Configuring ARP
This section contains payload examples and CLIs to demonstrate how to use the NX-API REST API to configure ARP settings on Cisco Nexus 3000 and 9000 Series switches and to show how the REST APIs correspond to the CLI commands. For more information about ARP, see the Cisco Nexus 9000 Series NX-OS Security Configuration Guide.
Configuring Global ARP Settings
Configuring Global ARP Settings
POST http://<IP_Address>/api/node/mo/sys/arp/inst.json
{
"arpInst": {
"attributes": {
"allowStaticArpOutsideSubnet": "disabled",
"cacheLimit": "174080",
"offListTimeout": "180",
"rarpFabricFwding": "disabled",
"rarpFabricFwdingRate": "200",
"timeout": "1500"
}
}
}
This example configures global ARP settings.
Note: The property information for this example was added in Release 9.3(3).
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| arpInst | sys/arp/inst |
arpInst Properties
The following table contains information about the arpInst properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| allowStaticArpOutsideSubnet | nw:AdminSt (scalar:Enum8) | Allow Static ARP Outside Subnet | SELECTION: 1 - enabled 2 - disabled DEFAULT: disabled |
| cacheLimit | arp:ArpCacheLimit (scalar:Uint32) | Cache Limit | RANGE: [1 , 614400] DEFAULT: 174080 |
| offListTimeout | arp:OffListTimeout (scalar:Uint16) | Off-list timeout | RANGE: [180 , 1800] DEFAULT: 180 |
| rarpFabricFwding | nw:AdminSt (scalar:Enum8) | RARP Fabric Forwarding | SELECTION: 1 - enabled 2 - disabled DEFAULT: disabled |
| rarpFabricFwdingRate | arp:RarpForwadingRate (scalar:Uint16) | RARP Fabric Forwarding Rate | RANGE: [200 , 400] DEFAULT: 200 |
| timeout | arp:Timeout (scalar:Uint16) | ARP Global Timeout | RANGE: [60 , 28800] DEFAULT: 1500 |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:
https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:
Configuring ARP Interface Settings
Configuring ARP Interface Settings
POST http://<IP_Address>/api/mo/sys/arp/inst/dom-default/if-[eth1/2].json
{
"arpIf": {
"attributes": {
"gratuitousHsrpDup": "enabled",
"gratuitousRequest": "enabled",
"gratuitousUpdate": "enabled",
"localProxyArp": "disabled",
"proxyArp": "disabled",
"timeout": "1500"
}
}
}
This example configures ARP settings for an interface
Note: The property information for this example was added in Release 9.3(3).
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| arpIf | sys/arp/inst/dom-{name}/if-{[id]} |
arpIf Properties
The following table contains information about the arpIf properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| gratuitousHsrpDup | nw:AdminSt (scalar:Enum8) | Gratuitous ARP HSRP Duplicate | SELECTION: 1 - enabled 2 - disabled DEFAULT: enabled |
| gratuitousRequest | nw:AdminSt (scalar:Enum8) | Gratuitous ARP Request | SELECTION: 1 - enabled 2 - disabled DEFAULT: enabled |
| gratuitousUpdate | nw:AdminSt (scalar:Enum8) | Gratuitous ARP Update | SELECTION: 1 - enabled 2 - disabled DEFAULT: enabled |
| localProxyArp | nw:AdminSt (scalar:Enum8) | Local Proxy ARP | SELECTION: 1 - enabled 2 - disabled DEFAULT: disabled |
| proxyArp | nw:AdminSt (scalar:Enum8) | Proxy ARP | SELECTION: 1 - enabled 2 - disabled DEFAULT: disabled |
| timeout | arp:Timeout (scalar:Uint16) | ARP Timeout | RANGE: [60 , 28800] DEFAULT: 1500 |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:
https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:
Configuring Static Adjacency
Configuring Static Adjacency
POST http://<IP_Address>/api/mo/sys/arp/inst/dom-default/if-[eth4/2]/sadj-[192.0.20.123].json
{
"arpStAdjEp": {
"attributes": {
"ip": "192.0.20.123",
"mac": "00:01:00:01:00:01"
}
}
}
This example configures a static adjacent endpoint.
Note: The property information for this example was added in Release 9.3(3).
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| arpStAdjEp | sys/arp/inst/dom-{name}/if-{[id]}/sadj-{[ip]} |
arpStAdjEp Properties
The following table contains information about the arpStAdjEp properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| ip | address:Ip | Address | Value must match ipv4 or ipv6 known format |
| mac | address:MAC | MAC | Value must match MM:MM:MM:SS:SS:SS format |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:
https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:
Configuring Glean Throttling
Configuring Glean Throttling
POST http://<IP_Address>/api/mo/sys/arp/inst/ipgleanthrottle.json
{
"arpIpv4Throttle": {
"attributes": {
"adminSt": "enabled",
"maxPacket": "1000",
"syslog": "10000",
"timeout": "300"
}
}
}
When forwarding an incoming IP packet in a line card, if the ARP request for the next hop is not resolved, the line card forwards the packets to the supervisor. The supervisor resolves the MAC address for the next hop and programs the hardware. You can enable glean throttling rate limiters to protect the supervisor from the glean traffic.
