Filter
Top Products
3-10
Cisco uBR10012 Universal Broadband Router Troubleshooting Guide
OL-1237-01
Chapter 3 Troubleshooting PRE-1 Modules
Troubleshooting Common System Problems
In addition, the Cisco CMTS router automatically monitors ARP traffic and enters the IP addresses
found in ARP requests into its own ARP table, in the expectation that a device will eventually be found
with that IP address. Unacknowledged IP addresses remain in the router’s ARP table for 60 seconds,
which means that a large volume of ARP traffic can fill the router’s ARP table.
If ARP traffic is excessive, you can try the following ways to limit this traffic:
Step 1 Disable the forwarding of ARP requests on a cable interface by using the no cable arp command in
interface configuration mode.
Step 2 Disable the use of proxy-ARP on a cable interface by using the no cable proxy-arp command in
interface configuration mode.
Note Using the no cable arp and no cable proxy-arp commands shifts all responsibility for the
management of the IP addresses used by CMs and CPE devices to the DHCP server and
provisioning system.
Another approach would be to identify the cable modems and customer premises equipment (CPE) that
are generating the ARP traffic. A simple way of doing this is by using an access list to log requests for
an unassigned IP address in the subnet being used on a cable interface.
Step 1 Reserve at least one IP address on each cable interface’s subnet and ensure that it is not being assigned
to any cable modems or CPE devices. For example, if a cable interface is using the subnet
192.168.100.0/24, you could choose to reserve IP address 192.168.100.253 for this purpose. Ensure that
the IP addresses you have chosen are not assigned to devices by your provisioning system.
Step 2 If you currently have an access list applied to the cable interface, add a line that logs requests for this
particular IP address. If you are not currently using an access list on the cable interface, create one for
this purpose. In both cases, the relevant line would be:
Router(config)# access-list
number
permit ip any host 192.168.100.253 log
where number is the number for the access-list. Change the IP address to whatever address you have
selected to be reserved for this cable interface.
Note If you are creating a new access list, ensure that the last line of the list is access-list number
permit ip any any. Otherwise, all other traffic will be blocked on the interface.
Step 3 Apply the access list to the cable interface using the ip access-group command:
Router(config-if)# ip access-group
number
in
Step 4 After applying the access list, regularly examine the message log to find the devices that are attempting
to access the reserved IP address. If a cable modem or CPE device is repeatedly sending ARP requests
or replies for this IP address, it could be part of a virus or theft-of-service attack, or it could indicate a
cable modem with defective software.
Step 5 After identifying these devices, you can further investigate the matter, and if necessary, block these
devices from further network access.