About this comparison between CAM-Table Timeout, and ARP-Table Timeout.
I tend to partially agree with you...

Ethernet is a so widely used protocol to sever scenarios.
We need to consider the different needs of the type of communications.


For example:
I'm not a big fan of Mikrotik/RouterOS.
But I know they are there, and liking or not, I need to accept that I will need to deal with then(as a peer or even as an operator).

One of most common uses of Mikrotik is for HotSpot/Captive Portal.
And for that, an ARP Timeout of 30 seconds is very OK!
Is a good way to check if the EndUser is still reachable on the network, and based on that do the billing.

But 30 Seconds for an IXP? It does not make any sense!
Those packets are stealing CPU cycles of the Control Plane of any router in the LAN.  

Another example:
You suggested equalizing ARP-Timeout and MAC-Timeout
For a campus LAN? With frequent topology changes, add/removes of hosts every time...
That is perfect!


But talking about an IXP LAN:
In an ideal scenario, how often should happen topology changes on an IXP?
How often new hosts get ins/outs of hosts in the and IXP LAN?

Why should we spend CPU Cycles with 576K ARP Requests a day(2K participants, 5 min ARP-Timeout).
Instead of 1.2K ARP Requests a day(2K participants, 4 hours ARP-Timeout)?
I would prefer to use those CPU cycles to process other things like BGP messages, BFD, etc...





Em qui., 17 de set. de 2020 às 02:54, Saku Ytti <saku@ytti.fi> escreveu:
On Wed, 16 Sep 2020 at 23:15, Chriztoffer Hansen
<chriztoffer.hansen@de-cix.net> wrote:
> On 16/09/2020 04:01, Ryan Hamel wrote:

> > CoPP is always important, and it's not just Mikrotik's with default low
> > ARP timeouts.
> >
> > Linux - 1 minute
> > Brocade - 10 minutes
> > Cumulus  - 18 minutes
> > BSD distros - 20 minutes
> > Extreme - 20 minutes
> Juniper - 20 minutes
> > HP - 25 minutes
IOS - 4 hours

Why are these considered (by Ryan) low values? Does low have a
negative connotation here?

ARP timeout should be lower than MAC timeout, and MAC timeout usually
is 300 seconds. Anything above 300seconds is probably poor BCP for
default value, as defaults should interoperate in a somewhat sane
manner.
Of course operators are free to configure very high ARP timeout, as
long as they also remember to equally configure higher MAC timeout.

--
  ++ytti


--
Douglas Fernando Fischer
Engº de Controle e Automação