Interesting. Thanks Chris. -A
On Tue, May 13, 2014 at 6:19 AM, Chris Buechler <c...@pfsense.com> wrote: > On Sat, May 10, 2014 at 9:58 PM, Aaron C. de Bruyn <aa...@heyaaron.com> > wrote: > > > > Slightly OT, but why would they have ARP cache timeouts of four hours? > What > > benefit do you get with such high cache times as opposed to the obvious > > support calls you will get when equipment is swapped around? > > > > That's Cisco's default and others aren't too far from that generally. > I believe that's something that hasn't changed since originally > implemented decades ago. Originally, it was likely because networks > were slow and not switched, so you didn't want to chew up a lot of > bandwidth just handling ARP. As with many cases along those lines, it > got entrenched and once a vendor sets a specific default, they tend to > not want to change it. That's largely educated guessing, as I'm not > completely sure the reasoning, just that it's been like that more or > less forever. > > Yes, with modern networks, in a lot of cases it's really not sensible > to hang onto your ARP cache for hours. > > A number of cable modems are worse than 4 hours. I can think of a > handful of times over the last 7 years or so, with the most recent > being a couple months ago, where a support customer got in touch with > us after trying to move some IPs and messing with it for multiple days > and couldn't make it work. Packet capture on WAN for the affected IPs, > check the destination MAC, see something other than the firewall. Ask > "What's this X MAC?" "The old box we unplugged last week." Power cycle > cable modem, all is well. > _______________________________________________ > List mailing list > List@lists.pfsense.org > https://lists.pfsense.org/mailman/listinfo/list >
_______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list