ExpressRoute Missing ARP Table Entry

Question

ExpressRoute Missing ARP Table Entry

Andrew Kelly 0

When checking the health status of our ExpressRoute circuit, I can see that the secondary path is degraded. Inspection of the ARP table shows that the on-prem entry is missing. Only the Microsoft entry is visible.

I have checked with our network service provider and they tell me that the endpoint is configured correctly at their end but they can see no traffic from the Microsoft endpoint.

The Microsoft documentation states that if the on-prem ARP table entry is missing, this indicates an issue with the customer service provider. Since our service provider has confirmed correct configuration, can you please suggest other possible causes of this problem, or troubleshooting steps that could help to isolate the location of the issue?

The primary path ARP table is correctly showing both Microsoft and on-prem entries and the ExpressRoute itself is currently operational, but we experienced a failure recently because the primary path was down during a maintenance window and the secondary path was already degraded.

Andrew Kelly 0 Reputation points

2025-07-22T05:53:30.8633333+00:00

Thanks for the info. How should I go about executing the Powershell cmdlet above? It does not seem to be available in Could Shell or in the Azure Powershell modules.

In the meantime I will ask our service provider to clear the ARP cache on the router.
G Sree Vidya 4,005 Reputation points Microsoft External Staff Moderator

2025-07-22T23:25:02.78+00:00

Hi

Thanks for your update

If this command is unavailable in the Azure PowerShell. This cmdlet can run in your local machine, which needs to be installed and run from a Windows machine with administrative privileges.

Here’s how you can proceed:

Step 1: Install the ExpressRoute PowerShell Module.

Open a PowerShell window as Administrator and run:

Install``-Module -Name AzureRM.ExpressRoute -Force

Note: If you're using the newer Az module, this cmdlet may not be available. You might need to use a machine with the older AzureRM module installed.

Step 2: Authenticate and Run the Cmdlet. After installing, authenticate with your Azure account:

PowerShell Login``-AzureRmAccount

Then run the ARP info cmdlet:

Get-AzureDedicatedCircuitPeeringArpInfo -ServiceKey <your Service Key> -AccessType Private -Path Secondary

In the meantime, asking your service provider to clear the ARP cache on the router is a good step. Once cleared, try generating traffic again from your on-prem environment to Microsoft services and check if the ARP entries populate.

Please let me know if the commands above work. We are happy to help if you need any further assistance.
Andrew Kelly 0 Reputation points

2025-07-23T00:06:17.3266667+00:00
I'm unable to install the AzureRM.ExpressRoute module using the Install-Module cmdlet. It reports "no match found".

However, I have run the following command in Cloud Shell successfully:

az network express-route list-arp-tables -g xxxxx -n yyyyy --path secondary --peering-name AzurePrivatePeering

Is this is effectively the same command? I have already verified the ARP tables for both primary and secondary paths using Cloud Shell and the output is as described in my original post.

I'm still waiting on our service provider to clear the cache.
G Sree Vidya 4,005 Reputation points Microsoft External Staff Moderator

2025-07-24T19:56:25.3+00:00

Hello Andrew Kelly

Thank you for your update.

Do let me know if you have further questions, we will be happy to help:)
G Sree Vidya 4,005 Reputation points Microsoft External Staff Moderator

2025-07-28T17:45:00.9033333+00:00

Andrew Kelly

We haven't heard back from you regarding our last response and wanted to check if you had the opportunity to review our previous post.

Please let us know if you have any questions or concerns. We are happy to assist you.

1 answer

Your answer

Andrew Kelly 0 Reputation points

2025-07-22T05:53:30.8633333+00:00

Thanks for the info. How should I go about executing the Powershell cmdlet above? It does not seem to be available in Could Shell or in the Azure Powershell modules.

In the meantime I will ask our service provider to clear the ARP cache on the router.
G Sree Vidya 4,005 Reputation points Microsoft External Staff Moderator

2025-07-22T23:25:02.78+00:00

Hi

Thanks for your update

If this command is unavailable in the Azure PowerShell. This cmdlet can run in your local machine, which needs to be installed and run from a Windows machine with administrative privileges.

Here’s how you can proceed:

Step 1: Install the ExpressRoute PowerShell Module.

Open a PowerShell window as Administrator and run:

Install``-Module -Name AzureRM.ExpressRoute -Force

Note: If you're using the newer Az module, this cmdlet may not be available. You might need to use a machine with the older AzureRM module installed.

Step 2: Authenticate and Run the Cmdlet. After installing, authenticate with your Azure account:

PowerShell Login``-AzureRmAccount

Then run the ARP info cmdlet:

Get-AzureDedicatedCircuitPeeringArpInfo -ServiceKey <your Service Key> -AccessType Private -Path Secondary

In the meantime, asking your service provider to clear the ARP cache on the router is a good step. Once cleared, try generating traffic again from your on-prem environment to Microsoft services and check if the ARP entries populate.

Please let me know if the commands above work. We are happy to help if you need any further assistance.
Andrew Kelly 0 Reputation points

2025-07-23T00:06:17.3266667+00:00

I'm unable to install the AzureRM.ExpressRoute module using the Install-Module cmdlet. It reports "no match found".

However, I have run the following command in Cloud Shell successfully:

az network express-route list-arp-tables -g xxxxx -n yyyyy --path secondary --peering-name AzurePrivatePeering

Is this is effectively the same command? I have already verified the ARP tables for both primary and secondary paths using Cloud Shell and the output is as described in my original post.

I'm still waiting on our service provider to clear the cache.
G Sree Vidya 4,005 Reputation points Microsoft External Staff Moderator

2025-07-24T19:56:25.3+00:00

Hello Andrew Kelly

Thank you for your update.

Do let me know if you have further questions, we will be happy to help:)
G Sree Vidya 4,005 Reputation points Microsoft External Staff Moderator

2025-07-28T17:45:00.9033333+00:00

Andrew Kelly

We haven't heard back from you regarding our last response and wanted to check if you had the opportunity to review our previous post.

Please let us know if you have any questions or concerns. We are happy to assist you.

Answer 1

Hi Andrew Kelly

We understand you're experiencing connectivity issues with your ExpressRoute circuit, specifically with the secondary path showing a degraded status and the on-prem ARP entry missing.

If the ARP entry for on-prem is missing, it typically means no Layer 2 frames are being received from your edge router on that path.

Please review the following details to potentially resolve the issue:

Please validate the L2 configuration, use the PowerShell cmdlets to validate the ARP tables for both the primary and secondary pathways. This will confirm if any entries show up for your setup.

For private peering:

   Get-AzureDedicatedCircuitPeeringArpInfo -ServiceKey <your Service Key> -AccessType Private -Path Secondary

Ensure that you generate traffic from your on-prem environment to Microsoft services and verify if the ARP entries are populated thereafter.
You can refresh the circuit configuration via the Azure portal, which might help if there's a routing issue.
Sometimes, clearing the ARP cache on your on-prem router can help re-establish connectivity.
Refer to the information in the following Microsoft documentation links to view ARP table troubleshooting:https://learn.microsoft.com/en-us/azure/expressroute/expressroute-troubleshooting-expressroute-overview#validate-arp

https://learn.microsoft.com/en-us/azure/expressroute/expressroute-troubleshooting-arp-resource-manager

I hope this helps! If these answers your query, do click the "Upvote" and click "Accept the answer" of which might be beneficial to other community members reading this thread.

If the above is unclear or you are unsure about something, please add a comment below.

Share via

ExpressRoute Missing ARP Table Entry

1 answer

Your answer