Phil, we're doing exactly this (pinging) for the Linksys BEFRS41 customers that have complained, until we find a way to mitigate or work around the problem.
Known options at this time: a) replace the CPE with something else (thought a customer should be able to choose their own CPE and not have this issue) b) put that ONT Ethernet port in bi-directional mode, so it can receive broadcasts (hard to manage through future changes) c) allow the FTTH gear to router (it will do the ARP to the CPE, but this breaks our path toward IPv6 because the FTTH vendor's is at least a year or two away from sufficient IPv6 support to do that). Frank -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Phil Mayers Sent: Wednesday, January 19, 2011 5:24 AM To: [email protected] Subject: Re: [c-nsp] ARP strangeness On 19/01/11 07:47, Frank Bulk - iName.com wrote: > Keegan: > > > > You're correct - without broadcast support, re-population initiated from the > 7609 is impossible. Once it's expired, the FTTH access gear's design, which > blocks broadcast traffic, makes it impossible for the CPE to respond to the I'm confused; Rodney mentioned up-thread that, in "newer" IOS, the behaviour is different than many (myself included) had assumed. If I understood him correctly: 1. At expiry - 60 seconds, attempt to renew the ARP entry via unicast 2. At expiry, attempt to renew the ARP entry via broadcast Shouldn't the first step flow through the FTTH gear fine, and renew the FDB entry? Anyway - this is vile, but have you considered pinging the CPE from a separate device as a way to keep the FDB entry alive? We do this to keep "quiet hosts" in the FDB on our switches because the mac-based-vlan implementation we're using is tied to FDB entry (not link up/down state) and if a host goes quiet (like a printer not used in 5 minutes) the FDB entry (and vlan assignment) will expiry, and unless/until the *host* sends a packet (which may be never) it's unreachable. We use "fping" every 4 minutes on 2 servers (offset by 2 minutes, so a ping arrives every 120 nseconds) for this. We extract the IP addresses from our registration database, but you could perhaps script it from a walk of the 7600 ARP table (maybe even filter by OUI or MAC of the devices you know need it?). Just a thought... _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
