So I'm looking at the policies, recommended configurations, etc. of other IXes. We try to model a lot of ourselves on what the Europeans do (even if we come up short in some areas). I was reading through the AMS-IX guide. https://ams-ix.net/technical/specifications-descriptions/config-guide#3.1 They recommend a four hour ARP timeout. Thoughts? Seems a bit excessive, but I don't have over 700 networks on my IX. That said, I don't have over 700 members on my IX generating a ton of ARP traffic, so I'm probably fine recommending a smaller value. I understand it's a balance between stale records and ARP volume. Just trying to gauge what the community thinks. ----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com
How often does your peering router change IP address? For the majority of people I would expect the answer to be almost nevery/very rarely. James.
Unless your IX has an unusual amount of churn, a four hour timeout really shouldn’t be a problem. Stale records really shouldn’t be a problem as they should get overwritten with gratuitous ARPs when needed. OTOH, having the ARP be somewhat sticky can not only reduce broadcast traffic, but also preserve visibility of what was when trying to troubleshoot. I’m trying to think of a downside to a 400 second ARP timeout for an XP and I guess I’m short of creativity at the moment because I’m coming up blank. Owen
Hey,
I don't think it matters much and at any rate you can't enforce it. Someone more relevant is that MAC timeout is greater than ARP timeout. And on IXP even this is not very important, provided no one is static routing. On environments I do control, I tend to configure ARP timeout under 300s, as usually MAC timeouts are 300s. By default Cisco is 4h, JunOS is 20min, Linux is 60s. -- ++ytti
participants (5)
-
James Bensley -
Mike Hammett -
Owen DeLong -
Saku Ytti -
sthaug@nethelp.no