Extreme Networks

Alexandr_P · ‎04-22-2020

Hello!

X670 with SupeVLANs, SubVLANs.

Aprox 7500 of clients.

Up to 300 clients in 1 VLAN.

After power-off of access switches (20 and/or more) X670 begin to send ARPs (IP addresses of clients connected to access switches)

This continues throughout 40 minutes with high broadcast traffic load.

fe7c6b3212e6427c8fa7bc1834161935_09d290d7-bfc5-43c8-a748-a8ab2c985f72.png

Questions:

what we have to do to prevent or minimize this issue?
what correlation between ARP locktime and ARP timeout?
what correlation we have to understand when configure FDB and IPARP timeouts?
does in this case will help rate-limit for bcast traffc? (or we have to use it for prevent loops?) what will be with bcast traffic when limit will be exceeded (black-hole?)?

Thank you!

Alexandr_P · ‎05-04-2020

Thank you, Nikolay!

Necheporenko__N · ‎05-01-2020

Hello Aleksandr,

Actually it is up to customer’s requirements, if 470 pps is a high number then they may try to use

rate-limit flooding
egress meter
UPM to apply some ACL or disable affected interfaces
Clear-flow

Best Regards,

Nikolay

Alexandr_P · ‎04-27-2020

Hello, Nikolay!

I understand that this is expected behavior.

But main question is how to optimize configuration to minimize this issue?

Because in case of this issue high volume of bcast traffic is affects downstream less efficient switches.

Thank you!

Necheporenko__N · ‎04-23-2020

Hello Alexandr,

Were those access switches directly connected to the X670? If yes then when links went down all fdb/entries have been cleared, and in a case switch receive any traffic destined to the hosts which entires just have been cleared it will sent out new ARP to resolve IP again. This is expected and by design.

Best Regards,

Nikolay

Extreme Networks

IPARP questions

IPARP questions