Let me preface this by saying I am not a network engineer, but I play one at work because that's how it goes. I inherited this environment, there were some extremely bad choices made in the past (they created loops, large subnets [/23]).
We had seen a lot of broadcast traffic coming over a link from our old DR location, there is as MAN between it and the primary. They had not limited the ports to the VLAN chosen to link the two, so each side (due to again bad choices of using the same VLAN numbering) could pass broadcast traffic from one to the other. Once the ports were configured to allow only that VLAN broadcast traffic stopped on that link and my primary site calmed down quite a bit.
So here is my question:
At the "DR" site I am seeing ARP floods around every 60 seconds. Wireshark indicates these are all from the Cisco Nexus 9k (9396px). Can anyone think of why the nexus would be doing this in that interval? I have searched and scoured forums looking for what this could be, but due to my own ignorance (I am learning...) I am sure there is something I am missing.
Could it be the arp cache aging timeout?
Thanks to anyone who spends a few seconds on this, I appreciate it!
Edit:
ARP timeouts are default, 1500 seconds (25 minutes).
No comments:
Post a Comment