The Journey of a Network Engineer

May 24 2011   5:56AM GMT

GRE Tunnel ARP entry never times out! – part 1



Posted by: Sulaiman Syed
Tags:
6500
AP
ARP
Cisco
dhcp
GRE
Tunnel
wireless
WLSM

I would like to clear the ARP entries automatically from the GRE tunnel made by the WLSM to the AP. here are the configurations of the tunnels.

interface Loopback1
description tunnel_source
ip address 10.x.x.1 255.255.255.255

interface Tunnel1
description TO_Wireless_Faculty
bandwidth 1000000
ip address 10.x.x.253 255.255.240.0
ip access-group deny_nbns in
ip helper-address 10.x.x.100
ip helper-address 10.x.x.101
no ip redirects
ip mtu 1476
ip pim sparse-dense-mode
tunnel source Loopback1
tunnel mode gre multipoint
mobility network-id 1
mobility trust
mobility tcp adjust-mss
mobility multicast

The output of show ip arp

show ip arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  10.x.x.114        5652   3038.5541.5214  TUNNEL Tunnel8
Internet  10.x.x.126         994   9084.0da7.e68d  TUNNEL Tunnel8
Internet  10.x.x.66          6696   dc2b.6151.9bb4  TUNNEL Tunnel5
Internet  10.xx.124        1226   8c71.f8e5.ae28  TUNNEL Tunnel8
Internet  10.x.x.68         11103   a86a.6fa7.dc11  TUNNEL Tunnel5
Internet  10.x.x.115       11206   581f.aa17.dbda  TUNNEL Tunnel8
Internet  10.x.x.70          2333   b407.f938.c36b  TUNNEL Tunnel5
Internet  10.x.x.122       13955   e4ec.1047.a562  TUNNEL Tunnel8
Issue is, that these entries never time out (we found as entries as old as 10 days). As some of the Mobile Nodes leave, and never come back. the ARP remains there for 8 days (our DHCP lease time), then when a new Mobile Node get that IP address we get a message like this

*May 22 02:24:17: %L3MM-4-DUP_IPADDR: MN 5c57.c8ed.d0ba is requesting ip 10.13.66.81 which is being used by MN 7c6d.6215.6dcd

So, i would like to make the ARP entry in the TUNNEL to expire in 8 days (exactly the same timer as the DHCP lease time or lesser). This is something that has been happening for quite some time. I would like to solve this issue for once and all.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: