From owner-freebsd-stable@FreeBSD.ORG  Mon Sep 19 18:54:23 2005
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
X-Original-To: freebsd-stable@freebsd.org
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 1475B16A41F
	for <freebsd-stable@freebsd.org>; Mon, 19 Sep 2005 18:54:23 +0000 (GMT)
	(envelope-from matt@fruitsalad.org)
Received: from mandarin.fruitsalad.org (pc117.net160.koping.net
	[81.16.160.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id A1AC043D46
	for <freebsd-stable@freebsd.org>; Mon, 19 Sep 2005 18:54:22 +0000 (GMT)
	(envelope-from matt@fruitsalad.org)
Received: from [192.168.15.15] (helo=[192.168.15.15])
	by mandarin.fruitsalad.org with esmtp (Exim 4.34 (FreeBSD))
	id 1EHQmS-000861-8t; Mon, 19 Sep 2005 20:54:20 +0200
From: Matt Douhan <matt@fruitsalad.org>
Organization: fruitsalad.org
To: freebsd-stable@freebsd.org
Date: Mon, 19 Sep 2005 20:54:10 +0200
User-Agent: KMail/1.8.91
References: <OFA8BFF797.1DD8840D-ON86257081.00603FB8-86257081.00603FBB@ecarecenters.com>
In-Reply-To: <OFA8BFF797.1DD8840D-ON86257081.00603FB8-86257081.00603FBB@ecarecenters.com>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200509192054.10745.matt@fruitsalad.org>
Cc: Colin Farley <Colin.Farley@ecarecenters.com>
Subject: Re: Gratuitous ARP
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Sep 2005 18:54:23 -0000

On Monday 19 September 2005 19:31, Colin Farley wrote:
>    1.&nbs=p; Set the arp cache timeout of the cisco router very low so
>    that outages a=re minimal.  I would rather not do this as it will
>    problably stress th=e router too much.  Unfortunately I know little
>    about cisco devices so=I really cant figure this one out, does anyone
>    think that this is a bad th=ing?  Can you tell a cisco device not to
>    cache arp entries on just the=internal interface?  The subnet
>    currently consists of about 25 hosts =so this may not be so bad after
>    all?

Depending on your Cisco router model you will not have any issues whatsoever 
lowering the timeout to really low, in the region of a few seconds.

even an old 25xx device would be to handle that without problems.


>
>    2.  Run an ANT task to =clear the cache on the cisco device, this
>    task can become part of the UCARP=scripts.  This may be a good
>    solution but security is a concern.

This would be very very bad, cause no matter how you do it the security 
concern would be severe.

-- 
Matt Douhan
www.fruitsalad.org
(remember, amateurs built the Ark, professionals built the Titanic)