What is ARP?

The Address Resolution Protocol (ARP) is used to dynamically

map between Internet host addresses and Ethernet addresses.

ARP caches Internet-Ethernet address mappings.

When an interface requests a mapping for an address not in the cache,

ARP queues the message which requires the mapping and broadcasts

a message on the associated network requesting the address mapping.

If a response is provided, the new mapping is cached and any pending

message is transmitted.

ARP will queue at most one packet while waiting for a response to a

mapping request; only the most recently transmitted packet is kept.

If the target host does not respond after several requests,

the host is considered to be down for a short period (normally 20 seconds),

allowing an error to be returned to transmission attempts during this

interval.

The ARP cache is stored in the system routing table as dynamically created host routes. These routes time out periodically (normally 20 minutes after validated; entries are not validated when not in use).

Manually added entries may be temporary, static or permanent, and may be published, in which case the system will respond to ARP requests for that host as if it were the target of the request.

A static entry will not time out, but may be overwritten by network traffic, while a permanent entry will not time out and can not be overwritten.

In regards to CISCO

Basic ARP Table Entry Modes

The ARP subsystem uses the following basic ARP table entry modes to organize the ARP entries for ARP-internal processing:

Alias—This mode is assigned to an entry that has been explicitly configured by an administrator with a local IP address, subnet mask, gateway, and corresponding MAC address. Static ARP entries are kept in the cache table on a permanent basis. They are best for local addresses that need to communicate with other devices in the same network on a regular basis.

Dynamic—This mode is assigned to a dynamically learned entry that was initiated by an ARP request and is associated with an external host. Dynamic ARP entries are automatically added by the Cisco IOS software and maintained for a period of time, then removed. No administrative tasks are needed unless a time limit is added. The default time limit is four hours. If the network has a large number routes that are added and deleted from the cache, the time limit should be adjusted. A dynamic ARP entry is considered "complete" in that the entry contains the MAC address of the external host, as supplied by an ARP reply.

Incomplete—This mode is a transient mode for a dynamic ARP entry. This mode indicates an entry that was initiated by an ARP request and is associated with an external host but does not contain a MAC address.

Interface—This mode is assigned to an entry for a local IP address that has been derived from an interface.

Static—This mode is assigned to an entry that has been explicitly configured by an administrator with an external IP address, subnet mask, gateway, and corresponding MAC address. static ARP entries are kept in the cache table on a permanent basis. They are best for external devices that need to communicate with other devices in the same network on a regular basis. A static ARP entry is said to be "floating" if it is not associated with any interface when it is configured.

To maintain the validity of dynamically learned routes, the ARP subsystem refreshes dynamic ARP entries periodically (as configured or every four hours by default) so that the ARP table reflects any changed, aged-out, or removed dynamic routes.

To maintain the validity of statically configured routes, the ARP subsystem updates static ARP entries and alias ARP entries once per minute so that the ARP table reflects any changed or removed statically configured routes.

You can use the following commands to clear an ARP entry:

CISCO IOS

Clears all ARP entries

Router#clear arp

Clears ARP entries associated to an interface

Router#clear arp interface

Clears a particular ARP entry

Router#clear ip arp

Create a static ARP entry on a router

Router(config)#arp "
example:
Router(config)#arp 1.1.1.1 aaaa.aaaa.aaaa arpa

Windows (2000,XP, Vista,2003)

Clears all arp entries

Click on Start?>Run?> type the following command click ok

netsh interface ip delete arpcache

Dynamic ARP cache entries update persist for 2-20 minutes depending on the system.

Windows 2003 Server = 10 minutes 

Windows 2000 professional/Server = 10 minutes 

Windows XP = 2 minutes 

Solaris = 5 minutes

Clears a particular ARP entry

arp -d
Example
arp -d 10.1.1.2

Display arp table

arp -a

Create a static ARP entry

arp -s
Example
arp -s 157.55.85.212 00-aa-00-62-c6-09

On the Cisco IOS device run the following command to see what the current aging time is set at

show mac-address-table aging-time

To set a new time use the following commands

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

Router(config)# mac-address-table aging-time 300

Catalyst Switches

Router(config)# mac-address-table aging-time 400

The following example shows the aging time being disabled:

Router(config)# mac-address-table aging-time 0