force a refresh arp caches

Question

Hi,  
&nbsp;  
&nbsp; Is there a way to force a refresh the arp caches of devices to which an LTM is connected ? until now the only way I know is to reboot the LTM.   
&nbsp; For example, I was configuring today one of our LTM (ID 1) boxes that was missing a pool and a virtual server of the LTM (ID 2) where we were doing some tests (they're not in H.A. for now until we finish some tests). Both LTM's are connected to the same network, so I created the pool and created the virtual server in disabled state so it wouldn't interfere with the same virtual server of the LTM ID 2, or I thought it would be that simple. But even if the virtual server was disabled, it seems the LTM ID 1 broadcasted the virtual server's IP with the arp address of the vlan it is connected to, thus making it impossible for a client to contact the virtual server on the LTM ID 2 where it was originally running. Even after deleting the virtual server on LTM ID 1 the traffic was still being directed to the new virtual server, and the only way to fix this was rebooting the LTM ID 2 so it would broadcast the virtual server address as it's own again. 
&nbsp;   
&nbsp; That's just one example of the many times I have come across this problem and it's silly to have to reboot the LTM just for a change like that one, there must be a way, right ? or what happens when both LTM are configured in H.A. when the active box goes offline and the standby one becomes active ?

the_bhattman · Answer

Have you tried MAC Masquerading.

juan_baptiste_4 · Answer

Posted By cmbhatt  on  03/16/2009 2:51 PM 
&nbsp; Have you tried MAC Masquerading.   &nbsp; 
&nbsp;  
&nbsp; No because that's with H.A. and here I'm not using it and I'm having the problem. Another scenario where this have occured too is when chaging a self IP, any device won't see the new IP until I reboot the LTM.

the_bhattman · Answer

On the LTM under Network &gt;&gt; ARP &gt;&gt; Dynamic List there you will see the arp table.  You can select all the ip addresses associated with the MAC and select delete.  
&nbsp;  
&nbsp;  
&nbsp; Also which version of of the v9.x software are you using? 
&nbsp;  
&nbsp; Hope this helps 
&nbsp;  
&nbsp; CB &nbsp;

juan_baptiste_4 · Answer

Posted By cmbhatt  on  03/16/2009 4:18 PM  
&nbsp; On the LTM under Network &gt;&gt; ARP &gt;&gt; Dynamic List there you will see the arp table.  You can select all the ip addresses associated with the MAC and select delete.    
&nbsp; Also which version of of the v9.x software are you using?   
&nbsp; Hope this helps   
&nbsp; CB   
&nbsp; &nbsp;  
&nbsp; I tried that but form command line using arp -d but it doesn't work, as the problem as I see it is that other devices know the Virtual Server address with the wrong mac address and they need to be told that the mac of that IP address has changed. Somehow that's what happens when the LTM is rebooted. 
&nbsp;  
&nbsp; I'm using LTM 9.4.6.

the_bhattman · Answer

taking a step back if you are not configured for HA then I am assuming you must have configured it for Active-ACtive. 
&nbsp;  
&nbsp; ***Excerpt from the LTM Network Guide*** 
&nbsp; For an active-active system, suppose that when you initially ran the Setup 
&nbsp; utility on unit 1, you specified 11.12.11.3 as the internal floating IP address, 
&nbsp; and when you ran Setup on unit 2, you specified 11.12.11.4 as its internal 
&nbsp; floating IP address. When you synchronize the configurations later, 
&nbsp; 11.12.11.3 should appear on both units as the floating IP address belonging 
&nbsp; to unit 1, and 11.12.11.4 should appear on both units as the floating IP 
&nbsp; addresses belonging to unit 2. 
&nbsp; Then, if unit 1 fails over: 
&nbsp; • Unit 2 assumes the internal floating IP address of unit 1 (11.12.11.3). 
&nbsp; • The back-end servers that normally send traffic to the internal address 
&nbsp; 11.12.11.3 on unit 1 continue to send their traffic to that same address, 
&nbsp; even though this incoming traffic is now processed by unit 2. 
&nbsp; • The back-end servers that normally send traffic to the internal address 
&nbsp; 11.12.11.4 on unit 2 continue to send their traffic to that same address. 
&nbsp; Conversely, if unit 2 fails over: 
&nbsp; • Unit 1 assumes the internal floating IP address of unit 2 (11.12.11.4). 
&nbsp; • The back-end servers that normally send traffic to the internal address 
&nbsp; 11.12.11.4 on unit 2 continue to send their traffic to that same address, 
&nbsp; even though this incoming traffic is now processed by unit 1. 
&nbsp; • The back-end servers that normally send traffic to the internal address 
&nbsp; 11.12.11.3 on unit 1 continue to send their traffic to that same address. 
&nbsp;  
&nbsp; If your LTM is not configured for Active-Active in this manner then yes it will never work until the unit is reloaded. Because one LTM thinks it's active over the other. 
&nbsp;  
&nbsp; Under HA the unit ID's are not used because they know the state of each other since they share a single common floating address. 
&nbsp;  
&nbsp; CB 
&nbsp;  &nbsp;

Forum Discussion

force a refresh arp caches

7 Replies

Recent Discussions

ASM Policy in "Blocking" Mode switch to "Transparent" for some IP's

F5 WAF/ASM block users that trigger too many violations by source ip/device id using the correlation logs

redirect not working

When F5OS r2800 appliance reboots, interfaces configured at tenant level for VLAN are lost

HIRE ADRIAN LAMO HACKER TO RECLAIM LOST CRYPTOCURRENCY

Related Content

Distributed caching of authentication requests with NGINX Ingress Controller

Force No Cache on Response

What are You a Force For?

Brute Force protection for single parameter like OTP

DNS Caching