Static ARP entry through ui?
-
Unfortunately my WAN is dynamic. So it looks like shellcmd is my best option.
I agree this solution is not ideal. The real problem is my ISP does not filter the WAN traffic and someone else is sending fake ARP packets on the WAN. Manually setting the ARP to my ISP's gateway fixes this.
-
@lanrat said in Static ARP entry through ui?:
someone else is sending fake ARP packets on the WAN
Seems like something I would contact the isp about.
-
@johnpoz I have many times. Unfortunately they don't seem to understand or care. Its a small community ISP.
-
@lanrat so if you don't set static arp - and send traffic to this fake one.. Does it not go anywhere? Or does it actually still work? I would have to assume it someone trying to route traffic through themselves for nefarious reasons - or some sort of misconfig. If a misconfiguration, wouldn't all their other customers not smart enough to set a static arp be down?
Would you mind sharing what the correct mac is, and what you consider the bad/fake one? You sure its not just some sort of hsrp, carp or vrrp sort of thing? Where the isp has a HA pair setup?
Maybe they don't care because they think your crazy ;) And they have some sort of ha setup and your just setting static to one of the physical mac vs the vip?
-
What type of connection do you have? Do you have a MAC address for the bogus ARP packets?
-
I use a local WISP.
This affects all the users in my building.The ISP's official solution to this is: "keep rebooting your modem until you get the correct WAN IP." I was not amused.
The OUI for the MAC being broadcast is for a netgear router. I think some user plugged their routers LAN port into the ISP's connection. And since the ISP does no filtering on the WAN, everyone gets the netgear router's DHCP leases along with the ISP's. But since the netgear router is in the building, it usually wins the race-condition. (this is my best guess giving the information I have).
I could also set the DHCP client to only accept leases from the correct DHCP server, but this would only work for IPv4 and not IPv6. (which is also being broadcast by both the ISP and random netgear router)
-
To add: I have very low confidence in my ISP.
Most of their backend infrastructure is using default passwords and some is publicly exposed to the internet.
I've complained to them countless times about this but they just say they will look into it. Its been 2+ years since I first reported this to them, with no action taken. I don't expect them to change anything, and unfortunately I have no (practical) choice in ISP.
-
@lanrat said in Static ARP entry through ui?:
The ISP's official solution to this is: "keep rebooting your modem until you get the correct WAN IP." I was not amused.
Ouch.
You have any idea what the other device is? Is it giving you an IP in the same/correct subnet?
You can set the WAN to reject leases from an IP if it's just some other customers badly configured router.
Steve
-
@lanrat said in Static ARP entry through ui?:
To add: I have very low confidence in my ISP.
hehe - sorry to laugh, but man that sucks! You have any idea how many customers in the building? Maybe it would be possible to involve the building management to track down this bad netgear device?
-
Yikes that is ugly.
If it's that badly configured, have you tried logging into that random device with default credentials and turning off DHCP? :-)
