Hello,
We are running EX3300-48T - Junos-12.3R11.2. After binding multiple /24s on multiple vlans on the same switch, Started to notice that the newly and the old assigned IPs are not pinging on multiple servers on different ports.
We checked the ARP table show arp no-resolve and not all the IPs were there, so I have cleared up the ARP table clear arp and most of the IPs started to respond again.
# run show arp no-resolve | match entries # is not exceeding the limit of 4017 whatever we do.
username@juniper# run show arp no-resolve | match entries
Total entries: 3971
Then we searched for this range: 192.168.1.0/24, where the server assigned to it was down
username@juniper# run show arp no-resolve | match 192.168.1
{master:0}[edit]
Then started the server again, the number raised up to the same limit of 4017
username@juniper# run show arp no-resolve | match entries
Total entries: 4017
{master:0}[edit]
And only few of the IPs were shown
username@juniper# run show arp no-resolve | match 192.168.1
macaddress 192.168.1.9 vlan.131 none
macaddress 192.168.1.13 vlan.131 none
macaddress 192.168.1.29 vlan.131 none
macaddress 192.168.1.42 vlan.131 none
macaddress 192.168.1.54 vlan.131 none
macaddress 192.168.1.81 vlan.131 none
macaddress 192.168.1.91 vlan.131 none
macaddress 192.168.1.103 vlan.131 none
macaddress 192.168.1.104 vlan.131 none
macaddress 192.168.1.116 vlan.131 none
macaddress 192.168.1.140 vlan.131 none
macaddress 192.168.1.156 vlan.131 none
macaddress 192.168.1.179 vlan.131 none
macaddress 192.168.1.193 vlan.131 none
macaddress 192.168.1.199 vlan.131 none
macaddress 192.168.1.201 vlan.131 none
macaddress 192.168.1.227 vlan.131 none
macaddress 192.168.1.239 vlan.131 none
macaddress 192.168.1.244 vlan.131 none
- Arp statistics
show system statistics arp
fpc0:
--------------------------------------------------------------------------
arp:
149291335 datagrams received
33571473 ARP requests received
108007342 ARP replies received
342919782 resolution request received
0 unrestricted proxy requests
0 restricted proxy requests
0 received proxy requests
0 unrestricted proxy requests not proxied
0 restricted proxy requests not proxied
0 datagrams with bogus interface
0 datagrams with incorrect length
0 datagrams for non-IP protocol
0 datagrams with unsupported op code
0 datagrams with bad protocol address length
0 datagrams with bad hardware address length
0 datagrams with multicast source address
147499 datagrams with multicast target address
0 datagrams with my own hardware address
1342124 datagrams for an address not on the interface
274 datagrams with a broadcast source address
1404642 datagrams with source address duplicate to mine
1242680 datagrams which were not for me
2788 packets discarded waiting for resolution
125 packets sent after waiting for resolution
1818267175 ARP requests sent
33571474 ARP replies sent
0 requests for memory denied
0 requests dropped on entry
0 requests dropped during retry
0 requests dropped due to interface deletion
0 requests on unnumbered interfaces
0 new requests on unnumbered interfaces
0 replies for from unnumbered interfaces
0 requests on unnumbered interface with non-subnetted donor
0 replies from unnumbered interface with non-subnetted donor
0 arp packets rejected as family is configured with deny arp
0 arp response packets are rejected on mace icl interface
1634 arp replies are rejected as source and destination is same
0 arp probe for proxy address reachable from the incoming interface
0 arp request discarded for vrrp source address
0 self arp request packet received on irb interface
0 proxy arp request discarded as source ip is a proxy target
71669 arp packets are dropped as nexthop allocation failed
0 arp packets received from peer vrrp rotuer and discarded
0 arp packets are rejected as target ip arp resolve is in progress
0 grat arp packets are ignored as mac address is not changed
0 arp packets are dropped from peer vrrp
3501998 arp packets are dropped as driver call failed
0 arp packets are dropped as source is not validated
What is the probability of it's being limited to 4017? Should not we expect at least 3971+254=4225 entry, not 4017 and the other IPs in the range should show up? And if it's limited, how to raise it?
Thanks,
#limits#mac-address#Juniper#arp