ARP and GARP support

The following ARP traffic processing functionality is implemented in Kaspersky NGFW:

• Configuring the lifetime of ARP entries.

  By default, the time-to-live of an ARP entry is 60 seconds. You can change the TTL of an ARP entry on the command line using the timeouts family of commands. For a description of command families and a link to the complete list of Kaspersky NGFW configuration commands, see the Managing Kaspersky NGFW using the command line document. Possible values are from 1 to 31,536,000 seconds.

• Gratuitous ARP (GARP) support.

  The device sends a GARP request under the following conditions:

  • An interface is enabled (if an IP address is assigned)
  • The MAC address of an interface changes
  • The IP address changes
  • The device takes on the active role in the cluster

ARP and GARP is supported for physical interfaces, aggregated interfaces, subinterfaces, and BVIs.

A GARP request is sent on behalf of the interface to which the IP address belongs, and allows other devices on the network to update their ARP tables without losing the connection. The delay before a GARP request is sent after an event is no more than one second.

Page top