The entries in an ARP cache have a limited lifetime. Entries are deleted unless they are refreshed. The typical lifetime of an ARP entry is 2 minutes, but much longer lifetimes (up to 20 minutes) have been observed. You may want to verify when your Linux system does remove ARP entries automatically after a certain amount of time.
In Linux you will observe that a host occasionally sends out ARP requests to interfaces that are already in the ARP cache.
Example: Suppose that a host with IP address 10.0.1.12 has an ARP cache entry:
<10.0.1.11> is-at <00:02:83:39:2C:42>
This host occasionally sends a unicast ARP Request to MAC address 00:02:83:39:2C:42 of the form
Who has 10.0.1.11? Tell 10.0.1.12
to verify that the IP address 10.0.1.11 is still present before deleting the entry from the ARP cache.
show ip arp
-Displays the contents of the ARP cache
clear arp
-Deletes the entire ARP cache
arp IPaddress
-Adds an entry for IPaddressto the ARP cache
no arp IPaddress
-Deletes the ARP entry for IPaddressfrom the ARP cache
arp -a
arp -d IPAddress
Example: arp -s 10.0.1.12 00:02:2D:0D:68:C1
-Deletes the entry with the IP address IPAddress.
arp -s IPAddress MACAddress
-Adds a static entry to the ARP cache that is never overwritten by network events. The MAC address is entered as 6 hexadecimal bytes separated by colons.
ip neighbor flush all
-Deletes all ARP entries from the ARP cache.
