Declan,
If this is a new IP address you are bringing up for a static internal address, you should be able to force the router to update by sending a packet from the internal address to the router. In order to reply to an unknown IP the router will have to ARP for the MAC address and FW-1 should reply. If the address is already known by the router then you either have to get the ISP to flush the table or wait until it times out.
If you ISP can't accommodate you, I'd notify your users that the Internet connection is going down for a short period of time and reset the router yourself. If your ISP calls to complaint you can always pull a politician -- "I can neither confirm nor . . ." ;-]
-- Bill Stackpole, CISSP
| declan mckibben <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED] 06/28/00 04:52 AM
|
To: [EMAIL PROTECTED] cc: Subject: arp cache |
Hi, whenever I make a new nat rule in fw-1 (on the IP440 platform) I
have to wait ages for our ISP's cisco 3600 (upstream) to update its arp
cache. I don't have access to this and would be beaten badly if i
rebooted the router. What is the default interval for this cache to
update on the 3600 and is there a way of forcing an arp cache flush?
regards
Declan
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
