The Address Resolution Protocol (ARP) is a communications protocol used for discovering the link layer address associated with a given IPv4 address, a critical function in Internet Protocol (IP) computer networks. The Address Resolution Protocol is a request and response protocol whose messages are encapsulated by a link layer protocol. It is communicated within the boundaries of a single network, never routed across internetwork nodes.
In a simple words ARP protocol is used to find MAC address of device IP L3 packets is supposed to be sent to for transmission on L2.
We used to think ARP protocol is some basic stuff we don’t need to tune. But it is not exactly true.
Please find below examples when it should be tuned:
Setup Description:
L2 Cisco switch is deployed behind ePMP AP with default ARP configuration.
Possible issue 1
After link deployment we can ping Switch #2 from Switch #1. Then after some time Switch #2 becomes unreachable from Switch #1.
Possible issue 2
After link deployment we can ping Switch #2 from Switch #1. Then after AP was rebooted Switch #2 becomes unreachable from Switch #1.
Reason
By default, timeout for entries in ARP table on Cisco Switch is configured to 4 hours = 240 minutes.
Timeout for entries in WDS table is around 10 minutes.
A wireless distribution system (WDS) is a system enabling the wireless interconnection of access point
and subscriber modules in an IEEE 802.11based networks. WDS table is used in 802.11 based systems.
It contains MAC addresses from L2 domain associated with MAC addresses of Transmitter and Receiver.
So when WDS table loses entries because of timeout or because of reboot Switch #2 becomes unreachable from Switch #1. Issue occurs when there is no traffic passing from SM side to AP. In this case AP can’t learn MAC address of the switch #2 and it will learn it only when ARP broadcast will be sent from Switch #1.
Solution
To solve this issue ARP table entries timeout should be configured to 10 minutes on L2 Switch #1.
Example how to configure it on Cisco switch:
!-- setting the timeout for 600 seconds R1(config-if)#int f0/0 R1(config-if)#arp timeout 600
Example with VLANs:
(config)#interface vlan 10 (config-if)#arp timeout 600