Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco setting for automatic ip arp cache refresh

Status
Not open for further replies.

Delta5

Technical User
Oct 25, 2018
2
US
Hello,

Sorry, I only know Cisco router's basic configuration.

I have a Cisco 3945 with version 15.2.

Right now, if I switch the public IP addresses between two servers, I'll need to login to the Cisco router and run the command clear ip arp XXX.XXX.XXX.XXX in order for the Cisco router to recognize the switching of the IPs between the servers.

Is there a Cisco router setting option that I can use so I don't have to login to the router and run the clear ip arp each time I switch the IPs?

Thank you for your help,
Bernard
 
Default ARP timeout on Cisco is 4 hours. You can change that if you had to. I do not recommend it. How often do your servers change their IP addresses? Under normal circumstances clearing IP cache, as you did, is a valid task.
 
The main issue is that our router was under attack, our router was receiving unusual failed number of SSH login attempts from hundreds of different IPs, so I went ahead and turn off the SSH and Telnet login completely and I can only access the router from the datacenter that is about 1/2 hour drive. (I rarely need to access the router unless it is an emergency.)

There are situations when I need to switch the IP address of the main server to the backup server when the main server is down or acting up and I want to limit the downtime by not having to drive to the datacenter to reset the arp table.

I thought Cisco routers had a setting that the router automatically recognizes the change in the arp table and refresh that table.

Any advise on this really appreciated,
 
Try initiating the traffic from the server with the updated address, going to outside.
As a side note, telnet s/b disabled permanently and never enabled, and as for the SSH you should put an ACL and allow your outside address to be able to connect.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top