This example configures glean throttling.
Note: The property information for this example was added in Release 9.3(3).
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| arpIpv4Throttle | sys/arp/inst/ipgleanthrottle |
arpIpv4Throttle Properties
The following table contains information about the arpIpv4Throttle properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| adminSt | nw:AdminSt (scalar:Enum8) | Glean throttle state | SELECTION: 1 - enabled 2 - disabled DEFAULT: disabled |
| maxPacket | arp:MaxPacket (scalar:Uint32) | Glean throttle packet count | RANGE: [0 , 32767] DEFAULT: 1000 |
| syslog | arp:SyslogCnt (scalar:Uint32) | Glean Throttle Syslog For Number Of Packets | RANGE: [0 , 65535] DEFAULT: 10000 |
| timeout | arp:ThrottleTimeout (scalar:Uint16) | Ipv4 Glean Throttle Timeout | RANGE: [300 , 1800] DEFAULT: 300 |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:
https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:
Configuring ARP Event Logging
Configuring ARP Event Logging
POST http://<IP_Address>/api/mo/sys/arp/inst/evtLogs-cli.json.json
{
"arpEventLogs": {
"attributes": {
"eventType": "cli",
"logSize": "large"
}
}
}
This example configures logging of ARP CLI events
Note: The property information for this example was added in Release 9.3(3).
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| arpEventLogs | sys/arp/inst/evtLogs-{eventType} |
arpEventLogs Properties
The following table contains information about the arpEventLogs properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| eventType | arp:EventType (scalar:Enum16) | Sync Event Log Type | SELECTION: 0 - cli 1 - client-events 2 - client-errors 3 - control-events 4 - internal-events 5 - internal-errors 6 - high-availability 7 - ip-sync 8 - local-cache-events 9 - local-cache-errors 10 - pkt-messages 11 - snmp 12 - suppress-events 13 - suppress-errors 14 - sync 15 - arp-controller-errors 16 - arp-dme-event 101 - adjacency-control 102 - adjacency-errors 103 - adjacency-ipc-events 104 - adjacency-stats 105 - adjacency-high-availability 106 - adjacency-cli 107 - adjacency-sdb 108 - adjacency-snmp 109 - adjacency-netbroker 110 - am-dme-event 111 - am-event |
| logSize | arp:EventLogSize (scalar:Enum8) | Sync Event Log Size | SELECTION: 0 - disabled 1 - small 2 - medium 3 - large DEFAULT: small |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:
https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:
Configuring ARP Synchronize for VPC
Configuring ARP Synchronize for VPC
POST http://<IP_Address>/api/mo/sys/arp/inst/vpc.json
{
"arpVpc": {
"attributes": {
"arpSync": "enabled"
},
"children": [
{
"arpVpcDom": {
"attributes": {
"arpSync": "enabled"
}
}
}
]
}
}
Enabling IP ARP synchronization allows faster convergence of address tables between the VPC peers.
Note: The property information for this example was added in Release 9.3(3).
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| arpVpc | sys/arp/inst/vpc |
| arpVpcDom | sys/arp/inst/vpc/dom-{domainId} |
arpVpc Properties
The following table contains information about the arpVpc properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| arpSync | NA | NA | NA |
arpVpcDom Properties
The following table contains information about the arpVpcDom properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| arpSync | nw:AdminSt (scalar:Enum8) | IP ARP Sync | SELECTION: 1 - enabled 2 - disabled DEFAULT: disabled |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:
https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:
Configuring COS for ARP Packets
Configuring COS for ARP Packets
POST http://<mgmt0_IP>/api/mo/sys/arp.json
{
"arpEntity": {
"children": [
{
"arpInst": {
"attributes": {
"ipArpCos": "1"
}}}]}}
{
imdata:[]
}
<System>
<arp-items>
<inst-items>
<ipArpCos>1</ipArpCos>
</inst-items>
</arp-items>
</System>
Note: This example was added in Release 9.3(1).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
ip arp cos 1
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| arpEntity | sys/arp |
| arpInst | sys/arp/inst |
arpInst Properties
The following table contains information about the arpInst properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| ipArpCos | arp:IpArpCos (scalar:Uint32) | COS for ARP packet | RANGE: [0 , 7] DEFAULT: 6 |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
For detailed information about classes and attributes in the payload, see the NX-API DME Model Reference: https://developer.cisco.com/media/dme/index.html
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:
Deleting COS for ARP Packets
Deleting COS for ARP Packets
POST http://<mgmt0_IP>/api/mo/sys/arp.json
{
"arpEntity": {
"children": [
{
"arpInst": {
"attributes": {
"ipArpCos": "6"
}}}]}}
{
imdata:[]
}
<System>
<arp-items>
<inst-items>
<ipArpCos>6</ipArpCos>
</inst-items>
</arp-items>
</System>
Note: This example was added in Release 9.3(1).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
no ip arp cos
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| arpEntity | sys/arp |
| arpInst | sys/arp/inst |
arpInst Properties
The following table contains information about the arpInst properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| ipArpCos | arp:IpArpCos (scalar:Uint32) | COS for ARP packet | RANGE: [0 , 7] DEFAULT: 6 |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
For detailed information about classes and attributes in the payload, see the NX-API DME Model Reference: https://developer.cisco.com/media/dme/index.html
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:
Configuring an EVPN ARP Timeout
Configuring an EVPN ARP Timeout
POST http://<mgmt0_IP>/api/mo/sys.json
{
"topSystem": {
"children": [
{
"arpEntity": {
"children": [
{
"arpInst": {
"attributes": {
"evpn_timeout": "4000"
}
}
}
]
}
}
]
}
}
{
imdata:[]
}
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="101">
<edit-config>
<target>
<running/>
</target>
<config>
<System xmlns="http://cisco.com/ns/yang/cisco-nx-os-device">
<arp-items>
<inst-items>
<evpn_timeout>4000</evpn_timeout>
</inst-items>
</arp-items>
</System>
</config>
</edit-config>
</rpc>
Note: This example was added in Release 9.3(1).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the opt-left corner of the pane on the right to view the JSON payload. Click the YANG tab to view the XML payload.
