RtrArpProc Message seen in Syslog

Error seen in syslog
RtrArpProc[6]MAC address for has changed from c8-1e-e7-e2-8f-f4 to 6c-72-e7-5c-31-a1 [ARP rcvd on: ge.6.40]
RtrArpProc[6]MAC address for has changed from 6c-72-e7-5c-31-a1 to c8-1e-e7-e2-8f-f4 [ARP rcvd on: ge.6.40]
  • S-Series
  • All Firmware
These messages represents a Gratuitous ARP packet received and processed by the router.
Here is an example of a CLI session demonstrating the fix:
S4(su-router-config)->interface vlan 100

S4(su-router-config-intf-vlan.0.100)->no ip gratuitous-arp-learning
S4(su-router-config)->show ip interface vlan 100

Vlan 100 is Admin UP
Vlan 100 is Oper UP
IP Address Mask
Frame Type ARPA
MAC-Address 0011.8816.2794
ip access-group 100 in
ip access-group 100 out
IP Helper Address is not Set
MTU is 1500 bytes
ARP Timeout is 14400 seconds
Proxy Arp is Enabled
Gratuitous arp learning is not set
ICMP Re-Directs are enabled
ICMP Unreachables are always sent
ICMP Mask Replies are always sent
Policy routing disabled

At Layer-2 so the packets are forwarded as a flow (set in hardware) rather than soft-path (using CPU) you also want to set the path where the multicast mac addresses will be learned on:
set mac multicast 03:22:33:22:33:22 100 ge.3.2;ge.3.4
set mac unicast-as-multicast enable
You will want to set this up on the core router, as well as downstream switches and use the ports that are facing the path towards the NLB servers

Additional notes
The above setup will prevent soft-path forwarded packets on the layer-2 domain for each NLB and will prevent excessive spike for "switch packet processing" caused by flooded multicast traffic.



