Default arp cache timeout

60 seconds

you can check it with:

cat /proc/sys/net/ipv4/neigh/ethX/gc_stale_time

and change it with

echo timeout > /proc/sys/net/ipv4/neigh/ethX/gc_stale_time

timeout is new value


I acknowledge that as I write this, this is a three year old question. But I came across this question while researching the same subject, and in the process of corroborating watchmansky's answer (https://serverfault.com/a/684381/188907), I learned a bit more about the situation, at least as it exists today.

According to https://linux.die.net/man/7/arp, the setting

gc_stale_time

effects how often the ARP cache is checked for stale entries. (Or garbage collected, hence the "gc_" at the start of the setting name.)

Meanwhile, the value

base_reachable_time_ms

actually controls how long an ARP cache entry is valid, and it defaults to 30000 milliseconds. But each new ARP cache entry will actually receive a time to live value randomly set somewhere between base_reachable_time_ms / 2 and 3*base_reachable_time_ms / 2*.

This means each new cached ARP entry will have a starting timeout between 15 and 45 seconds, unless the value of base_reachable_time_ms is changed.

This assumes that the current timeout value for a cached ARP entry is validated before use, and that the garbage collection rate does not influence the effective validity of the cache entries.

(*Confirmed by reading the code at https://elixir.bootlin.com/linux/v4.17.11/source/net/core/neighbour.c#L115)

Tags:

Linux

Debian

Arp