ip arp evpn timeout 4000
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| arpEntity | sys/arp |
| arpInst | sys/arp/inst |
| topSystem | sys |
arpInst Properties
The following table contains information about the arpInst properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| evpn_timeout | arp:EvpnTimeout (scalar:Uint16) | Refresh in EVPN on host moves | RANGE: [600 , 30000] DEFAULT: 600 |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:
https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:
Configuring ARP Cache Limit Per SVI Interface
Configuring ARP Cache Limit Per SVI Interface
POST http://<IP_Address>/api/mo/sys/arp/inst/dom-default/if-[vlan660].json
{
"arpDom": {
"attributes": {
"childAction": "",
"modTs": "2023-05-26T20:14:53.160+00:00",
"name": "vni-66000",
"rn": "dom-vni-66000",
"status": ""
},
"children": [
{
"arpIf": {
"attributes": {
"arpCfgFailedBmp": "",
"arpCfgFailedTs": "0",
"arpCfgState": "0",
"childAction": "",
"configError": "",
"deleteAdjOnMacDelete": "disabled",
"duplicateIpDetectionForUnnumberedSvi": "disabled",
"gratuitousHsrpDup": "enabled",
"gratuitousRequest": "enabled",
"gratuitousUpdate": "enabled",
"id": "vlan660",
"intfCacheLimit": "0",
"localProxyArp": "disabled",
"localProxyArpNoHwFlood": "disabled",
"modTs": "2023-05-26T20:14:57.290+00:00",
"proxyArp": "disabled",
"refreshTimerForMacDelete": "0",
"resolveARPOutsideSubnet": "disabled",
"rn": "if-[vlan660]",
"status": "",
"timeout": "0"
},
= = = = =
```[DME]json-Response
{
imdata:[]
}
{
"totalCount": "1",
"imdata": [
{
"arpInst": {
"attributes": {
"adjacencyCfgFailedBmp": "",
"adjacencyCfgFailedTs": "0",
"adjacencyCfgState": "0",
"adminSt": "enabled",
"allowStaticArpOutsideSubnet": "disabled",
"arpUnnumSviSwReplication": "disabled",
"cacheLimit": "1234",
"cacheSyslogRate": "1",
"childAction": "",
"configErr": "",
"ctrl": "",
"dn": "sys/arp/inst",
"evpn_timeout": "600",
"intfCacheLimit": "1234",
"ipAdjRouteDistance": "250",
"ipArpCos": "6",
"modTs": "2023-05-28T11:34:51.960+00:00",
"name": "",
"offListTimeout": "180",
"rarpFabricFwding": "disabled",
"rarpFabricFwdingRate": "200",
"resolveARPOutsideSubnet": "enabled",
"status": "",
"suppression_timeout": "0",
"timeout": "1500"
= = = = = = = = = = = =
{
"topSystem": {
"children": [
{
"arpEntity": {
"children": [
{
"arpInst": {
"attributes": {
"intfCacheLimit": "9898"
}
}
}
]
}
}
]
}
}
= = = = = =
This example configures ARP cache limit per SVI interface
Note: The property information for this example was added in Release 10.4(2).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the opt-left corner of the pane on the right to view the JSON payload for global configuration mode. Click the YANG tab to view the XML payload for interface configuraion mode.
ip arp cache intf-limit
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| arp | sys/arp/inst |
arp Properties
The following table contains information about the intfCacheLimit properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| intfCacheLimit | arpIntfCacheLimit | ARP Cache limit for all Interface | Range of valid ARP entries is 1-128000. |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:
https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide: