What are the aging time and aging mechanism of ARP entries

2

The default aging time of ARP entries is 20 minutes. You can run the arp expire-time command to change the aging time.

You can also change the number of ARP probes by running the arp detect-times command. The default number of ARP probes is 3.

When the aging time of an ARP entry expires, the device sends a probe packet to the corresponding IP address every 5 seconds. If the device does not receive any response after the specified number of probes, it deletes the ARP entry.

For example, the aging time of ARP entries is set to 60s and the number of ARP probes is set to 6.

After 60s since an ARP entry is generated, the device sends an ARP probe every 5s. If the device does not receive any response after sending six probes, it deletes the ARP entry. Therefore, the actual aging time of the ARP entry is (60 + 6 x 5) = 90s.

NOTE:
For V100R002 version, the S2700/S3700/S5700/S6700 supports the 1/2 probe time and 3/4 probe time. The numbers of probes on the two time points are both 3 and cannot be changed. For example, if the aging time is 20 minutes (1200s) and the number of ARP probes is 6, the SS2700/S3700/S5700/S6700 sends three ARP probes at an interval of 5s after 10 minutes. After 15 minutes, the S2700/S3700/S5700/S6700 also sends three ARP probes at an interval of 5s. After 20 minutes, the S2700/S3700/S5700/S6700 sends six ARP probes at an interval of 5s. If the S2700/S3700/S5700/S6700 does not receive any response, it deletes the ARP entry.

Other related questions:
Aging time of ARP entries on S series switches
For S series switches (except S1700 switches),
the default aging time of dynamic ARP entries is 1200s (20 minutes). You can run the arp expire-time  expire-time command in the system view or an interface view to configure the aging time of dynamic ARP entries. Configure the second expire-time variable as the target aging time of dynamic ARP entries.
Static ARP entries do not age.

Are dynamic DNS entries aged at intervals of the aging time or using the command
Yes. Run the reset dns dynamic-host command to clear dynamic domain name service (DNS) entries.

Aged ARP entry display on S series switches
On S series switches (except S1700 switches), aged ARP entries cannot be displayed. You can only view the current ARP table.

Firewall session aging time
Generally, you can use the default aging time of the session table. To change the aging time of the session table for a specific protocol type, run the firewall session aging-time command. For the USG2000&5000 series, you can set the service aging time on the web UI. On the web UI, choose Firewall > Service > Service Aging Time. To view the aging time of the session entries of all traffic in the current system, you can run the display firewall session aging-time command.

USG6600 ICMP session aging time
The USG2000&5000&6000 ICMP session aging time is 20 seconds. You can run the display firewall session aging-time command to view the aging time.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top