Home / server / Questions / 339173
Accepted
Bill Weiss
Asked: 2011-12-09 14:00:26 +0800 CST

Should a Dell 5424 switch have an arp entry for every machine connected to it?

  • 772

I've got a Dell 5424 with about 20 machines directly attached to it. I did a ping sweep of my network (and got answers from all 20), then went to the CLI of the switch and did show arp. To my surprise, I only see two arp entries: one for my router, and one for the machine I'm SSHed into to do this work.

What the heck is going on here? It's not that there's another switch in place, these machines are directly connected to the switch. Is my expectation of all those arp entries on my switch mistaken?

If I use ping (machine) from the CLI, that machine's MAC shows up on the port I would expect it to in the arp table. The arp timeout is set to 3600, which seems a bit low to me, but is the default on this switch. The time between my ping sweep and my show arp was way lower than that.

networking dell arp dell-powerconnect

5 Answers

  1. Best Answer

    Unless a switch is doing ARP snooping, it doesn't need to care about devices that aren't directly communicating with an IP address that it owns.

    If it were the router for the subnet, then you could reasonably expect it to have an ARP entry for most of the nodes on the network (at least the ones communicating outside the subnet actively); since it doesn't sound like it is, all it needs to do is track which MAC address is behind which port and send each frame to the port that contains that MAC address. The MAC address table (translating MAC addresses to ports) is separate from the ARP table (translating IPs to MACs).

    • 7

  2. As Shane and Aaron stated, the ARP table is the ip address to MAC address mapping table and would only be populated with entries for hosts that were communicating WITH the switch, not for hosts communicating THROUGH the switch. What you're after is the MAC Address table, which is the MAC address to port mapping table, which is what the switch uses to forward frames to the correct port/host.

    • 6

  3. You probably want show mac address instead of show arp - arp is the relation of L3 (IP) to L2 (MAC) addresses, and the switch doesn't generally care about IP addresses (some caveats apply, management, etc)

    • 4

  4. PowerConnect 3448:

    SW version    1.0.1.13 ( date  20-Feb-2006 time  09:52:44 )
Boot version    1.0.0.12 ( date  04-Apr-2005 time  15:46:33 )
HW version    00.00.01

    This worked for me:

    show bridge address-table vlan 1
    • 1

  5. If you're specifically interested in the MAC addresses that correspond to the IP addresses on your network, you want your computer's arp cache, not the switch's. If that's the case, run arp -a after doing your ping sweep. As was mentioned in the other answers, the switch doesn't care about the IP addresses of hosts that are only communicating through it.

    If you have a Linux host available, check out the arp-scan utility.

    • 0