What does ARP MISS mean when a Huawei switch is used? What s the use

Huawei's introduction goes like this:

If the destination address of the packet is in the same network segment as the Layer 3 interface address of the device, the device will normally search for ARP directly, and if the ARP entry cannot be found, the device will send the CPU to trigger the ARP-Miss process to learn ARP.

After receiving the ARP Miss message, the upper-layer software first generates a fake ARP entry and sends it to the device to prevent the same ARP Miss message from being continuously reported. Then, the upper-layer software sends an ARP request packet, and after receiving the response, it replaces the original fake entry with the learned ARP entry and sends it to the device, so that the traffic can be normal.

Dynamic ARP entries have an aging time, and the device no longer sends ARP Miss messages to the upper-layer software within the aging time. After the aging time expires, the false entries are cleared, and the corresponding ARP entries cannot be matched again when the device ** is **, and the ARP Miss message is regenerated and reported to the upper-layer software. And so on and so forth.

If the threshold value of an ARP-Miss process is exceeded within one second (5 by default), the system considers this an illegal attack packet and sends an ACL rule to the IP address, discarding all packets sent by the source IP address that need to be sent to the CPU for processing. If the system does not detect that the ARP-Miss exceeds the threshold in the packets sent by the source IP address within 50 seconds, the ACL rule automatically deletes the packets that trigger the ARP-Miss process and can continue to be sent to the CPU for processing.

In fact, it is essentially a processing method specified by RFC, if the next hop is a direct connection route, and there is no corresponding ARP entry, then the ARP query is initiated and the packet is discarded until the MAC address of the destination IP is obtained through ARP.

This is an error message generated because the switch receives an ARP request packet that cannot resolve the destination MAC address from the destination IP address. In this case, the CPU of the switch generates and delivers a large number of temporary ARP entries based on the ARP Miss message and sends a large number of ARP request packets to the destination network in an attempt to parse the destination MAC address. For details, please refer to the "Huawei Switch Learning Guide" book or the ** course recorded by the author on 51CTO.

The ARP-Miss switch is a switch module, and the switch is a network device used for electrical (optical) signals**, which can provide exclusive electrical signal paths for any two network nodes connected to the switch.

Switching is a general term for the technology that sends the information to be transmitted to the corresponding route that meets the requirements according to the needs of transmitting information at both ends of the communication and is automatically completed by manual or equipment. Switches can be divided into WAN switches and LAN switches according to different working locations. A wide-area switch is a device that completes the function of information exchange in a communication system, and it is used at the data link layer.

arp-miss means to specify the arp configuration informationarp-miss arp miss message configuration.

After receiving the ARP Miss message, the upper-layer software first generates a fake ARP entry and sends it to the device to prevent the same ARP Miss message from being continuously reported. Then, the upper-layer software sends an ARP request packet, and after receiving the response, it replaces the original fake entry with the learned ARP entry and sends it to the device, so that the traffic can be normal.