ARP/Neighbor Discovery Operation

OcNOS-SP : Layer 3 Guide : Neighbor Discovery Configuration Guide : Neighbor Discovery Configuration : ARP/Neighbor Discovery Operation

Neighbor Discovery module manages the ARP and IPv6 ND entries and provides information to other protocols, the forwarding module for their use, and reports state changes.

Neighbor Entry States

INCOMPLETE	Address resolution is in progress and the link-layer address of the neighbor has not yet been determined.
REACHABLE	The neighbor is known to have been reachable recently.
STALE	The neighbor is no longer known to be reachable (not used by higher level protocol for reachable-time) but still valid and used for forwarding. Until any control packet is sent to the neighbor, no attempt will be made to verify its reachability.
DELAY	The neighbor is no longer known to be reachable, and traffic has recently been sent to the neighbor. Rather than probing the neighbor immediately, delay sending probes for a short while to give upper-layer protocols a chance to provide reachability confirmation.
PROBE	The neighbor is no longer known to be reachable, and probes are being sent to verify reachability.
FAILED	Address resolution failed. No response received from the neighbor.

Below are timers that control the above state transitions.

reachable-time	The amount of time the entry is in REACHABLE state. The default value is 60 seconds. Once a neighbor is found, the entry is considered reachable for at least a random value between (A) and (3xA) where: A = reachable-time /2 Once entry reachability expires it moves to STALE state. The entry's reachability is extended if it receives positive feedback (ARP reply/NA).
stale-time	Determines how often to check for stale neighbor entries. The default value is 1440 seconds. Once the stale-timer expires, the entry is marked for garbage collection.
arp-aging-time	The approximate amount of time an ARP entry is valid. The default value is 1500 seconds. Aging time is configured internally as: aging-time = reachable-time + stale-time

The garbage collector runs every 60 seconds once, to clean-up the entries which have crossed STALE timeout and FAILED entries. For improved performance, the following are the additional criteria for the neighbor entries to be garbage collected (removal of the entry completely).

• The garbage collector does not run if the total number of entries is less than 2048 that conveys some STALE, and FAILED entries still exist. The entry is refreshed ONLY when higher-level protocols use it.

• The garbage collector always runs if the number of entries is more than 262144 for IPv4 and 131072 for IPv6.

The garbage collection triggers the refresh of neighbor entries which are marked to be garbage collected. A total of 3 retries with a 3 second interval is done to reach the neighbor, before declaring the neighbor as not reachable by the forwarder. During this retry period, neighbor entries are still in use for hardware forwarding. If the neighbor is still not reachable after retries (after 9 seconds), the neighbor entry is removed from hardware forwarding as well.

Last modified date: 10/16/2023