Solved

hitting IP ARP limits

  • 1 March 2019
  • 5 replies
  • 271 views

  • New Member
  • 2 replies
Hello,

I have an x670-48x in a stack with another x670-48x.

When I look at sh iparp it says 8192 dynamic entries and 8192 max ARP entries. So I am maxing it out right?

The output from sh iproute reserved-entries statistics says 4144 IPv4 Hosts on one switch and 4144 IPv4 Hosts on the other switch. The max listed in the table below is 8189.

So what are my options to get more ARP entries? What side affects of this being max'ed out should I be seeing?
icon

Best answer by Stephane Grosjean 2 March 2019, 14:04

Hi,

the "sh iparp" command doesn't give you a view of the hardware usage, this is a software view. It is important to keep the iparp max_entries above the actual network size.

To know the HW usage, you need to enter that command: sh iproute reserved-entries statistics

This will tell you all your L3 HW table usage. Hard to comment without seeing the output. You'll not exceed the HW limit, but we can optimize the resource to help maximize it. EXOS will also help you by installing active entries in priority, but at one point in time you'll need to change the design or the devices if you need more ARP.
View original

5 replies

Userlevel 6
You can increase the size of the table. https://documentation.extremenetworks.com/exos_commands_22.2/exos_21_1/exos_commands_all/r_configure-iparp-max_entries.shtml

Not sure how this will effect other things as if you increase size on one table from default the other tables may be smaller...
You can increase the size of the table. https://documentation.extremenetworks.com/exos_commands_22.2/exos_21_1/exos_commands_all/r_configure-iparp-max_entries.shtml

Not sure how this will effect other things as if you increase size on one table from default the other tables may be smaller...


I did that..but how does it work that it can extend past the hardware limit?
Userlevel 6
From my layman's understanding is there xxxxx mount hardware memory that is shared between things like route tables, fdb entries, policies, acl's, iparp ect. The default setting is how this is divided up out of the box. When you increase iparp beyond default then you have the potential to overrun another table. I would also reach out to GTAC and get then involved... More than likely they will want to look at you configuration and make sure you are not putting something else in jeopardy. That is one negative about a stack... you are limited to one common core instead of each switch having the full table you have one shared table... .
Userlevel 7
Hi,

the "sh iparp" command doesn't give you a view of the hardware usage, this is a software view. It is important to keep the iparp max_entries above the actual network size.

To know the HW usage, you need to enter that command: sh iproute reserved-entries statistics

This will tell you all your L3 HW table usage. Hard to comment without seeing the output. You'll not exceed the HW limit, but we can optimize the resource to help maximize it. EXOS will also help you by installing active entries in priority, but at one point in time you'll need to change the design or the devices if you need more ARP.
Hi,

the "sh iparp" command doesn't give you a view of the hardware usage, this is a software view. It is important to keep the iparp max_entries above the actual network size.

To know the HW usage, you need to enter that command: sh iproute reserved-entries statistics

This will tell you all your L3 HW table usage. Hard to comment without seeing the output. You'll not exceed the HW limit, but we can optimize the resource to help maximize it. EXOS will also help you by installing active entries in priority, but at one point in time you'll need to change the design or the devices if you need more ARP.



Sorry, should have gave you those outputs in the first place, here is the bottom of sh iparp after increasing iparp max_entries

code:
Dynamic Entries :       8982            Static Entries           :         0
Pending Entries : 36
In Request : 1352782210 In Response : 88223705
Out Request : 1281158316 Out Response : 875009023
Failed Requests : 200976341
Proxy Answered : 0
Rx Error : 47 Dup IP Addr :
Rejected Count : 6967455 Rejected IP :
Rejected Port : 1:10 Rejected I/F :
Max ARP entries : 20480 Max ARP pending entries : 4096
ARP address check: Enabled ARP refresh : Enabled
Timeout : 20 minutes ARP Sender-Mac Learning : Disabled
Locktime : 1000 milliseconds
Retransmit Time : 1000 milliseconds
Reachable Time : 900000 milliseconds (Auto)
Fast Convergence : Off


Here is sh iproute reserved-entries statistics

code:
                      |-----In HW Route Table----|  |--In HW L3 Hash Table--|
# Used Routes # IPv4 Hosts IPv4 IPv4 IPv6 IPv4
Slot Type IPv4 IPv6 Local Remote Local Rem. Loc. MCast
---- ---------------- ------ ------ ------ ------ ----- ----- ---- -----
1 X670-48x 103 0 4144 0 4045 0 0 598
2 X670-48x 103 0 4144 0 4045 0 0 594
3 - - - - - - - -
4 - - - - - - - -
5 - - - - - - - -
6 - - - - - - - -
7 - - - - - - - -
8 - - - - - - - -
Theoretical maximum for each resource type:
X440 32 16 64 64 509 512 256 * 256
"e"-series 480 240 512 512 2045 2048 1024 * 2048
"a"-series 12256 6128 8189 12288 8189 8192 4096 * 5000
X650, E4G-200 12256 6128 8189 12288 8189 8192 4096 * 6000
X460, E4G-400 12256 6128 12288 12288 16381 16384 8192 * 6000
X670-48x, X670V-48x 16352 8176 8189 16384 8189 8192 4096 * 4096
X670V-48t 16352 8176 16381 16384 16381 16384 8192 * 6000
X480(40G4X) 16352 8176 8189 16384 8189 8192 4096 * 4096
X480 262112 8192 16381 40960 16381 16384 8192 * 6000
Flags: (!) Indicates all reserved route entries in use.
(d) Indicates only direct IPv4 routes are installed.
(>) Some IPv6 routes with mask > 64 bits are installed and do not use
entries in the internal HW Route Table.
(R) IPv6 hosts in external HW Route Table.
(*) Assumes IP Multicast compression is on.
(M) IPMC entries stored in L2 MAC Table when lookup-key is 'mac-vlan'.

Reply