Help arp problems

[jferrill]

I have a cisco 1600 router. The arp table feels up quickly causing network down time. These are the router configurations

This is the current setup
Below are a show run and show ARP from the router.



router1#sh run
Building configuration...
Current configuration:
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname router1
!

!
username Josh
ip subnet-zero
no ip source-route
!
!
!
interface Ethernet0
no ip address
no ip directed-broadcast
no ip proxy-arp
ip nat inside
shutdown
arp timeout 120
!
interface Ethernet1
ip address 68.x.x.x 255.255.255.224
ip access-group 112 out
no ip directed-broadcast
no ip proxy-arp
ip nat inside
!
interface Serial0
description ISP
ip address 68.x.x.x 255.255.255.252
no ip directed-broadcast
no ip proxy-arp
ip nat outside
encapsulation frame-relay IETF
logging event subif-link-status
logging event dlci-status-change
frame-relay lmi-type ansi
!
router igrp 1
redistribute connected
network 68.0.0.0
!
ip nat pool ISPNATPool 68.x.x.x 68.x.x.x netmask 255.255.255.224
ip nat inside source list 18 pool ISPNATPool
ip classless
ip route 0.0.0.0 0.0.0.0 x.x.x.x
!

!
line con 0
exec-timeout 120 0
transport input none
line vty 0 4
exec-timeout 0 0
password
login local
!
end
_____________________________________________

router1#clear arp
router1#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 68.x.x.x - 0010.7bdf.2af7 ARPA Ethernet1
Internet 68.x.x.x - 0010.7bdf.2af7 ARPA Ethernet1
Internet 68.x.x.x - 0010.7bdf.2af7 ARPA Ethernet1
Internet 68.x.x.x 0 0040.1014.5890 ARPA Ethernet1
Internet 68.x.x.x 0 0040.1014.5890 ARPA Ethernet1
Internet 68.x.x.x 0 0040.1014.5890 ARPA Ethernet1
router1#


_________________________________________________
The only address actually assigned to the interface is 68.x.x.x, the .194 and .195 are examples of bogus entries.
The .200 is the Firewall, the .201 and .202 are defined 1 to 1 nat addresses, and the ARP entries are legitamate as the firewall should forward the traffic. If I keep defining nat addresses the ARP will keep filling up in sequence until it overlaps at .200

Other behavior, Ping is working through the router, but other services, such as our Radmin ap that runs on port 4899, is not. This may be my own misconfiguring though, and not related to the ARP problem.

Outbound everything works fine

 

[clahnum]

IGRP was created by Cisco, it only runs on Cisco routers. There is no RFC as it was never submitted to the general public for comment. How do you configure IGRP on a Cisco router?First from Global Config mode you enter the command router igrp followed by an autonomous system number, one will do. Then you have to advertise your networks using the network command, just like you do with RIP.How do you verify that IGRP is working?Examine the routing table using the command show ip route, also look for the proper configuration by using the command show running-config. You can also do some debugging and also use the command show ip interface brief to make sure your interfaces are UP and UP.

 

[tschouten]

You need to use overload command in your NAT configuration. I don't believe this is an ARP problem. Looks more like you are hitting the proverbial wall when it comes to Network Address Translation. More addresses asking for translation than space you have available for said translation.

The overload command allows NAT to use one address or pool of addresses for large amounts of use from multiple private addresses.

(Hope I made sense this cough medicine is killing my thinking)

 

[tschouten]

This is the line I am refering to:
ip nat pool ISPNATPool 68.x.x.x 68.x.x.x netmask 255.255.255.224

Should be:

ip nat pool ISPNATPool 68.x.x.x 68.x.x.x netmask 255.255.255.224 overload