[OpenIndiana-discuss] arp response tuning for IP Source Guard
James Carlson
carlsonj at workingcode.com
Tue Jan 24 21:34:28 UTC 2017
On 01/24/17 14:45, Tim Mooney wrote:
> While testing and debugging, we also discovered that some of the
> list speculation from earlier in the thread turned out to be correct:
> we could pacify the Cisco switch if I set the following two ARP-related
> tunables:
>
> sudo ndd -set /dev/arp arp_defend_interval 20000
> sudo ndd -set /dev/arp arp_defend_rate 360
>
> For whatever reason, making OI gratuitously ARP more frequently than every
> minute (we chose every 20 seconds) was enough to make the Cisco switch
> keep its device map up to date.
Yikes! Thanks for sharing the information. This is likely to be
something that other people will run into.
--
James Carlson 42.703N 71.076W <carlsonj at workingcode.com>
More information about the openindiana-discuss
mailing list