Cisco Sticky ARP
-
I am getting the error below when checking the logs on my Cisco core switch. I am not too familiar with it. Would you mind helping me out? I'd appreciate it.
397898: Apr 23 11:58:01: %IP-3-STCKYARPOVR: Attempt to overwrite Sticky ARP entry: 192.168.67.253, hw: 0003.ff11.3452 by hw: 0003.ff1e.3452
-
IWAIT,
Sticky ARP is a security feature that prevents one system from taking over another systems IP address.
Best practice is to use this security feature when you're working with a subnet using STATIC IP addresses and not DHCP. With static IPs, addresses will not be changing and Sticky ARP will not be bothersome.
If you're using DHCP, you might want to consider disabling Sticky ARP and instead use DHCP Snooping and Dynamic ARP Inspection . This will provide you with the same level of protection with Sticky ARP.
Cordially,
Ronnie Wong
Host, ITProTV