[FROG] Where do those massive ARP tables come from?

Bernd bernd at kroenchenstadt.de
Fri Jul 12 02:18:06 EDT 2019

Am 2019-07-11 14:15, schrieb Bernd:
> Am 2019-07-11 13:39, schrieb Don Slice:
>> Any chance you have a default route pointing to a local interface, or
>> have an invalid onlink route making it think destinations are local
>> when they're not?  What does you config and routing table look like?
>> Are all the extraneous arps pointing out the same interface?
> Thanks a lot, Don! Your first thought was the perfect match.
> The machines indeed had (for whatever historical reasons) a static
> route pointed onto themselves. After removing it, the switch CPU load
> dropped massively (from about 85% to less then 40%).
> I assume the blackhole never was hit by traffic that was meant to be 
> sent there?
> Now:
> funny_hostname# sh ip route a.b.c.d
> Routing entry for
>   Known via "ospf", distance 110, metric 190, best
>   Last update 00:26:58 ago
>   * n.o.p.q, via bond1.310
> Routing entry for
>   Known via "static", distance 240, metric 0
>   Last update 1d00h53m ago
>     unreachable (blackhole)

Hi again,

I did miss that deletion of that static route made A and C disappear 
from the adjacent neighbors as next hop.

So, I added it again (made sure staticd, which was introduced with FRR 
6.0, is running):

ip route a.b.c.d
ip route Null0 240

which leads to A and C showing up again on the adjacent (via OSPF) 
Switches – but instantly the problem reappears...

BB001#show ip route
Routing entry for, supernet
   Known via "ospf 1234", distance 110, metric 91, candidate default 
path, type extern 1
   Last update from a.b.c.5 on Vlan310, 00:02:04 ago
   Routing Descriptor Blocks:
     a.b.c.5, from e.f.g.227, 00:02:04 ago, via Vlan310
       Route metric is 91, traffic share count is 1
   * a.b.c.4, from a.b.c.4, 00:02:04 ago, via Vlan310
       Route metric is 91, traffic share count is 1
     a.b.c.3, from e.f.g.225, 00:02:04 ago, via Vlan310
       Route metric is 91, traffic share count is 1

In the end I got three machines peering with multiple BGP neighbours 
(full feed), and I want to have all of them announcing themselves as 
possible gateway. This should be trivial, no?

Thanks for any hint!


More information about the frog mailing list