Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Arpwatch flip flop with bridge

    Scheduled Pinned Locked Moved L2/Switching/VLANs
    1 Posts 1 Posters 406 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      logan893
      last edited by

      I have two independent pfSense servers on my network.

      pfSense1 is reporting Arpwatch detected flip flop, almost like clockwork every 19 minutes, for pfSense2.

      pfSense2 has two LAN interfaces, LAN1 (10Gb) and LAN2 (1Gb), which are bridged, and LAN2 has a VLAN (LAN2.VLAN). Each of LAN1, LAN2, and LAN2.VLAN have their own IP addresses on separate subnets. LAN2.VLAN shares the same MAC address as LAN2. The bridge has no assigned IP address.

      pfSense2 LAN1 shares the same subnet as LAN on pfSense1, but access is via the bridge and the LAN2 physical interface. (The reason is there are services on the 10Gb LAN1 side

      It seems from pfSense1 point of view the MAC address of the LAN1 IP is typically the ARP address for pfSense2 LAN1, but every 19 minutes it flips to LAN2 and back to LAN1 right away.

      Is this expected for my (perhaps unorthodox) situation? Anything I can change on pfSense2 to fix this, or will I need to suppress flip flop for the specific ARP addresses?

      (There doesn't seem to be a way to suppress a flip flop pair, so I'd have to crudely suppress each of the two addresses?)

      1 Reply Last reply Reply Quote 0
      • R rcoleman-netgate moved this topic from General pfSense Questions on
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.