The Gratuitous ARP cont…

12 May

Continuing on with working out what is involved with the Gratuitous ARP.

Secondly, it appears that the windows neighbor-cache (arp-cache) is only updated if the machine can no longer talk to the machine that is in it’s cache currently. It does not send out occasional ARP requests to make sure the cache is not stale.

This is the real issue faced in our current example. With the other systems not updating their cache’s in a timely manner (in this case, a couple of seconds is the most it can be down), we’ve effectively black holed the new server, IP wise.

Apparently, this is a known change in how Windows Server 2008 handles ARP Caching. Although, it seems that it is not a highly publicized change, but there is a very good Technet article on the change. The fundamental change is to the SPA field being set to This way the ARP or neighboring cache’s are not updated with incorrect information. A more thorough analysis of a real example can be found here,

The next part will look more into what are the current ways to get around this issue.

Leave a comment

Posted by on May 12, 2012 in The Chain


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: