Re: Arp records in solaris

[Brad Arlt <arlt () cpsc ucalgary ca>]

On Fri, Apr 11, 2003 at 04:41:35PM +0400, Edward J. Aivazian wrote:
> When I make a record with -s option, in a very short period of time
> (sometimes less than half-an-hour) this record is deleted.  One more
> article is available here, but it's in russian -
> http://www.void.ru/content/856
>
> Can anyone give a reasonable explanation to this? 

As no one has answered this yet...

I have the source but don't feel like reading through it at this time.
The arp cache flush under a default install of Solaris is 20 minutes.
The recommended value is one minute.

ndd -set /dev/arp arp_cleanup_interval 60000

As for the issue of permanence.  Are you sure it is marked as a
perminate entry in the ARP table.  If not, you have your answer.  ARP
is inserting the entry into the ARP table without the needed flag, and
normal cleanup happens.

If the ARP flag is set, ensure you are running the latest patch set.
If the problem persists, give Sun a description of the problem, quote
the same bit from the manpage, and give them the output from "uname
-a" and "showrev -p".  As there a major (though likely easy fix)
problem with the ARP routines.

But don't talk to Sun until you are running the latest patch set and 
you verify the problem again.
-----------------------------------------------------------------------
   __o          Bradley Arlt                    Security Team Lead
 _ \<_          arlt () cpsc ucalgary ca                University Of Calgary
(_)/(_)         I should be biking right now.   Computer Science