASE (26)
- Linux (76)
- Mobile Phone (4)
- Programmer (44)
- Solution (3)
- Uncategorized (6)
- Windows常用技术 (10)
- 似水流年 (17)
- 学习笔记 (191)
- 常用资料 (45)
- 网络技术 (39)
近期文章
其他操作

关于“clear arp”的一些问题

留言哦

『无题』

Memo

Useful Link

Useful Toots

分类

近期文章

其他操作