As per RFC 826
"It may be desirable to have table aging and/or timeouts. The
implementation of these is outside the scope of this protocol."
So the ARP timeouts are vendor dependent and can very drastically from one vendor to another. Here is some information about ARP timeouts.
1) ARP timeout for Cisco 2960 switch
# show interfaces vlan 1
Vlan1 is up, line protocol is down
Hardware is EtherSVI, address is 5897.1ec9.1040 (bia 5897.1ec9.1040)
Internet address is 192.168.100.1/24
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not supported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:10:09, output 00:10:07, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
60274 packets input, 5100402 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
66629 packets output, 52011719 bytes, 0 underruns
0 output errors, 3 interface resets
0 output buffer failures, 0 output buffers swapped out
The default ARP timeout for cisco switch is 4 hrs.
It can be changed using following command :
Configuring from terminal, memory, or network [terminal]? t
Enter configuration commands, one per line. End with CNTL/Z.
cisco(config)#interface vlan 1
cisco(config-if)#arp timeout ?
cisco(config-if)#arp timeout 600
2) ARP time out for DLINK switch
Default value for ARP timeout is 20 sec in DLINK switch
# show arpentry
Command: show arpentry
ARP Aging Time : 20
Interface IP Address MAC Address Type
------------- --------------- ----------------- ---------------
System 192.168.100.0 FF-FF-FF-FF-FF-FF Local/Broadcast
System 192.168.100.167 00-1B-11-11-BD-41 Local
System 192.168.100.255 FF-FF-FF-FF-FF-FF Local/Broadcast
Total Entries : 3
Command to change the ARP entry time out value in DLINK switch
Command: config arp_aging
Next possible completions:
DES-3026:4#config arp_aging time
Command: config arp_aging time
Next possible completions:
DES-3026:4# config arp_aging time 600
3) Linux Fedora core 16
Default ARP timeout value in LInux is 60 sec
can be changed at /proc/sys/net/ipv4/neigh/eth1/gc_stale_time
- gc_stale_time (since Linux 2.2)
- Determines how often to check for stale neighbor entries. When a neighbor entry is considered stale, it is resolved again before sending data to it. Defaults to 60 seconds.
- gc_thresh1 (since Linux 2.2)
- The minimum number of entries to keep in the ARP cache. The garbage collector will not run if there are fewer than this number of entries in the cache. Defaults to 128.
- gc_thresh2 (since Linux 2.2)
- The soft maximum number of entries to keep in the ARP cache. The garbage collector will allow the number of entries to exceed this for 5 seconds before collection will be performed. Defaults to 512.
- gc_thresh3 (since Linux 2.2)
- The hard maximum number of entries to keep in the ARP cache. The garbage collector will always run if there are more than this number of entries in the cache. Defaults to 1024.
It was difficult to find about XP. For windows 2000 i got following lines from the link given at reference.
Windows 2000 adjusts the size of the ARP cache automatically to meet the needs of
the system. If an entry is not used by any outgoing datagram for two minutes, the entry is
removed from the ARP cache.Entries that are being referenced are given additional time, in two minute increments,
up to a maximum lifetime of 10 minutes.After 10 minutes, the ARP cache entry is removed and must be rediscovered using
an ARP Request frame. To adjust the time an unreferenced entry can remain in the ARP cache, change the
value of the ArpCacheLife and ArpCacheMinReferencedLife registry entries.
So the default value looks like is 2 min.
5) For brocade switch the default value is 10 min.
command to enable aging time
ip arp-aging-timeout value
no ip arp-aging-timeout
The ARP ageing time is different from the MAC bridge learning time or the MAC table time . If there is mismatch between the MAC bridge learning table and ARP ageing time , it can result in unicast flood. So normally , its better if the ARP aging time is less than the bridge learning table time ( in Linux this value is 300 sec or 5 min can be seen using brctl command)
ARP table and MAC table discussions