WatchGuard M400 - ARP limit

I have a WatchGuard M400 in production right now, and it has precisely 1000 ARP entries. Does anyone know what is the limit of the ARP table? Should I be worried, that it has such a specific number :P

I couldn't find it in any documentation. https://19216801.onl/

Comments

  • No idea what the limit is.
    However, you should not be worried.
    If the limit gets exceeded, the least recently used ARP entries will be removed until the table fill size gets down to a desired threshold.

    You can periodically clear the ARP cache, and the firewall will still run fine. ARP entries will added as needed.

    The only concern is if one has a max ARP cache table size which is so low that the limit is reached almost continually. Doubtful that this would be the case for any of the WG firewalls.

    Perhaps James will comment here.

  • james.carsonjames.carson Moderator, WatchGuard Representative

    @ucaoemili95 @Bruce_Briggs
    There isn't a hard limit per-se, although as Bruce pointed out, ARP entries are very short duration so they'll pop in and out as needed. There is a point where the firewall will run out of memory to store new entries, but it's far more likely that something like a proxy would try to use that memory before an ARP entry grabbed that last bit of RAM.

    The firewall does have a connection limit (3.8 million for the M400) which is based on what that specific piece of hardware can handle. You can see your current connection count in the FSM front panel, or the WebUI front panel. Most customers don't get anywhere near the max number.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.