Permanant ARP entries become Unresolved

arpsolaris

We have a solution where a number of Solaris servers are in a private VLAN and no arp proxies exist in this VLAN, so to reach neighboring servers we must add static arp entries. Each other server in the subnet thats on this private vlan must be pointed at the mac address of the gateway.

#!/sbin/sh

ARP=/usr/sbin/arp

${ARP} -s  10.1.2.1 00:10:20:30:40:50 permanent
${ARP} -s  10.1.2.2 00:10:20:30:40:50 permanent
${ARP} -s  10.1.2.3 00:10:20:30:40:50 permanent
${ARP} -s  10.1.2.4 00:10:20:30:40:50 permanent
${ARP} -s  10.1.2.5 00:10:20:30:40:50 permanent

Giving us arp entries:

arp -an
Net to Media Table: IPv4
Device   IP Address               Mask      Flags      Phys Addr
------ -------------------- --------------- -------- ---------------
oce1   10.1.2.1         255.255.255.255 SA       00:10:20:30:40:50
oce1   10.1.2.2         255.255.255.255 SA       00:10:20:30:40:50
oce1   10.1.2.3         255.255.255.255 SA       00:10:20:30:40:50
oce1   10.1.2.4         255.255.255.255 SA       00:10:20:30:40:50
oce1   10.1.2.5         255.255.255.255 SA       00:10:20:30:40:50

The problem we are having that for some reason, very soon, entries will flag 'U', then become unasable before disappearing from the ARP table. No reason is seen in the usual log files. Syslog configured:

*.info;auth.none                /var/adm/messages

Any suggestion as to what the problem may be, all help gratefully received. Solaris 10, x86 is the OS.

Best Answer

My first recommendation would be to change the script to "permanent pub" instead of just "permanent".

So from this;

#!/sbin/sh
ARP=/usr/sbin/arp
${ARP} -s  10.1.2.1 00:10:20:30:40:50 permanent
${ARP} -s  10.1.2.2 00:10:20:30:40:50 permanent
${ARP} -s  10.1.2.3 00:10:20:30:40:50 permanent
${ARP} -s  10.1.2.4 00:10:20:30:40:50 permanent
${ARP} -s  10.1.2.5 00:10:20:30:40:50 permanent

To this;

#!/sbin/sh
ARP=/usr/sbin/arp
${ARP} -s  10.1.2.1 00:10:20:30:40:50 permanent pub
${ARP} -s  10.1.2.2 00:10:20:30:40:50 permanent pub
${ARP} -s  10.1.2.3 00:10:20:30:40:50 permanent pub
${ARP} -s  10.1.2.4 00:10:20:30:40:50 permanent pub
${ARP} -s  10.1.2.5 00:10:20:30:40:50 permanent pub

or just changing the script to use "arp -f filename" as intended. From the Solaris 10 arp man-page;

 OPTIONS ...
 -f    Read the file named filename and set multiple  entries
       in  the  ARP  tables. Entries in the file should be of
       the form:
           hostname MACaddress [temp] [pub] [trail] [permanent]
       See the -s option for argument definitions.

Second, temporarily increase the verbosity of syslog by changing syslog.conf settings and review what's happening.

Change syslog.conf from this;

*.info;auth.none /var/adm/messages

to this;

*.info;auth.none;*.debug /var/adm/messages

Then refresh the syslog service; svcadm -v refresh svc:/system/system-log:default

ProTIP: If you see this in the logs;

ar_entry_query: Could not find the ace for source address #.#.#.#"

Then that means that arp is dropping entries for your physical interfaces. I hit the same problem about a month ago on a few servers with...problematic interfaces, and the kernel patch (120012-14) took care of it.

If the system in question has virtual IPs and/or port-bonding configured, then there are a few other patches that will be needed.

Best Answer

Related Solutions

A strange arp issue

Bad ARP Cache static entries

Related Topic