VMware SASE Orchestrator supports Address Resolution Protocol (ARP) timeout configuration to allow the user to override the default timeout values of the ARP table entries. VMware SASE Orchestrator allows configuration of three types of timeouts: Stale, Dead, and Cleanup. The default values for the various ARP timeouts are Stale: 2 minutes, Dead: 25 minutes, and Cleanup: 4 hours.

To override the default ARP timeouts at the Profile-level, perform the following steps:

Procedure

  1. In the SD-WAN service of the Enterprise portal, go to Configure > Profiles.
    The Configuration Profiles page appears.
  2. Click the link to a Profile for which you want to override ARP timeouts or click the View link in the Device column of the Profile.
    The Device tab displays the configuration options for the selected Profile.
  3. Under the Connectivity category, click ARP Timeouts.
  4. To override the default ARP timeouts, select the Override default ARP Timeouts check box.
  5. Configure the various ARP timeouts in hours and minutes as follows:
    Note: ARP Stale Timeout must be less than ARP Dead Timeout. ARP Dead Timeout must be less than ARP Cleanup Timeout.
    Field Description
    ARP Stale Timeout

    When an ARP’s age exceeds the Stale time, its state changes from ALIVE to REFRESH. At the REFRESH state, when a new packet tries to use this ARP entry, the packet will be forwarded and also a new ARP request will be sent. If the ARP gets resolved, the ARP entry will be moved to the ALIVE state. Otherwise the entry will remain in the REFRESH state and the traffic will be forwarded in this state.

    The allowable value ranges from 1 minute to 23 hours and 58 minutes.
    ARP Dead Timeout

    When an ARP’s age exceeds the Dead time, its state changes from REFRESH to DEAD. At the DEAD state, when a new packet tries to use this ARP entry, the packet will be dropped and also an ARP request will be sent. If the ARP gets resolved, the ARP entry will be moved to ALIVE state and the next data packet will be forwarded. If the ARP is not resolved, the ARP entry will remain in the DEAD state. In the DEAD state, traffic will not be forwarded to that port and will be lost.

    The allowable value ranges from 2 minutes to 23 hours and 59 minutes.
    ARP Cleanup Timeout

    When an ARP’s age exceeds the Cleanup time, the entry will be completely removed from ARP table.

    The allowable value ranges from 3 minutes to 24 hours.
    Note: The ARP timeout values can only be in increasing order of minutes.
  6. Click Save Changes.

What to do next

At the Edge-level, you can override the inherited ARP Timeouts for specific edges. For more information, see Configure Address Resolution Protocol Timeouts for Edges.