Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Refreshing ARP table

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 5.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jonnytabpni
      last edited by

      hi there

      is there any way to make pfsense update it's ARP table more frequently (or not hold a cache at all)?

      Reasons being is that I have a Repeater bridge set up between 2 dd-wrt access points which are used for connecting to a remote voip server over the pfsense IPSEC VPN. Repeater Bridge setups don't preserve the MAC addresses (so effectivly, the MAC address of the voip wifi phone appears to change while I roam between these access points). I feel this is causing a 30 second or so lag before 2 way audio returns (voice from wifi phone to other party hardly drops at all). It's possible that pfsense is sending the RTP (voice) packets to a mac address which isn't reachable anymore…

      Am I making sense?

      Cheers

      1 Reply Last reply Reply Quote 0
      • K
        ktims
        last edited by

        I replied to your other post as well, but I'll reiterate here as the post is more relevant in this context.

        What you're suggesting does make sense if the MAC of the remote host is changing frequently. I'd think that if a persistent connection is desired, that some device (either the roaming device or the device mangling its MAC) would announce a change to the network with a broadcast. If that's not happening, you can tune the caching with 'net.link.ether.inet.max_age'. I would not set it to zero (not sure it'll let you either), because you'll then be generating an arp request for every single packet that leaves your pfSense box, and arp requests are broadcasts so you'll be hugely increasing the overhead on your network (probably by several orders of magnitude). Even a cache age of a few seconds wouldn't be anywhere near as bad.

        Are you seeing a message like:

        arp: %d.%d.%d.%d moved from %x:%x:%x:%x:%x:%x to %x:%x:%x:%x:%x:%x on %s

        in the system log after/during the delays you're experiencing?

        1 Reply Last reply Reply Quote 0
        • J
          jonnytabpni
          last edited by

          Thanks for your advice. I'll do some testing later and I'll let ya know how I got on.

          Just for the record, where do I find this net.link.ether.inet.max_age setting and how do I change it? What is it set to by default?

          Cheers

          1 Reply Last reply Reply Quote 0
          • K
            ktims
            last edited by

            The default, at least on my boxes, seems to be 1200s (20m). You can set it temporarily (until reboot) with the command

            sysctl net.link.ether.inet.max_age=1200

            If you want to make it permanent, add a line to /etc/sysctl.conf

            1 Reply Last reply Reply Quote 1
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.